This is better than TrueCrypt-on-Dropbox [1] in the sense that there's probably much less bandwidth inflation due to encryption, if any.
However, with EncFS be warned:
"Anyone having access to the source directory is able to see how many files are in the encrypted filesystem, what permissions they have, their approximate size, and the last time they were accessed or modified." [2]
Since tarsnap does the block partitioning and encryption client-side, it doesn't suffer from either problem.
Im sorry, but the whole idea of Dropbox was simplicity. This method requires installation of two more pieces software on every machine that will need access to encrypted data and does not explain or guarantee that it will work across platforms which is what dropbox is all about(I can access same files on my phones, tablets, windows pcs, macs and web)
I basically approach Dropbox as a tool that fits its purpose and this purpose unfortunately does not include properly encrypted data. So any sensitive documents would NOT go into dropbox. They would be backed up into an online backup that is encrypted on my side instead.
I find myself wondering if you actually read the content. Your first paragraph seems like a response to the article, but then your second makes it look like you didn't. Are you encrypting your files via hand-calculations before putting it on Dropbox, or using a second software package you installed as a tool? In which case what exactly is so hard about using one of the transparent file systems, which both boast a decent array of OS support options, that you have some sort of solution for that doesn't involve installing something beyond Dropbox?
I'm not sure if we both read the same comment. The second paragraph focuses on the fact that Dropbox is not suitable for sensitive content, and therefor he suggests using another service that offers client-side encryption (Tarsnap, possibly, as I think that it does that). He is not saying that he is putting encrypted files on Dropbox.
You misunderstood my response. I use Dropbox for syncing of non-sensitive data across devices.
For sensitive data, I use something else entirely: Crashplan with client-side encryption
This idea seems to come up every few months. Don't do it! (At least unless you seriously understand the caveats or something substantial has changed with encfs and/or Dropbox.)
Or don't use dropbox, use rsync, disk encryption, cron and SSH. Works across Mac/Linux & SCP on windows. With rsync+ssh+cron+disk encryption, you have full responsibility. Competency with rsync is empowering and can be as simple as dropbox, and way way way more secure.
I've been happy with Tarsnap for encrypted remote backup purposes. I've got 8 months of daily snapshots, around 6Gb per shot. So far it's cost me around $7.
Thanks, this is a lot better than the truecrypt system I had set up. Although I have a sqlite database that seems not to work with this... that will be staying in the truecrypt file system.
However, with EncFS be warned:
"Anyone having access to the source directory is able to see how many files are in the encrypted filesystem, what permissions they have, their approximate size, and the last time they were accessed or modified." [2]
Since tarsnap does the block partitioning and encryption client-side, it doesn't suffer from either problem.
[1] http://news.ycombinator.com/item?id=2546626
[2] http://en.wikipedia.org/wiki/EncFS