[Lex Computer & Tech Group/LCTG] one drive -- Interesting
Drew King
dking65 at kingconsulting.us
Mon Nov 3 07:23:24 PST 2025
Perhaps I should have been more precise. You can not use encryption on
those documents that you want to create and edit in a *web browser or
mobile office apps*.
If you are using Windows, Mac, or Linux, you have the choice/option to
encrypt your Office documents with Cryptomator or Rclone. You just need
to separate out the files that you want to have accessible via web browser.
If you are using desktop office software, not a browser, you can encrypt
whatever you wish to.
Personally, I mostly use LibreOffice, although I do own a license for MS
Office 2019. Some documents are stored unencrypted, but those that are
sensitive, like legal documents I exchange with my attorney, are all
encrypted on my OneDrive storage.
My LibreOffice docs, that I create on Linux, are mostly encrypted with
either Cryptomator or Rclone.
If you are a subscriber to Microsoft 365, you are purchasing along with
the 1 terabyte of storage, a suite of Windows software that absolutely
exists on Windows, and your files get saved via Windows File Explorer to
either your local PC, or OneDrive cloud storage. Any or all of these
files can be encrypted.
You absolutely can, and I do, encrypt my Word .docx files that get
stored on my OneDrive cloud storage. The part that I may not have made
clear is that encrypted files can not be accessed in a web browser and
the online version of Word.
Everyone who subscribes to 365, the approximately $100/year product from
Microsoft, does NOT live ONLY in the cloud. Everyone uses real Windows
files that can be encrypted before they get stored in the cloud. The
other side of this is that you can't use the cloud version of Word to
open those encrypted files. That is a trade-off for those who choose to
encrypt their data.
The folks who don't pay anything, or those who pay $20/year for basic
versions of the online only office suite can't use Cryptomator to
encrypt that specific data.
It's simply a matter of choice. I decide not to live only in web apps
that require a browser.
------------------------------------------------------------------------
------------------------------------------------------------------------
------------------------------------------------------------------------
EMAIL ENCRYPTION
On occasion, many of us need to send someone a piece even if it's small
of sensitive information that you would rather not have in a clear text
email. There is a very simple and Free Solution.
Proton offers a free tier of their email system. I have one of their
free accounts that I needed to use just this morning. I needed to send
my financial advisor my bank account routing number and account number.
The free proton mail the feature that allows you to protect an email
with a password that you can send to anyone and they are not required to
have anything special other than their normal email. You can include a
password hint in the email or give it to the other person some other
way. My financial advisor and I have a password that we use when we
send each other information that is secured. Occasionally I need to
fill out a form using a system called DocuSign that requires a
password. I know what that password is and my financial advisor knows
what the password is that they need to open password protected email
that I send them via proton.
I highly recommend everyone look into a free proton mail account.
Similarly, my email, for the most part, also gets stored in an encrypted
format on my mail server. I subscribe to a service from
Proton/Simplelogin that encrypts inbound email before it arrives on my
mail server.
Mail sent to dking65 at kingconsulting.us is not encrypted on my server.
Mail sent to drew at doodles.simplelogin.com does go through an encryption
process before email lands on the server.
Mail sent to my email alias addresses via https://simplelogin.io/ are
all encrypted by Simplelogin before they get delivered to me.
Simplelogin has a copy of my public PGP key that they use to encrypt my
inbound email before it gets routed to my mail server.
If I do choose to read my email in a browser, I must do so with a
browser extension that handles the decryption so I can read what's on
the server. Otherwise, I must read my email with Thunderbird/Betterbird
email software. Betterbird has my PGP secret key and can decrypt all the
mail automatically.
Drew.
On 11/3/2025 1:03 AM, Robert Primak wrote:
>
>
> On Sunday, November 2, 2025 at 01:11:58 PM EST, Drew King via LCTG
> <lctg at lists.toku.us> wrote:
>
> Drew,
>
> What you say would be great for your own, locally generated content.
>
> But Outlook.com doesn't have a local option, and Microsoft/Office 365
> is entirely in the Cloud. You don't start with local documents, etc.
> So your data are never encrypted to begin with. Microsoft (or any
> other Cloud App provider) is free to do whatever they want when the
> app is in the Cloud and makes its first save/autosave to the same
> Cloud environment.
>
> You truly have no choice in such a situation. You can use a VPN to get
> to your Cloud computing environment, but once you're logged in,
> nothing is encrypted where it is created. "Local Save" means only that
> a copy is downloaded after the fact. The programs/services are all in
> the Cloud.
>
> Right now, there are very limited local options, but those are
> disappearing from Windows and Mac. The only alternative is to forego
> all Microsoft and Apple branded and Store applications, and use only
> freeware or locally installed, licensed software. So far those are
> still options, though companies like Intuit (Quick Books) and Adobe
> (Photoshop) have moved to entirely Cloud App subscription services.
>
> This is becoming the norm/default for more and more "Software/App/OS
> as a Service" products/subscriptions.
