Data Storage - Software-Encrypted vs Hardware-Encrypted USB Flash Drive vs Cloud Storage

HarborFront

Level 68
Thread author
Verified
Top Poster
Content Creator
Oct 9, 2016
5,751
This topic centers on storing data on software-encrypted vs hardware-encrypted USB flash drive vs cloud storage. External drive storage is chosen over storing on the PC/laptop itself to avoid malware infection or a dead PC/laptop. You can scan the files/folders for malware before storing on the USB flash drive.

And emphasis will be on safe data storage, ease of use and transfer between different platforms like Windows and android. Others like storing/sharing/backup of videos/music/photos is secondary.

To start off, the Software-encrypted USB flash drive vs the Hardware-encrypted USB flash drive will be discussed

Case Scenario

If you are sitting in StarBuck with your phone and want to log in to malwaretips.com, but you have forgotten your password. You can

1) Log in to your cloud, access the file, retrieve the password and log in to malwaretips.com.
2) Use a Password Manager.
3) Take out your software-encrypted flash drive, plug into the phone's USB OTG port, decrypt the file using the app on your phone, retrieve the password and log in to malwaretips.com
4) Insert your hardware-encrypted USB flash drive into the phone's USB OTG port and unlock it, open the Word doc containing the password, retrieve the password and log in to malwaretips.com

In all cases, for security, you still need to remember some kind of password/2FA/PIN/biometrics to log in to the cloud or the app on the phone or the PIN on the hardware-encrypted flash drive

Software-encrypted USB flash drive

- Here, the files/folders/vaults are encrypted/decrypted on the desktop/phone and stored on the USB flash drive. Flash drive is not encrypted for easy access. You can encrypt the drive too if there's a need.

Hardware-encrypted USB flash drive (with physical keypad)

- Here, the drive is encrypted/decrypted on the USB flash drive itself. Files/folders need not be encrypted for easy access. You can also encrypt the files/folders if there's a need.

Commonalities - Software-Encrypted vs Hardware-Encrypted Flash Drive

PROS

1) Everything is in your control. No need to trust others to keep your data safe
2) No need to depend on internet i.e. local use
3) No need to use 2FA, hardware security keys or Password Manager
4) No concern in mobile data usage
5) Can encrypt files/folders/drive
6) No worry of data being collected, no worry of Cloud Act, no worry of 5/9/14-eye countries etc
6) No need to pay subscription for storage
7) Can have another drive as back up
8) If need to use the flash drive on other’s PC/phone then need to install onboard a paid AV like ESET USB DriveSecurity
9) It's OS and platform independent and can work on PC/laptop and phone as long as there's an OS.

CONS

1) Need to carry devices around, which increases the tendency to lose or cause damage to them. Back up drive is needed.
2) Need to pay for drives
3) Difficult to share files/photos/videos because no automatic sharing/syncing/back up
4) A hassle in use

Software-Encrypted USB Flash Drive

PROS

1) Cheaper per GB of USB flash drive + back up drive
2) No worry of dead battery
3) Can choose reliable drive brand

CONS

1) Not tamperproof, no onboard hardware encryption, easily damage flash drive plastic case etc
2) Very limited Windows (PC/laptop)-to-Android (phone) software for encryption/decryption. Can use free VeraCrypt on Windows and free compatible EDS Lite on android phone
3) Need to install software to encrypt/decrypt on Windows and android phone
4) Drive can be formatted even if it’s write-protect/read-only


Hardware-Encrypted USB Flash Drive

PROS

1)
Encryption is on the hardware USB flash drive itself. No software needed
2) Flash drive case is usually metallic and not easily damage, it's tamperproof, waterproof etc
3) Cannot format drive unless unlocked by PIN using its keypad

CONS

1) Need to pay for the more expensive hardware-encrypted flash drives
2) Reliability of drive to fail is a concern as physical drive brand is usually unknown
3) Dead built-in battery and unreliable keypad are concerns in the long run
4) Generally, longer and bulkier than its non-hardware encrypted counterpart
5) Some hardware-encrypted drive might feel hot during use
 
Last edited:

HarborFront

Level 68
Thread author
Verified
Top Poster
Content Creator
Oct 9, 2016
5,751
Cloud Storage

PROS

1) Convenience and accessibility in sharing/syncing/automatic back up of files..........with photos, videos too etc
2) No need to carry any device around
3) Can have zero-knowledge, strong encryption and better-privacy for paid cloud provider
4) More bells and whistles provided for paid cloud provider like have 2FA, sharing, syncing etc
5) Can use as a backup for storing of important data
6) Can work with Password Managers and collaborate with other cloud providers

CONS

1) Need to pay subscription for safer and better-privacy service
2) Risk of cloud provider being hacked
3) Will be a hassle to back out all data from cloud if want to terminate/switch cloud service
4) The TOS and Privacy Policy will restrict the user especially in terms of data collection/sharing
5) User may not have the choice of the wanted cloud provider if it’s based in the 5/9/14-eye countries and have servers there as well
6) The Cloud Act further erodes one’s privacy
7) Only a handful of android apps for the cloud providers have no trackers, namely, Sync.com, Tresorit, Google Drive etc
8) Generally, free cloud provider will not have encryption, zero-knowledge, privacy and extra bells and whistles.
9) Small-time cloud provider can close down anytime without prior notification
10) Internet-dependent. Need good and fast connectivity
11) Mobile use can drain data if not on WiFi
12) Need to trust the cloud provider to maintain the infrastructure and keep it safe
13) If files/photos/videos are stored unencrypted
in cloud then the cloud provider can see them

