Table of contents
End-to-end encrypted, zero-trust cloud drives
Not all cloud storage providers are same. Some have great security, some shine in privacy and some are nice to use. Privacy and security can go hand-in-hand. Yet it's almost impossible to combine advanced functionality, such as streaming video files, with top-notch privacy.
Sync.com and Tresorit
This comparison started as feature comparison of two popular zero-trust cloud storage options: Sync.com (from Canada) and Tresorit (from Switzerland). I wrote the comparison from my own use-case, to support my own decision making.
I'm not interested to compare non-zero trust services, since encryption is the only way for true privacy. I still included some popular or otherwise interesting options for comparison.
How I use cloud storage
I have Windows, MacOS and iOS devices. It would be nice if all them are able to access the files in the cloud.
I'm a hobby photo- and videographer. Currently I store around 1 TB of photos and videos, organized loosely around the dates the media files were transferred to computer. I also have text documents, graphic designs, music compositions and other creative products. Most content is for archiving, but some is in-progress.
For sharing photos, I sometimes use pCloud (not end-to-end encrypted) for viewer's convenience. For backups I rely on local backups and Sync.com, but I'm looking for a fast and more transparent alternative.
Apart from cloud drives, a big chunk of my data is stored in variety of services. Contacts and emails are at the email provider, everyday notes are in Apple Notes, private journals are in Standard Notes, code is in GitHub, graphic designs are in Figma etc. The physical devices are becoming just gateways to the data stored on different services.
Tresorit has the best functionality and looks most professional. Yet, I disagree it being three times better than Sync.com (like the price would suggest). Filen.io is catching them, but some of their stuff is very base-bones.
For casual businesses I'd recommend Google Suite. It is nice to use and has great tools for productivity. Especially the collaborative document editing features are essential for modern workflows. Google also has top-notch security, even if it looses in privacy (from themselves).
For family use, I'd consider Jottacloud, even while it's not end-to-end encrypted.
Power-users might benefit of having several cloud drives: one that is private and some other ones that are nice-to-use (or there are people already sharing).
Jottacloud 5 TB (not zero-trust) = 96 €/year
Filen.io 2 TB = 90 €/year
pCloud 2 TB (not zero-trust) = 95 €/year
Sync.com 2 TB = 96 €/year
Google One 2 TB (not zero-trust) = 100 €/year
iCloud 2 TB (not zero-trust) = 120 €/year
Dropbox 2 TB (not zero-trust) = 120 €/year
Koofr 2.5 TB (not zero-trust) = 240 €/year
Tresorit 2.5 TB = 297 €/year
Filen.io is the cheapest out of end-to-end encrypted options. Sync.com is cheaper than mainstream options like Dropbox.
Norwegian Jottacloud is the cheapest one in this comparison, but getting full benefit would mean having 5 TB of data.
Unscientific speed test
Sync.com (third download had an error**)
The times were measured with following files:
- 450 MB Ubuntu distribution, measured daytime August 2021
- 1.2 GB ZIP archive of files, measured daytime August 2021
- 510 MB video file (.mov), measured daytime September 2021
The transfers were done in web browser while connected to fast internet. Measurements were done without VPN from Finland metropolitan area.
Transfer speeds can vary greatly based on many factors.
**When attempting to download the 510 MB video file, Sync.com gave error "file too large for browser decryption". When I chose again download from the transfers view, it finished nicely.
Data stored in Europe
Third party audited
Doesn't scan uploads
pCloud is endlessly on -65% sale. When they have a real discount, they change -65% to -75%. Tresorit is confusing consumers by advertising pricing without VAT included. Occassionally they seem to have discounts such as -40% from non-VAT price. Filen.io is so new that the pricing may have to settle still.
pCloud has people complaining about file corruption. They also have reports of deleted lifetime accounts (most likely for storing copyrighted content). It is impossible to verify how trustworthy these comments are. pCloud likely has the largest consumer user base in this comparison, so it's also more likely that they get more negative attention.
Jottacloud has command line tools for Linux.
Support large files
Earlier file versions don't use quota
Files in trash don't use quota
- Sync.com: unlimited file size.
- Tresorit: max 3 GB file for free plan, 5 GB for 500 GB plan, 10 GB for 2500 GB plan.
- Filen.io: unlimited file size.
- pCloud: unlimited file size.
- Jottacloud unlimited file size (unconfirmed).
- Sync.com stores old versions for 30 days (free account) or 180-365 days (paid account).
- Tresorit stores last 10 versions (500 GB plan) or 100 versions (2500 GB plan).
- Filen.io stores versions until deleted.
- pCloud stores old versions for 15 days (free account) or 30 days (paid account).
- Jottacloud stores last five versions.
Sharing with others
Share with logged-in users
User specific read/write permissions
Shares only consume owner's quota
Create public share link
Expiration date for share link
Jottacloud team shares are always with read & write access. Filen.io shares are currently read-only.