>
> Rumors have it that Windows 12 will be so Cloud-centric that by
> default the only thing you'll be doing which originates locally is
> logging into your device (with a Microsoft Cloud Account). Even for
> Pro users. The desktop will be Cloud-only. And Copilot AI will be
> everywhere, so you can't avoid all your inputs being seen and
> manipulated by Microsoft. Microsoft is far from alone in these trends.
>
> Microsoft as of Windows 11 25H2 has made it much more difficult to
> even set up a local Administrator Account.
>
> And don't get the idea that Apple is going any different direction.
>
> Another piece of fallout from these changes: Backing up your system
> and programs will no longer matter. You can't refuse an update to a
> program in the Cloud whose interface you used to like but now can't
> stand due to recent changes. And you can't restore the apps or your
> Cloud desktop to a previous condition or settings. You can download
> and store local copies of your data. Which is useless if the Cloud App
> goes away or changes its formats so your old files won't work in the
> app anymore. If you stop paying for the services, or if the services
> go away, your data may become useless. (Maybe we need to go back to
> paper printouts and screenshots/video captures?)
>
> Backup as we've known it, even for businesses, is going away.
>
> -- Bob Primak
>
>
> All,
>
> Regarding encryption, I suggest looking into https://cryptomator.org/
> <https://cryptomator.org/>
>
> I'm also a VPN advocate. My connections to the Internet are ALWAYS
> encrypted.
>
> My new router supports device level encryption using my Nordvpn.com
> account. Although I still run Nordvpn on my PC's, I can, and do let it
> encrypt each of my virtual machines.
>
> https://windscribe.com/ <https://windscribe.com/> is a very good VPN
> with a FREE option. You get 10GB of transfer data per month!
>
> Black Friday sales are coming, so browse the options. Nordvpn also
> protects you from malware, and ads. All your downloads, and web
> content are scanned BEFORE they get to your browser! All referrals get
> 3 extra months free.
>
>
> They support Windows, Mac, and Linux for free. Mobile apps have a fee.
>
> I don't encrypt EVERYTHING, but anything I don't want cloud providers
> reading, absolutely!
>
> Cryptomator revolves around "Vaults". Vaults are folders with files in
> them. You can, on Windows, mount the vault as a drive letter, and
> everywhere you can mount as a folder.
>
> *We can do a potpourri on Cryptomator/encryption if there is
> interest? Rclone, which I also use, handles encryption.*
>
> All the cloud providers scan your files in detail. I was caught off
> guard by Pcloud a few years ago. Pcloud is my backup cloud drive for
> Google and Microsoft. The first time I copied my data from Google to
> pcloud I got locked out of my pcloud account shortly afterwards and
> after contacting technical support I learned that it was because of a
> violation of their terms of service! I had a single PDF file on my
> Google Drive that was a news article referencing the war in Iraq and
> it specifically mentioned ISIS. It was the content of this PDF file
> that Google was perfectly fine with that caused the violation. I
> asked pCloud to delete anything they felt was in violation of their
> policy in exchange for letting me back into my account, and they
> agreed. Afterward I learned that it was this single file that was the
> root of the problem. Pcloud, and all others, scan all of your
> documents in detail. Basically reading through them word by word and
> using technology to discover what the content is and what it references.
>
> Now that we have all of this AI technology, it is certain that they
> know about everything that you write and store in the cloud.
>
> *Don't put anything in the cloud unencrypted that you don't want your
> cloud provider to read in detail!*
>
> These are the cloud providers they support on mobile. Any cloud on
> your PC works.
>
>
>
>
> On 11/2/2025 11:09 AM, Robert Primak via LCTG wrote:
> Well, it's at least as private as Amazon's Alexa from their home
> assistant series of IoT devices. Emoji
>
> Google's drive and email services and Yahoo's email services do
> exactly the same thing. Emoji
>
> If you want it to be private, encrypt it before uploading it. Emoji
>
> Oh wait, Microsoft has a Cloud-first save default. Sorry, my bad. You
> can't encrypt these automatic OneDrive saves. Emoji (This applies
> especially to Office 365 and Outlook.com.)
>
> So how's Apple's privacy in iCloud looking these days? Emoji
>
> Since these services all include subscription upgrades, I see no
> argument that for a free service, you are the product. These services
> are free as in free beer. Once you really start using them, you have
> to pay for more storage or subscribe to a paid product or service.
>
> -- Bob Primak
>
>
> On Saturday, November 1, 2025 at 01:27:06 PM EDT, John Rudy via LCTG
> <lctg at lists.toku.us> <mailto:lctg at lists.toku.us> wrote:
>
>
> This is like “AI searches are private and not remembered”. Well, maybe
>
> If you do a search on bomb making expect to get an FBI visit
>
> John Rudy
>
> 781-861-0402
>
> 781-718-8334 cell
>
> 13 Hawthorne Lane
>
> Bedford MA
>
> jjrudy1 at comcast.net <mailto:jjrudy1 at comcast.net>
>
> *From:*Rich Moffitt <rich at richmoffitt.org> <mailto:rich at richmoffitt.org>
> *Sent:* Saturday, November 1, 2025 11:15 AM
> *To:* john rudy <jjrudy1 at comcast.net> <mailto:jjrudy1 at comcast.net>
> *Cc:* Lex Computer Group <lctg at lists.toku.us> <mailto:lctg at lists.toku.us>
> *Subject:* Re: [Lex Computer & Tech Group/LCTG] one drive -- Interesting
>
> Hi, John. What you're seeing isn't sharing with other people (not even
> Microsoft employees, through a combination of encryption, access
> controls, and pinky swears). Microsoft would probably tell you that
> what you saw is still considered "private to you." Instead, it's
> software services built into the platform reading the files that you
> uploaded to them to deliver the memories feature.
