Table of contents
End-to-end encrypted, zero-trust cloud drives
Not all cloud storage providers are same. Some have great security, some shine in privacy and some are nice to use. Privacy and security can go hand-in-hand. Yet it's hard to combine advanced functionality, such as streaming video files, with top-notch privacy.
Sync.com, Tresorit and others
This comparison started as feature comparison of two popular zero-trust cloud storage options: Sync.com (from Canada) and Tresorit (from Switzerland). The original comparison supported my own purchase decision.
Filen.io (from Germany) is a competively priced new-comer that seems to tick many boxes. It's not mature and refined like Tresorit and Sync, but offers source code of it's clients.
I also compared two non zero-trust services: pCloud and Jottacloud. They offer a pleasant photo viewing experience unlike the main competitors here. pCloud also offers end-to-end encrypted folder, which I see as a marketing gimmick due to it's restrictions.
If I have too much spare time some day, I might add some mainstream services: Dropbox, OneDrive and Google Drive. They are not too interesting for a privacy-savvy users.
How I use cloud storage
I have Windows, MacOS and iOS devices. I should be able to use them all to access my cloud files. All cloud content is also locally synced to a Windows-machine, which has also other backup systems.
I'm a hobby photo- and videographer. Currently I store around 1 TB of photos and videos, organized around the capture dates. I also have graphic designs, music compositions and other creative products. Most content is for archiving, but some is in-progress.
Apart from cloud drives, a big chunk of my data is in variety of services. I store content in Apple Notes, the email provider, Standard Notes, GitHub, Figma etc.
Tresorit looks most professional. Yet, it's not three times better than Sync.com (like the price would suggest). Filen.io still needs to do a lot to prove itself.
For casual businesses I'd go with Google Suite. Especially the collaborative document editing features are essential for modern workflows. Google has top-notch security, so at least you don't loose your files (even if Google uses them to target you advertisement).
For home use, I recommend Jottacloud and/or Sync.com. Jottacloud is basic and economical. Sync.com is relatively cheap and has served me well. Sync's biggest issues are slowness and uninspiring UI design (+ the lack of Linux-client).
Power-users often run several cloud drives. pCloud and Google Drive are great at streaming videos, but don't upload there something their scanner could think is pirated.
Jottacloud 5 TB (not zero-trust) = 80 €/year
Filen.io 2 TB = 90 €/year
pCloud 2 TB (not zero-trust) = 95 €/year
Sync.com 2 TB = 96 €/year
Google One 2 TB (not zero-trust) = 100 €/year
iCloud 2 TB (not zero-trust) = 120 €/year
Dropbox 2 TB (not zero-trust) = 120 €/year
Koofr 2.5 TB (not zero-trust) = 240 €/year
Tresorit 2.5 TB = 297 €/year
Filen.io is the cheapest out of end-to-end encrypted options. Sync.com is cheaper than mainstream options like Dropbox. I haven't seen any discounts on Sync.
Tresorit lists prices without VAT, which is confusing for private customers. Occassionally Tresorit has discounts such as -40% from non-VAT price, but even then it's not that competitive.
pCloud is endlessly on fake -65% sale. When they have a real discount, they change it to -75% or so.
Norwegian Jottacloud is in it's own pricing league in this comparison, but getting full benefit would mean storing a lot of data.
Unscientific speed test
Notes on Sync.com results: After running the tests, I realized that Sync.com cannot download files larger than 500 MB in Firefox without switching to compatibility mode. In the compatibility mode, it is much faster, but not as private.
The times were measured with following files:
- 450 MB Ubuntu distribution, measured daytime August 2021
- 1.2 GB ZIP archive of files, measured daytime August 2021
- 510 MB video file (.mov), measured daytime September 2021
The transfers were done in web browser while connected to fast internet. Measurements were done without VPN from Finland metropolitan area.
Transfer speeds can vary based on many factors.
Unscientific speed test on slow internet
These transfer times are measured on a home internet connection (about 80 Mbps download and 10 Mbps upload).
