Using encrypted folders

Hi folks,

Apologies up front for the newbie question.

I'm techie enough to get Resilio Sync working the way I want it - phone, tablet, and laptop all syncing via my Synology NAS. So far, so good.

Recently, I've had to sync documents that contain 'sensitive info' as defined by the UK Data Protection legislation. I can, of course, encrypt and password protect files individually, but wondered if the encrypted folder feature of Resilio Sync worked to my advantage here.

If I create an encrypted folder that was synced across all my devices, I take it that means that all the contained files are encrypted without needing to protect them individually. The reason it's an issue is that the synced folders on my phone and tablet are on the removable microSD card. Both phone and tablet are well locked down, but I was concerned that if someone popped out the memory card then they'd have access to the files.

Thanks in anticipation.


The encrypted folders work differently than you think. They give you an extra folder key. When this key is used on a RLSync instance, it becomes a peer for the folder, but this peer will not be able to decrypt the data. The typical usage scenario is when you want to use a VPS in the cloud to be a peer, but you cannot trust this VPS (e.g. because the cloud provider can seize and turn over the VPS, the VPS could be hacked, etc.). Using an encryption read-only key, the VPS can contribute bandwidth without being able to read the data.

Even if you use an Encrypted folder, the folder is not encrypted on peers that have read-write or read-only access. Only data in transit is. If you want to protect data on devices with read-write or read-only access, you'll want to use full disk encryption. Whether encryption of an SD is supported depends on your Android version (and probably manufacturer). Unfortunately, full disk encryption is in a bad state on Android. Personally, I wouldn't store sensitive data on an Android phone.