If there is anything I missed/wrong, please add/correct. Thanks
 
Last edited:

Andrezj

Level 6
Nov 21, 2022
270
Cloud Storage

PROS

1) Convenience and accessibility in sharing/syncing/automatic back up of files..........with photos, videos too etc
2) No need to carry any device around
3) Can have zero-knowledge, strong encryption and better-privacy for paid cloud provider
4) More bells and whistles provided for paid cloud provider like have 2FA, sharing, syncing etc
5) Can use as a backup for storing of important data
6) Can work with Password Managers and collaborate with other cloud providers

CONS

1) Need to pay subscription for safer and better-privacy service
2) Risk of cloud provider being hacked
3) Will be a hassle to back out all data from cloud if want to terminate/switch cloud service
4) The TOS and Privacy Policy will restrict the user especially in terms of data collection/sharing
5) User may not have the choice of the wanted cloud provider if it’s based in the 5/9/14-eye countries and have servers there as well
6) The Cloud Act further erodes one’s privacy
7) Only a handful of android apps for the cloud providers have no trackers, namely, Sync.com, Tresorit, Google Drive etc
8) Generally, free cloud provider will not have encryption, zero-knowledge, privacy and extra bells and whistles
9) Small-time cloud provider can close down anytime without prior notification
10) Internet-dependent. Need good and fast connectivity
11) Mobile use can drain data if not on WiFi
12) Need to trust the cloud provider to maintain the infrastructure and keep it safe
13) If files/photos/videos are stored unencrypted
in cloud then the cloud provider can see them

If there is anything I missed/wrong, please add/correct. Thanks
  • (because of item below) cloud provider does not employ end-to-end-encryption, even paid (e.g. Google, Dropbox)
  • cloud provider retains your decryption keys and can access them at any time - such providers can decrypt your files at-will (e.g. Google, Dropbox) and hackers that get the key literally have the key to your files
 
  • Wow
Reactions: Dave Russo

HarborFront

Level 68
Thread author
Verified
Top Poster
Content Creator
Oct 9, 2016
5,751
  • (because of item below) cloud provider does not employ end-to-end-encryption, even paid (e.g. Google, Dropbox)
  • cloud provider retains your decryption keys and can access them at any time - such providers can decrypt your files at-will (e.g. Google, Dropbox) and hackers that get the key literally have the key to your files

I doubt they decrypt but more likely checking against the hases before encrypting as explained below. So end-2-end encryption is still there (further below). If you share your own files like Word/Excel/pdf or your own made movies I doubt they can check for hases. I think it's more for copyrighted/pirated content. I believe paid Google Drive and other cloud providers have some sort of writing in their TOS regarding copyrighted/pirated content, unless otherwise stated or not stated. And if you have the intention to do that, my suggestion is you should avoid it.



Quotes from above link

What does it really mean to look at your private files and folders, though? Does it mean that Dropbox looks as the file names and hashes, but not the contents?

In short, there’s nothing stopping Dropbox from outing you as a scumbag copyright infringer — except, of course, the fact that it would very quickly lose the confidence of its users, which would then probably torpedo its entire business model.

Unquote

But Dropbox and Google Drive still surviving means they have not looked into your files despite holding the decryption key otherwise they would, as quote, 'very quickly lose the confidence of its users, which would then probably torpedo its entire business model'. Or they are doing it stealthily without user knowledge.

For this, I give Dropbox a thumb up (y) in fighting copyrighted/pirated content


Thanks
 
Last edited:

JanEmil

New Member
Jan 30, 2023
1
just a huge amount of useful information for beginners and more experienced people alike (I found a couple of points for myself, for sure)
many thanks for the topic
 
Last edited by a moderator:

Thales

Level 15
Verified
Top Poster
Well-known
Nov 26, 2017
715
If you use a storage provider, you accept that they can access anything even if they say they can't. That's why it's important to encrypt any sensitive information, whether it's a picture or file or anything else, before uploading it.
Also, redundant backup solution is the key. External backups and cloud providers.
 
  • Like
Reactions: HarborFront

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
21,719
That's why it's important to encrypt any sensitive information, whether it's a picture or file or anything else, before uploading it.
Cloud service providers can terminate accounts at any time. If they cease global operations or restrict certain regions, access to the encrypted data will be revoked.

It may appear overkill, but it's recommended to use 2 cloud storage providers and 2 offline storage solutions.
 
  • Like
Reactions: roger_m

Thales

Level 15
Verified
Top Poster
Well-known
Nov 26, 2017
715
Cloud service providers can terminate accounts at any time. If they cease global operations or restrict certain regions, access to the encrypted data will be revoked.

It may appear overkill, but it's recommended to use 2 cloud storage providers and 2 offline storage solutions.
That's why I wrote this...
If you use a storage provider, you accept that they can access anything even if they say they can't. That's why it's important to encrypt any sensitive information, whether it's a picture or file or anything else, before uploading it.
Also, redundant backup solution is the key. External backups and cloud providers.
 

HarborFront

Level 68
Thread author
Verified
Top Poster
Content Creator
Oct 9, 2016
5,751
Hi All

Sorry, I missed out one very important PRO for Cloud Provider

It is good for working across borders/countries, as carrying encrypted devices may raise suspicion when searched. A secure cloud provider is therefore highly recommended
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top