Jottacloud's public link shares cannot have passwords. I'm unsure if there's any benefit of having password on a public share (the link is anyway a random set of characters and numbers).
Filen.io allows limiting link valid time for max. 30 days, others let you select a specific date.
Computer app (tested mainly on Windows)
Selective sync (choose only some folders to be synced)
Multiple local sync folders
Network drive view to cloud content
Block level updates (update just a part of large file)
Avoid full upload on renaming a file or folder
Avoid full upload on moved file or folder
Avoid full sync on computer reinstall, if files are intact
Block shutdown when sync is unfinished
Jottacloud and Sync.com unofficially support symbolic links, which enable a "light version" of syncing multiple folders. This approach is limited especially if syncing multiple computers. Jottacloud also allows automatic backups for any folder, but that's one-way sync.
Sync.com has their "CloudFiles" in beta. It should allow viewing cloud files as if they are synced locally.
Automatic backup of photos and videos
Download files for offline use
Integrate with Share tray
Integrate with Files app
Unlock with Face ID (optional)
Support for document files
Search from all cloud folders
Search something inside text files
Preview text (.txt) file
Edit text (.txt) file
Preview older Ms Word (.doc) file
Preview newer Ms Word (.docx) file
Preview Markdown (.md) file
Preview ZIP-file contents
Jottacloud and paid version of Sync.com have Ms Office integrated, so the documents can also be edited.
In most cases, Markdown file was displayed as text file.
Jottacloud and some others attempted to show the ZIP-file contents on iOS, however it didn't work.
Support for media files
Nice photo browsing
Stream WAV file
Stream MP3 file
Stream video file
Filen.io plays audio and video files inside web browser, but I wasn't sure if it was actually streaming them or downloading fully to web browser first.
General minuses of zero-trust encrypted clouds: Tresorit, Sync.com and Filen.io
- Slower in all file management, if the files are not locally cached.
Minuses of zero-trust encrypted clouds when run in web-browser or mobile apps
- No wide file/folder search
Media management is cripled:
- No face, item or pet recognition, or any AI-powered tools for photos or videos
- No map view or other metadata based tools for photos or videos
- No searching, viewing or sorting by image/video meta data
- Painfully slow loading of image thumbnails, not to mention full images. I wish the apps generated fast-loading thumbnails and preview versions while uploading the original images.
- Generally no support for streaming audio or video files (I've read MEGA has some sort of streaming)
- No support for viewing raw camera files
- iOS-specific: Automatic photo and video backup needs always on location permission for the sync app. By Apple's design, only iCloud is allowed to backup photos and videos on background without "location trick".
Cons for Sync.com
- Slow transfer speeds at least from Europe
- Windows: On initial sync high CPU usage
Windows and Mac: When installing Sync.com app and logging in, the
app starts to download everything from cloud to that device. I'd
prefer having an option to select the content to be synced
during installation, before starting to download anything.
- I do a fresh install of computers every now and then. After installing Sync.com app I have to go deselect folders from Sync.com app's settings. Then I use Explorer/Finder to manually delete the content, which I didn't want on that device, but was already downloaded while the installer was finishing.
- When deleting unnecessary content manually, there is a high risk of accidentally deleting something that should be saved.
Windows and Mac: If I add a new folder to root of synced folder,
it is automatically downloaded to all computers, even if I wanted
it only on single device.
- For example: I add a new folder "Blender models" to my home computer. The next time I visit my music studio and fire-up the mixing computer, the Sync.com app on that computer downloads this new folder. Same to fresh install installation, I have to manually unselect the Blender models folder in that PC's Sync.com app and then manually delete whatever it already downloaded.
Windows and maybe Mac: Sync.com app needs to find the sync folder
immediately when it starts, it doesn't monitor if it later becomes
- To me, this used to happen when the sync-folder was on an encrypted drive. After Windows had started, I typed the password to mount the VeraCrypt drive.
- This probably also happens if plugging in removable media
- Sync.com needs to be started manually after mounting the container with sync folder, but it's easy to forget.
Windows: If a big file uploaded only partially before shutting
down, Sync.com starts the upload from beginning next time.
- Being unable to resume makes it harder to upload large video files.
- I'm not sure if Tresorit can resume uploads either. Tresorit is faster and has tight file size limit, so this issue is not that obvious.
- iOS: Error message "Couldn't communicate with a helper application" when trying to attach cloud files to email using Sync's integration with iOS Files (tested August 2021). Probably a bug that will get fixed. In Tresorit this works as expected, though it is slow.
- iOS: No "Send with link" in iOS Share menu
- Web: Cannot download a folder (Tresorit would make a ZIP-archive and download that)
- All platforms: No log of created and revoked share links
- All platforms: Cheap looking, unpolished UI. Needs a serious facelift.
