FAQ - Frequently Asked Questions
Why I have to choose AnoniCloud instead of others?
AnoniCloud has been conceived with anonymity of the user, inviolability and integrity of the user's data in mind: Differently from other services like Google Drive, Dropbox and OneDrive, we as service provider don’t have access to stored data (zero knowledge encryption) nor to your password.
Several technical and strategical solutions has been implemented to fulfill these requirements that becomes our founding pillars.
Why Switzerland?
Actually very few countries grant real data protection and privacy to their citizens and citizens of other countries; Switzerland is one of these. Swiss data retention policies apply only on certain services and AnoniCloud is outside data retention obligations.
I don’t have anything secret, so I don’t have anything to hide!
Everybody has it’s own private life that don’t want to share with others: A secret diary, past-love pictures or some medical reports that are too embarrassing to leave around, under everyone sight.
Let’s think about professionals like doctors, lawyers or top managers that travels with sensitive data stored on PC, portable devices or papers that can be searched, stolen or simply lost.
AnoniCloud is free? So I’m the product!
AnoniCloud is in public beta release; once will became stable, it will be released in two flavors: One free tier of limited storage and features and one billed flavor with more storage and features. Users using the free tiers are encouraged to donate or support AnoniCloud team to build a more reliable product.
AnoniCloud is open source?
As soon as AnoniCloud will be stable and validated from the security point of view, client applications sources and API will be released as open source, with the possibility for other developers to build their own client.
What information do you need from me to open an account?
We need just one username (that can be something like blablabla123
) and a password strong enough to make difficult to violate your account. Period.
Can you see my data and my profile?
Short answer: No.
Long answer: Once again, No. Period.
How can I search through my documents?
You can’t. Zero knowledge encryption means: We are not able to access your data so we’re not able to make indexes on them. So any search is impossible.
One more thing: There is the possibility for the client device to generate keywords from your files before they are uploaded to AnoniCloud server, but it's a computational intensive task that will go to kill your battery very quickly; we prefers to avoid this.
Can I share my documents with others?
Yes; despite AnoniCloud is not thought to share contents worldwide, a sharing function is implemented and under active development.
Because "sharing with others" means "asymmetric cryptography" (see the FAQ about quantum computers) we have taken a number of measures to avoid possible breaking by quantum computers owners.
How much is safe AnoniCloud? Can you prove that is really safe?
AnoniCloud has been designed with anonymity, inviolability and integrity of data in mind; before we will release AnoniCloud to the main public, we will require an independent security assessment of our servers and of our protocol to a specialized and independent company.
Is AnoniCloud GDPR compliant?
AnoniCloud means GDPR: All data are anonymized and encrypted before leaving the customer's device, inaccessible by us and we ask just two informations (username and password) to grant access to the data.
Nothing is sold or transmitted outside AnoniCloud servers: What’s on AnoniCloud stay on AnoniCloud!
Cool, data are encrypted; what about metadata?
Metadata are encrypted too. What identify a file or a folder on our server is just a “meaningless” UUID (Universally Unique Identifier) that is similar to 11f8f44d-6944-4c9d-8dd8-85d0b492b94b
; user can have a proof of this naming two different files with the same name! This is perfectly legal for AnoniCloud because the server doesn’t consider metadata for identification of files and folders.
One more thing: Each UUID is worldwide unique. You’ll never get a user or a file with the UUID we used as example above!
Do you plan to provide a web browser access to my documents?
No. We don’t allow any access by web interface due to browsers security limitations.
However you can manage your account with your favorite browser.
Why you need to activate my account?
We are in development phase with very limited storage capacity; to be able to correctly manage this phase we allows just a limited number of users to access AnoniCloud. As soon as we will leave the development phase we will remove the AnoniCloud team activation requirement.
Quantum computers are now reality, cryptography is broken!
First, quantum computers are a reality but still under testing; nobody has a quantum computer on it’s basement able to force encrypted data.
Second, there are two kind of cryptography: Symmetric cryptography and asymmetric cryptography; symmetric cryptography is safe. Asymmetric cryptography can be broken by quantum computers because their ability to solve mathematical problems these algorithms are based on.
At this time there is no evidence that asymmetric cryptography over a certain strength has been broken by a quantum computer; quantum safe algorithm are under active research by the cryptographer and will be implemented by AnoniCloud as soon as they are proven to be safe.
Operating systems are full of spyware: Your app is futile!
Usually operating systems collect anonymized telemetric data useful to software houses to drive future developments of their product; usually you can stop data collection by simply switching off the feature; this is what software houses tell us!
There are others data that users put in hands of software houses and service providers: What about iCloud of your Mac that store data on their server without cryptography? Everything is well written on license agreement: Have you ever read one of this?
To solve one time for all the “OS-as-spyware” issue, we’re working on letting AnoniCloud work on air-gapped systems: What they are? Stay tuned.
Do you support two-factors authentication?
Two factors authentication is one of the next features that will be implemented.
I forgot my password: Can I recover it?
No, sorry. And we discourage the use of any service that allows a password recovery procedure. Write your password in a piece of paper and put it on a safe place but please don’t forget it, otherwise you’ll not be able to recover anything.
What kind of informations are logged?
We’re actually on a public beta stage and we log the source IP of the requests with the header of the request itself and debug data.
When AnoniCloud will be stable, we will drop any logging except the local server errors.
Do you plan a .onion
address?
Yes! We actually have a .onion
address with a self signed certificate; once AnoniCloud is stable enough we will ask Digicert (the only CA able to release an SSL certificate for .onion
domains) to release a CA signed certificate and we will allows users to use it.