Testing date was late October 2021. The file was 3 GB Ubuntu ISO.
Sync.com in compatibility mode
Sync.com (in normal mode)
Data stored in Europe
Third party audited
Doesn't scan uploads
pCloud has reports of deleted lifetime accounts (most likely for storing copyrighted content). It is impossible to verify how trustworthy these comments are.
Jottacloud has command line tools for Linux. There are also Rclone scripts available for interested.
Support large files
Earlier file versions don't use quota
Files in trash don't use quota
- Sync.com: unlimited file size.
- Tresorit: max 3 GB file for free plan, 5 GB for 500 GB plan, 10 GB for 2500 GB plan.
- Filen.io: unlimited file size.
- pCloud: unlimited file size.
- Jottacloud unlimited file size (unconfirmed).
- Sync.com stores old versions for 30 days (free account) or 180-365 days (paid account).
- Tresorit stores last 10 versions (500 GB plan) or 100 versions (2500 GB plan).
- Filen.io stores versions until deleted.
- pCloud stores old versions for 15 days (free account) or 30 days (paid account).
- Jottacloud stores last five versions.
Sharing with others
Share with logged-in users
User specific read/write permissions
Shares only consume owner's quota
Create public share link
Expiration date for share link
Jottacloud team shares are always with read & write access. Filen.io team shares are currently read-only.
Jottacloud's public link shares cannot have passwords. I'm unsure if there's any benefit of having password on a public share (the link is anyway a random set of characters and numbers).
Filen.io allows limiting link valid time for max. 30 days, others let you select a specific date.
Computer app (tested mainly on Windows)
Selective sync (choose only some folders to be synced)
Multiple sync folder pairs
Network drive view to cloud content
Automatically reconnect after connection error
Automatically continue syncing if local folder becomes available late
Block level updates (update just a part of large file)
Avoid full upload on renaming a file or folder
Avoid full upload on moved file or folder
Avoid full sync on computer reinstall, if files are intact
Block shutdown when sync is unfinished
Jottacloud, Sync.com and Filen.io support symbolic links. Symlinks enable a "light version" of syncing multiple folders. This approach is limited especially if syncing multiple computers. Jottacloud also allows automatic backups for any folder, but that's one-way sync.
Sync.com has their "CloudFiles" in beta. It should allow viewing remote files on a computer as if they were synced locally.
Automatic backup of photos and videos
Download files for offline use
Integrate with Share tray
Integrate with Files app
Unlock with Face ID (optional)
Support for document files
Search from all cloud folders
Search something inside text files
Preview text (.txt) file
Edit text (.txt) file
Preview older Ms Word (.doc) file
Preview newer Ms Word (.docx) file
Preview Markdown (.md) file
Preview ZIP-file contents
Jottacloud and paid version of Sync.com have Microsoft Office Online integrated.
In most cases, Markdown file is shown as text file.
Jottacloud and some others attempted to show the ZIP-file contents on iOS, but for me it didn't work.
Support for media files
Nice photo browsing
Stream WAV file
Stream MP3 file
Stream video file
Filen.io plays audio and video files inside web browser, but I wasn't sure if it was actually streaming them or downloading them in full first.
Cons of zero-trust encrypted clouds when run in web-browser or mobile apps
- No wide file/folder search
Media management is crippled:
- No face, item or pet recognition, or any AI-powered tools for photos or videos
- No map view or other metadata based tools for photos or videos
- No searching, viewing or sorting by image/video meta data
- Painfully slow loading of image thumbnails, not to mention full images. I wish the apps generated fast-loading thumbnails and preview versions while uploading the original images.
- Generally no support for streaming audio or video files (I've read MEGA has some sort of streaming)
- No support for viewing raw camera files
iOS-specific: Automatic photo and video backup needs
always on location permission for the app. By Apple's
design, only iCloud is allowed to backup photos and videos on
background without the "location trick".
I haven't tested others recently, but I've noticed Sync.com is actually able to upload on background without location access. It might not be as fast as it could be, but anyway it works somewhat.
