Sure. SecretSync installs a tunnel folder that goes inside your Dropbox. Files are encrypted before being put in here. The tunnel folder is inside Dropbox to allow it to sync your encrypted files to your other devices.
When SecretSync installs, we add a file README.txt to your SecretSync folder. It's just a text file with a few suggestions for use. If you open it in the tunnel folder, you will see that the file is encrypted, that is, unreadable.
Here's what ours looks like, in the Secretsync folder, where we can view it, and in the tunnel folder, where it's encrypted. Click it to see it full size:
The tunnel folder is a special folder that is inside your Dropbox folder. If you've used Dropbox before, you know that anything you put under the Dropbox folder gets synchronized.
Note: Do not put files directly in the tunnel folder. SecretSync expects the files placed in this folder to be encrypted, and will fail if it encounters an unencrypted file. Use the special SecretSync folder for managing your files.
The tunnel folder is how SecretSync uses Dropbox to accomplish synchronization. The process basically works as follows.
In this manner we've achieved encrypted transport of your sensitive files. No file was ever 'in the cloud' without being encrypted first.
We were wanting to solve the problem of allowing users, perhaps less technical ones, to have client-side encryption without having to manage keys between computers.
We're a completely separate entity from Dropbox. We provide your encryption key dynamically to each computer where you've installed SecretSync.
We have absolutely no access to your files. SecretSync encrypts your files locally on your computer, using the key we provide. After the files have been encrypted, SecretSync puts the encrypted files in Dropbox, which syncs them.
So although we know the key, we have no access to your files. Dropbox has your files, but they're encrypted. In this way, even less technical users can get a much higher level of privacy without worrying about keys.
For more technical users, the passphrase allows you to achieve complete privacy by providing a key or passphrase that only you know.
Here's how it works:
If you choose to use a passphrase, your passphrase is stored locally on your computer. You're the only one with access to it. When SecretSync starts, it downloads the encryption key assigned to your account from our servers. On your computer, it uses a one-way SHA-256 hash function to combine your passphrase with the encryption key we provide. So when you use your own passphrase, our encryption key effectively becomes a 'salt' for your passphrase.
PBKDF2 is applied to generate a strong derived key, even if you provide a weak passphrase, like your password.
The passphrase can be any value, including your own encryption key. If you provide an actual encryption key here, e.g. a 256-bit truly random value, you've achieved a level of encryption that depends entirely on your private encryption key, since this is known only to you.
By default, SecretSync installs its folder under the user's profile directory.
E.g. on Windows 7, this is
If you want to relocate this to a different directory, do the following:
Go to Start Menu - SecretSync - SecretSync Log
In the Log View app, click "Stop sync".
In Explorer, open your user directory and browse to the SecretSync application folder under AppData (or "Application Data" on XP), e.g.
In the above folder use WordPad (Notepad doesn't handle the line endings well) to open the "config.txt" file.
(Note: You should probably make a copy of "config.txt" before proceeding.)
In WordPad, find the "src" line, which should look similar to the below:
sync 1 src C:\Users\<username>\SecretSync\Root
Change the path on the "src" line to the full path that you want SecretSync to use for storing the accessible files, that is the files you use.
Yes, you can use SecretSync with any synchronization product that uses a local folder on your computer. We have users who use SugarSync rather than Dropbox. Since both tools behave in basically the same way, i.e. picking up changes in a regular folder on your computer, SecretSync is compatible with either.
During the SecretSync installation, when you are prompted for the location of the Dropbox folder, simply choose the "Magic Briefcase" folder that SugarSync utilizes:
If you use a different sync program that works similarly, do the above step and point to that programs sync folder.
Our service provides a key for you on-demand, even if you specify your own passphrase or key. So you may wonder what would happen, say, if we were to go out of business and your key was no longer retrievable from our servers.
The answer is that you would still have access to your files, since they are stored on your computer, unencrypted, in the SecretSync folder. Only the files in the tunnel folder under Dropbox would be inaccessible in this scenario. But those are merely encrypted copies of the files in the SecretSync folder.
So the only way for you to lose all your files irrevocably would be if (1) we go out of business and shut off our service, (2) your computer crashes or is destroyed and the files in the SecretSync folder cannot be retrieved, and (3) both of the prior happen simultaneously.
If you use SecretSync to sync more than one computer, the loss of your data is even less likely. In the case where you have two computers synchronizing securely with SecretSync, both computers would have to fail and we would have to cease providing the key from our website all simultaneously. Which I think you can agree is highly unlikely.
Also, if we went out of business, this would more realistically happen with some sort of warning, and we would first notify our users of a cutoff date prior to shutting our service.
If you have forgotten your password you can request a reset email from the following link:
You will receive a reset email at the addess you signed up with that will allow you to enter a new password. If you have any issues, send us a support request here.
If SecretSync encounters a file that has changed in the SecretSync folder and the same file has changed simultaneously in the tunnel folder, it cannot decide which version to keep.
This is because, in the case where multiple people are using the same
SecretSync account, two people may edit the file at the same time, and both
edits may need to be kept. SecretSync plays it safe and keeps both versions.
One copy is assigned a
extension, and the other is left with the original filename.
For example, if
filename.xls is in a conflicted state, you will
see a second file, named
filename.xls_conflict_copy_1320591263 which contains the changes
that caused the conflict.
Note: you can remove the
portion of the filename, and you would still be able to open the file in its
editor, e.g. Excel.
When you uninstall SecretSync, this removes its record of what files have been synchronized.
If you uninstall SecretSync but leave both the SecretSync
folder and tunnel folder on your system, and then you
re-install SecretSync, you will likely see
files for most of the files in your SecretSync folder.
In this scenario, SecretSync has no record of what's been synchronized, and assumes that all the files are in conflict, and duplicates them. The files in this case are identical, and only one copy needs to be kept. (Be sure you've tested this before you delete, however.)