Cons for Tresorit
- Web: Doesn't show file creation/modified dates
- Windows, maybe Mac and iOS: Sends anonymous usage statistics by default. Sync.com also sends data by default, but asks for permission while installing.
- Having one paid user and free collaborators doesn't really work with Tresorit, since everyone loses their storage quota for shared files.
- When cancelling a subscription, the flow has lots of dark patterns, such as multiple confirmations with the visually primary button not being the cancellation. I didn't try to unsubscribe from Sync.com, but at least Tresorit is pretty nasty in this sense.
- Occasionally there are notable discounts. It's hard to settle with the service knowing the next year would be full price. Instead of random discounts, permanently lowered prices with no discounts would feel more sustainable.
Nice things for both Sync.com and Tresorit
- Web: Both have clean list of linked devices
- Windows: Files are not locked during upload and can be saved at all times. This is nice when working on something that gets saved often.
Cons for Tresorit and Sync.com
- If putting a big file to synced folder and after that small ones, both try to upload the big file first, while it could be wiser to upload the small files first.
pCloud (partly end-to-end encrypted)
I briefly tested pCloud with Crypto-folder around 2019.
- For Crypto-folder, probably none (Crypto is cripled feature-wise, losing to all zero-trust providers)
- For non-encrypted storage, pCloud is among the best providers with vast support for viewing and streaming images, audio and media files (weirdly lacking HEIC support in web).
- In addition to media functionality, there are lots of useful features. pCloud seems like the most feature-rich cloud drive, if not looking for office suite.
- Uploads are scanned for illegal content, DRM-protected content etc.
- Marketing lists nice functionality such as video streaming and encryption using the Crypto-folder. This is misleading, since these things cannot be combined.
- Shared link, such as video, contains annoying pCloud marketing. There's a marketing popup and ads in the frame.
- Web: Doesn't support viewing HEIC-images despite otherwise great support for media files
- pCloud's great media file support is lost for the files in Crypto-folder. The files need to be fully downloaded to be viewed, even the thumbnails are unavailable.
- Crypto-folder is only in cloud, there are no local versions of the files
- Content in the Crypto-folder can only be shared with pCloud business plan
- pCloud marketing and discount policies are pushy.
- Cost efficient (depending on which cloud it is hosted)
- Likeable open source project
- Trustworthy privacy, similar to self-hosted cloud
- iOS: On a brief test, viewing media files felt extremely fast, just like if they were natively on the mobile. Maybe they were actually cached locally (tested with iCloud as Cryptomator host).
- No web-access apart from third-party provider
No versioning of files: if files are deleted or changed often,
there is a big chance for human errors. For me this is a
- It is possible to use the host cloud's versioning. However this gets tricky since it's hard to find the correct files among encrypted folder and file names
- If there is a robust local backup method with versioning, then the lack of cloud-provided versioning could be an acceptable.
- Sharing with others is "hacky" at best; based on some comments, it is possible to share a complete vault (folder cannot be shared). Editing files simultaneously might lead to catastrophe.
- More software to install: the devices still need the "host cloud" where the Cryptomator-vaults are saved. I tried with Cryptomator with iCloud. On Windows-machine iCloud app is far from great (it works, but is very bare-bones. For example, it lacks "pause syncing" function).
- There are reports on lost vaults due to bugs in Cryptomator
- Installing the host cloud creates a temptation to occasionally use it instead of encrypted storage
- iOS: No thumbnail view yet (should come with the beta version)
- iOS: No integration to iOS Files yet, however it is in the beta version
- iOS-app supports hosting inside iCloud, Dropbox, Google Drive, OneDrive or WebDAV. Apart from WebDAV, installing syncing app by these big cloud providers to all devices becomes mandatory. Many privacy warriors hesitate installing any apps by these companies.
- iOS beta may allow choosing other providers also, so for example pCloud might become an option.
It could be nice to have a "light" version of Cryptomator, which would just encrypt file contents, not the file names. This way the host cloud's versioning system would be more usable to undo errors.
I learned that Cryptomator's Android client supports pCloud, so instead of using pCloud's cripled Crypto-folder, that could be an interesting alternative for Android-users. I'm looking forward for Cryptomator iOS client improvements.
- Cheapest end-to-end encrypted service in this comparison.
- Open source
- Web: Surprisingly fast browsing of supported images
- Web: Plays small MP3s (doesn't work in iOS). The "preview" is limited to small files like one song MP3, not for mixtapes
- Web: Plays video files (after long loading)
- Web: Has search, thought it's limited to only current folder
- Web and iOS: Has thumbnail view with nice size thumbnails
- Sharing is possible only with read permission for others
- Web and iOS: Cannot view HEIC-images (on iOS this is surprising)
- Web: When uploading photos in web browser, I didn't get thumbnails at all
- iOS: No integration to iOS Files app
- iOS: No integration to iOS Share tray
- iOS: No automatic backups of photos and videos
- Very limited documentation and quite few user reviews
- Newcomer: not proven, not audited, limited functionality and some bugs
- Visually OK
- It is a company of less than five employees - longevity can be worrying.