Cons for Sync.com
- Slow transfer speeds from Europe, unsure if they are better in America
- Windows: On initial sync high CPU usage (this I noticed couple of years ago)
Windows and Mac: When installing Sync.com app and logging in, the
app starts to download everything from cloud to that device. I'd
prefer nothing to be locally synced before user chooses to do so.
- I do a fresh install of computers every now and then. After installing Sync.com app I have to go deselect folders from Sync.com app's settings. Then I use Explorer/Finder to manually delete the content, which I didn't want on that device, but was already downloaded while the installer was finishing.
- When deleting unnecessary content manually, there is a high risk of accidentally deleting something that should be saved.
Windows and Mac: If I add a new folder to root of synced folder,
it is automatically downloaded to all computers, even if I wanted
it only on single device.
- For example: I add a new folder "Blender models" to my home computer. The next time I visit my music studio and fire-up the mixing computer, the Sync.com app on that computer downloads this new folder. Same to fresh install installation, I have to manually unselect the Blender models folder in that PC's Sync.com app and then manually delete whatever it already downloaded.
Windows and maybe Mac: Sync.com app needs to find the sync folder
immediately when it starts, it doesn't monitor if it later becomes
- To me, this used to happen when the sync-folder was on an encrypted drive. After Windows had started, I typed the password to mount the VeraCrypt drive.
- This probably also happens if plugging in removable media
- Syncing can be started manually after mounting the container with sync folder, but it's easy to forget.
Windows: If a big file uploaded only partially before shutting
down, the upload starts from beginning next time.
- Being unable to resume makes it harder to upload large video files.
- I'm not sure if Tresorit can resume uploads either. Tresorit is faster and has tight file size limit, so this issue is not that obvious.
- iOS: Error message "Couldn't communicate with a helper application" when trying to attach cloud files to email using Sync's integration with iOS Files (tested August 2021 and again in October 2021). Probably a bug that will get fixed. In Tresorit this works as expected, though it is slow.
- iOS: No "Send with link" in iOS Share menu
- Web: Cannot download a folder (Tresorit would make a ZIP-archive and download that)
- All platforms: No log of created and revoked share links
- All platforms: Cheap looking, unpolished UI. Needs a serious facelift.
Cons for Tresorit
- Web: Doesn't show file creation/modified dates
- Windows, maybe Mac and iOS: Sends anonymous usage statistics by default. Sync.com also sends data by default, but asks for permission while installing.
- Having one paid user and free collaborators doesn't really work with Tresorit, since everyone loses their storage quota for shared files.
- When cancelling a subscription, the flow has lots of dark patterns, such as multiple confirmations with the visually primary button not being the cancellation. I haven't tried to unsubscribe from Sync.com, but at least Tresorit is nasty in this sense.
- Occasionally there are notable discounts. It's hard to settle with the service knowing the next year would be full price. Instead of random discounts, permanently lowered prices with no discounts would feel more sustainable.
Nice things for both Sync.com and Tresorit
- Web: Both have clean list of linked devices
- Windows: Files are not locked during upload and can be saved at all times. This is nice when working on something that gets saved often.
Cons for Tresorit and Sync.com
- If putting a big file to synced folder and after that small ones, both try to upload the big file first, while it could be wiser to upload the small files first.
- Cheapest end-to-end encrypted service in this comparison
- Client source code available (server code is not available)
- Web: Surprisingly fast browsing of supported images
- Web: Plays small MP3s (doesn't work in iOS). The "preview" is limited to small files like one song MP3, not for mixtapes
- Web: Plays video files (after long loading)
- Web: Has search, thought it's limited to only current folder
- Web and iOS: Has thumbnail view with nice size thumbnails
- Sharing is possible only with read permission for others
- Web and iOS: Cannot view HEIC-images (on iOS this is surprising)
- Web: When uploading photos in web browser, I didn't get thumbnails at all
- iOS: No integration to iOS Files app (promised to come some day)
- iOS: No integration to iOS Share tray
- iOS: No automatic backups of photos and videos
- Very limited documentation and quite few user reviews
- Newcomer: not proven, not audited, limited functionality and bugs
- Visually OK
- It is a company of less than five employees - longevity can be worrying.
