Git-Mirrors/privacyguides.org
1
0
Fork 0
mirror of https://github.com/privacyguides/privacyguides.org.git synced 2025-04-24 17:19:30 -04:00
Code Issues Packages Projects Releases Wiki Activity

style: Rewording and reshuffling for consistency

Browse Source 
Signed-off-by: redoomed1 <redoomed1@privacyguides.org>
This commit is contained in:
redoomed1 2025-03-21 11:55:05 -07:00 committed by GitHub
parent f3161c913d
commit bb5ac65653
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 9 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
docs/cloud.md
View File

@ -10,7 +10,7 @@ cover: cloud.webp
- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
Many **cloud storage providers** require your full trust that they will not look at your files. The alternatives listed below eliminate the need for trust by implementing secure E2EE.
Many **cloud storage providers** require your full trust that they will not look at your files. The alternatives listed below eliminate the need for trust by implementing secure end-to-end encryption.
If these alternatives do not fit your needs, we suggest you look into using encryption software like [Cryptomator](encryption.md#cryptomator-cloud) with another cloud provider. Using Cryptomator in conjunction with **any** cloud provider (including these) may be a good idea to reduce the risk of encryption flaws in a provider's native clients.
@ -27,7 +27,9 @@ For more technical readers, Nextcloud is [still a recommended tool](self-hosted.
![Proton Drive logo](assets/img/cloud/protondrive.svg){ align=right }
**Proton Drive** is an encrypted cloud storage provider from the popular encrypted email provider [Proton Mail](email.md#proton-mail). The initial free storage is limited to 2 GB, but with the completion of [certain steps](https://proton.me/support/more-free-storage-existing-users), additional storage can be obtained up to 5 GB.
**Proton Drive** is an encrypted cloud storage provider from the popular encrypted email provider [Proton Mail](email.md#proton-mail).
The initial free storage is limited to 2 GB, but with the completion of [certain steps](https://proton.me/support/more-free-storage-existing-users), additional storage can be obtained up to 5 GB.
[:octicons-home-16: Homepage](https://proton.me/drive){ .md-button .md-button--primary }
[:octicons-eye-16:](https://proton.me/drive/privacy-policy){ .card-link title="Privacy Policy" }
@ -46,9 +48,7 @@ For more technical readers, Nextcloud is [still a recommended tool](self-hosted.
</div>
The Proton Drive web application has been independently audited by Securitum in [2021](https://proton.me/community/open-source).
Proton Drive's brand new mobile clients have not yet been publicly audited by a third party.
The Proton Drive web application has been independently audited by Securitum in [2021](https://proton.me/community/open-source), but the brand new mobile clients have not yet been publicly audited by a third party.
## Tresorit
@ -83,7 +83,9 @@ Tresorit has received a number of independent security audits:
- Computest discovered two vulnerabilities which have been resolved.
- [2019](https://tresorit.com/blog/ernst-young-review-verifies-tresorits-security-architecture): Penetration Testing by Ernst & Young.
- This review analyzed the full source code of Tresorit and validated that the implementation matches the concepts described in Tresorit's [white paper](https://prodfrontendcdn.azureedge.net/202208011608/tresorit-encryption-whitepaper.pdf).
- Ernst & Young additionally tested the web, mobile, and desktop clients: "Test results found no deviation from Tresorits data confidentiality claims."
- Ernst & Young additionally tested the web, mobile, and desktop clients. They concluded:
> Test results found no deviation from Tresorits data confidentiality claims.
[^1]: [ISO/IEC 27001](https://en.wikipedia.org/wiki/ISO/IEC_27001):2013 compliance relates to the company's [information security management system](https://en.wikipedia.org/wiki/Information_security_management) and covers the sales, development, maintenance and support of their cloud services.
@ -125,7 +127,7 @@ Peergos was [audited](https://peergos.org/posts/security-audit-2024) in November
### Minimum Requirements
- Must enforce end-to-end encryption.
- Must enforce E2EE.
- Must offer a free plan or trial period for testing.
- Must support TOTP or FIDO2 multifactor authentication, or passkey logins.
- Must offer a web interface which supports basic file management functionality.