- Name is too generic, making searching customer experiences etc. hard
A web-application, which runs inside web browser (there are no native apps). Uploading files is done manually, so it's not a place for a sync folder or backup.
Photo viewing looks nice, though in comparison to unencrypted services it's on slow side. This might be the most serious attempt to do cloud photo hosting with strong encryption.
I've tested the service for sharing photos with family, but at least early 2020 it only supported JPG-photos. No support for videos or HEIC-images.
Document editing feels promising. However the functionality and lack of native apps is not to my taste.
The developers are nice and responsive. I've emailed them couple of times. The project is open source, and in general very likeable.
ProtonDrive is beta. I have no personal experience on it.
Based on my earlier experience on Proton-services, the marketing and idealism are strong. However the development is slow. The basic functionality may take a long time (looking at the "search inside messages" for ProtonMail), and a bare-bones services are still priced high.
My guess is that the ProtonDrive will stay simple and doesn't try to compete in this kind of comparison. However, having email and storage in the same platform would be convenient.
Jottacloud (not zero-trust encrypted)
- Jottacloud claims to follow "strict privacy laws of Norway", so they are located in relatively safe country. It is unclear if the uploads are scanned (like with most non-encrypted providers).
- Jotta ain't as feature rich as pCloud, but the pricing is very reasonable and steady. Their marketing is not pushy at all.
- In combination with third-party encryption tool, such as Cryptomator or Rclone, Jottacloud might tick many boxes for privacy-savvy users.
- Jottacloud has integrated online version of Microsoft Office, which might come handy for occasional needs (though Office Online is free anyway)
- Jottacloud has nice photo albums and viewing images is nice. Support for different media formats is great. HEIC-images can be viewed in web-interface, unlike with pCloud.
- No selective sync. This is surprising nowadays, but Jottacloud still forces every computer to download everything in the sync-folder.
- I wish Jottacloud would support multiple synced locations. The computer client app allows backups from multiple locations, which is a little relief.
- Jottacloud's cloud-only side is called Archive. Photos uploaded there cannot be shared with authenticated users (archive sharing is only by public links). To share properly, all photos need to be kept in the sync-folder.
- To move photos to a shared album, each photo has to be selected manually. Folders cannot be shared. Shared albums have the same limitation of not being able to share to authenticated users, but only public links.
- I personally used Jottacloud as my only cloud provider for many years before I started to look for an end-to-end encrypted options. My experience with them has been good.
Note: I have no personal experience on NextCloud.
Most popular recommendation on privacy discussion groups. I don't have personal experience, but here are couple of uneducated comments.
Self hosted systems require expertise and commitment. I'm not too interested in maintaining the security updates etc. after the first installation.
I have very basic Linux-knowledge, and wouldn't trust my files are safe. This uncertainty multiplies if Nextcloud access is not limited to LAN network.
If the server would be in my home, backup service would still be needed in case of fire etc. hazards
Hosted NextCloud provider sound more suitable for me. However I've understood that NextCloud's end-to-end encryption is shaky, and I wouldn't host my data unencrypted.
Note: I have no personal experience on NAS.
- Some have face detection for photos
- Data doesn't leave far
- Fast transfer speeds, though encryption on these devices is slow
- Somewhat expensive to acquire
- Other backups are still needed to protect from fire etc. hazards
- Less protected from LAN threats, such as IOT-devices
- When configured to be accessible from outside LAN, such as iPhone on the go, security requirements become high
- The disks inside should be encrypted in case the device gets stolen, broken or simply out-dated. However full encryption has a big performance penalty.
- Requires more maintenance in overall, takes space and consumes electricity
End-to-end encrypted options
I don't have personal experience with these services, but here are some brief comments.
- Seafile - Open source application, seems like targeted for self-hosting (NextCloud alternative?).
- MEGA - Shady past and shaky reputation, but very popular. Has some streaming functionality other zero-trust providers don't have. Used to offer lots of free quota.
- Icedrive - Relatively new. Varying comments on stability and encryption. Like pCloud, their marketing mixes the encryption claims. Icedrive only has one zero-trust encrypted folder/section, other areas are not zero-trust.
- Internxt Drive - I'd need a better explanation how is it safe to share the data all over internet - what happens when some data hosts go offline? Also marketing practices are questionably.
- Opacity.io - No native apps. Related somehow to cryptocurrency.
- CryptPad - More like an office suite. Seems trustworthy, but slow and I'm not a fan of UI design. Might be useful if Google Suite is not an option.
Did I get something wrong?
Email me at