- I actually bought a lifetime licence. However I'm not using it, but seeing if the service matures to more stable state.
pCloud (partly end-to-end encrypted)
I briefly tested pCloud with Crypto-folder around 2019.
- For Crypto-folder, probably none (Crypto is completely crippled feature-wise)
- For non-encrypted storage, pCloud has good support for viewing and streaming images, audio and media files (weirdly lacking HEIC support in web).
- pCloud is feature-rich cloud drive, if not looking for an office suite.
- Uploads are scanned for illegal content, DRM-protected content etc.
- Marketing is confusing users with all the functionality and Crypto-folder. This is misleading, since these things cannot be combined.
- Shared links contain annoying pCloud marketing. The viewer of the link will get a marketing popup and see ads for pCloud.
- Paying customers report marketing popups triggered by the native app (if pCloud app is installed).
- Web: Doesn't support viewing HEIC-images despite otherwise great support for media files
- pCloud's great media file support is lost for the files in Crypto-folder. The files need to be fully downloaded to be viewed, even the thumbnails are unavailable.
- Crypto-folder is only in cloud, there are no local versions of the files
- Content in the Crypto-folder can only be shared with pCloud business plan
- Cost efficient (depending on which cloud it is hosted)
- Open source
- Trustworthy privacy, similar to self-hosted cloud
- iOS: On a brief test, viewing media files felt fast, just like if they were natively on the mobile. Maybe they were actually cached locally (tested with iCloud as Cryptomator host).
- No web-access apart from third-party provider
No versioning of files: if files are deleted or changed often,
there is a big chance for human errors. For me this is a
- It is possible to use the host cloud's versioning. However it's hard to find the correct files among encrypted folder and file names.
- Sharing with others is "hacky" at best; based on some comments, it is possible to share a complete vault (folder cannot be shared). Editing files simultaneously might lead to catastrophe.
- More software to install: the devices need the "host cloud" app and Cryptomator. I tried Cryptomator with iCloud. On Windows-machine iCloud app is far from great. For example, it lacks "pause syncing" function).
- There are reports on lost vaults due to bugs in Cryptomator
- Installing the host cloud app creates a temptation to occasionally use it instead of encrypted (Cryptomator) storage
- Windows: By default, Cryptomator drive is mounted using FAT file system. FAT has considerable limitations, like no support for symbolic links and file size limitations. It is possible to install WinFsp and use a more advanced file system. However it's not the same to NTFS; for example the symbolic links still don't work.
- iOS: No thumbnail view yet (should come with the beta version)
- iOS: No integration to iOS Files yet (available in the beta version)
- iOS-app supports hosting inside iCloud, Dropbox, Google Drive, OneDrive or WebDAV. Apart from WebDAV, installing sync app by these big cloud providers is mandatory. Many privacy warriors hesitate installing any apps by these companies.
- iOS beta may allow choosing new providers also, for example pCloud might become an option.
It could be nice to have a "light" version of Cryptomator, which would just encrypt file contents, not the file names. This way the host cloud's versioning system would be more usable to undo errors.
I learned that Cryptomator's Android client supports pCloud, so instead of using pCloud's cripled Crypto-folder, that might be an alternative for Android-users. I'm looking forward for Cryptomator iOS client improvements.
A web-application, which runs inside web browser (there are no native apps). Uploading files is done manually, so it's not a place for a sync folder or backup.
Photo viewing looks nice, though in comparison to unencrypted services it's on slow side. This might be the most serious attempt to do cloud photo hosting with strong encryption.
I've tested the service for sharing photos with family, but at least early 2020 it only supported JPG-photos. No support for videos or HEIC-images.
Document editing feels promising. However the functionality and lack of native apps is not to my taste.
The developers are nice and responsive. I've emailed them couple of times. The project is open source, and in general very likeable.
ProtonDrive is beta. I have no personal experience on it.
Based on my earlier experience on Proton-services, the marketing and idealism are strong. However the development is slow. The basic functionality may take a long time (looking at the "search inside messages" for ProtonMail), and a bare-bones services are still priced high.
My guess is that the ProtonDrive will stay simple and doesn't try to compete in this kind of comparison. However, having email and storage in the same platform would be convenient.
Jottacloud (not zero-trust encrypted)
- Jottacloud claims to follow "strict privacy laws of Norway", so they are located in relatively safe country. It is unclear if the uploads are scanned (like with most non-encrypted providers).
- Jotta ain't as feature rich as pCloud, but the pricing is very reasonable and steady. Their marketing is not pushy at all.
- In combination with third-party encryption tool, such as Cryptomator or Rclone, Jottacloud might tick many boxes for privacy-savvy users.
- Jottacloud has integrated online version of Microsoft Office, which might come handy for occasional needs (though Office Online is free anyway)
- Jottacloud has nice photo albums and viewing images is nice. Support for different media formats is great. HEIC-images can be viewed in web-interface, unlike with pCloud.
- No selective sync. This is surprising nowadays, but Jottacloud still forces every computer to download everything in the sync-folder.
- I wish Jottacloud would support multiple synced locations. The computer client app allows backups from multiple locations, which is a little relief.
- Jottacloud's cloud-only side is called Archive. Photos uploaded there cannot be shared with authenticated users (archive sharing is only by public links). To share properly, all photos need to be kept in the sync-folder.
- To move photos to a shared album, each photo has to be selected manually. Folders cannot be shared. Shared albums have the same limitation of not being able to share to authenticated users, but only public links.
- I personally used Jottacloud as my only cloud provider for many years before I started to look for an end-to-end encrypted options. My experience with them has been good.
Note: I have no personal experience on NextCloud.
Most popular recommendation on privacy discussion groups. I don't have personal experience, but here are couple of uneducated comments.
Self hosted systems require expertise and commitment. I'm not too interested in maintaining the security updates etc. after the first installation.
I have very basic Linux-knowledge, and wouldn't trust my files are safe. This uncertainty multiplies if Nextcloud access is not limited to LAN network.
If the server would be in my home, backup service would still be needed in case of fire etc. hazards
Hosted NextCloud provider sound more suitable for me. However I've understood that NextCloud's end-to-end encryption is shaky, and I wouldn't host my data unencrypted.
Note: I have no personal experience on NAS.
- Some have face detection for photos
- Data doesn't leave far
- Fast transfer speeds, though encryption on these devices is slow
- Somewhat expensive to acquire
- Other backups are still needed to protect from fire etc. hazards
- Less protected from LAN threats, such as IOT-devices
- When configured to be accessible from outside LAN, such as iPhone on the go, security requirements become high
- The disks inside should be encrypted in case the device gets stolen, broken or simply out-dated. However full encryption has a big performance penalty.
- Requires more maintenance in overall, takes space and consumes electricity
End-to-end encrypted options
I don't have personal experience with these services, but here are some brief comments.
- Seafile - Open source application, seems like targeted for self-hosting (NextCloud alternative?).
- MEGA - Shady past and shaky reputation, but very popular. Has some streaming functionality other zero-trust providers don't have. Used to offer lots of free quota.
- Icedrive - Relatively new. Varying comments on stability and encryption. Like pCloud, their marketing mixes the encryption claims. Icedrive only has one zero-trust encrypted folder/section, other areas are not zero-trust.
- Internxt Drive - I'd need a better explanation how is it safe to share the data all over internet - what happens when some data hosts go offline? Also marketing practices are questionably.
- Opacity.io - No native apps. Related somehow to cryptocurrency.
- CryptPad - More like an office suite. Seems trustworthy, but slow and I'm not a fan of UI design. Might be useful if Google Suite is not an option.
Did I get something wrong?
Email me at