>
> On Sat, Nov 1, 2025, 10:05 AM John Rudy via LCTG <lctg at lists.toku.us
> <mailto:lctg at lists.toku.us>> wrote:
>
> I have just started getting messages from onedrive (OneDrive
> photos at onedrive.com <mailto:photos at onedrive.com>) containing a
> small group of photos and the message
>
> I thought my onedrive account was private to me. Apparently not.
>
> When I click on “View all memories” I am asked to log in to Microsoft.
>
> I went to gemini.ai <http://gemini.ai> and asked about onedrive
> privacy. Here is a portion of what it responded:
>
> Managing your OneDrive photos' privacy involves controlling
> sharing permissions and using specific privacy features. Here are
> the main ways to do so:
>
> *1. Control Sharing Permissions*
>
> The most direct way to manage privacy is by controlling who has
> access to your files and folders.
>
> * *Sharing Individual Photos/Folders:*
>
> o *Right-click* on the photo or folder you want to manage.
> o Select *Share* or *Manage access* [1].
> o In the sharing dialogue, you can:
>
> + See who currently has access [1].
>
> + Stop sharing entirely.
>
> + Change permissions from "can edit" to "can view"
> (read-only).
>
> + Remove specific users [1].
>
> + Set an expiration date for the shared link [1].
>
> + Set a password for the link (with a Microsoft 365
> subscription) [1].
>
> John Rudy
>
> 781-861-0402
>
> 781-718-8334 cell
>
> 13 Hawthorne Lane
> <https://www.google.com/maps/search/13+Hawthorne+Lane+Bedford+MA?entry=gmail&source=g>
>
> Bedford MA
> <https://www.google.com/maps/search/13+Hawthorne+Lane+Bedford+MA?entry=gmail&source=g>
>
> jjrudy1 at comcast.net <mailto:jjrudy1 at comcast.net>
>
> ===============================================
> ::The Lexington Computer and Technology Group Mailing List::
> Reply goes to sender only; Reply All to send to list.
> Send to the list: LCTG at lists.toku.us <mailto:LCTG at lists.toku.us>
> Message archives: http://lists.toku.us/pipermail/lctg-toku.us/
> <http://lists.toku.us/pipermail/lctg-toku.us/>
> To subscribe: email lctg-subscribe at toku.us
> <mailto:lctg-subscribe at toku.us> To unsubscribe: email
> lctg-unsubscribe at toku.us <mailto:lctg-unsubscribe at toku.us>
> Future and Past meeting information: http://LCTG.toku.us
> <http://LCTG.toku.us>
> List information: http://lists.toku.us/listinfo.cgi/lctg-toku.us
> <http://lists.toku.us/listinfo.cgi/lctg-toku.us>
> This message was sent to rich at richmoffitt.org
> <mailto:rich at richmoffitt.org>.
> Set your list options:
> http://lists.toku.us/options.cgi/lctg-toku.us/rich@richmoffitt.org
> <http://lists.toku.us/options.cgi/lctg-toku.us/rich@richmoffitt.org>
>
> ===============================================
> ::The Lexington Computer and Technology Group Mailing List::
> Reply goes to sender only; Reply All to send to list.
> Send to the list: LCTG at lists.toku.us <mailto:LCTG at lists.toku.us>
> Message archives: http://lists.toku.us/pipermail/lctg-toku.us/
> <http://lists.toku.us/pipermail/lctg-toku.us/>
> To subscribe: email lctg-subscribe at toku.us
> <mailto:lctg-subscribe at toku.us> To unsubscribe: email
> lctg-unsubscribe at toku.us <mailto:lctg-unsubscribe at toku.us>
> Future and Past meeting information: http://LCTG.toku.us
> <http://LCTG.toku.us>
> List information: http://lists.toku.us/listinfo.cgi/lctg-toku.us
> <http://lists.toku.us/listinfo.cgi/lctg-toku.us>
> This message was sent to bobprimak at yahoo.com.
> <mailto:bobprimak at yahoo.com.>
> Set your list options:
> http://lists.toku.us/options.cgi/lctg-toku.us/bobprimak@yahoo.com
> <http://lists.toku.us/options.cgi/lctg-toku.us/bobprimak@yahoo.com>
>
> ===============================================
> ::The Lexington Computer and Technology Group Mailing List::
> Reply goes to sender only; Reply All to send to list.
> Send to the list:LCTG at lists.toku.us <mailto:LCTG at lists.toku.us> Message archives:http://lists.toku.us/pipermail/lctg-toku.us/ <http://lists.toku.us/pipermail/lctg-toku.us/>
> To subscribe: emaillctg-subscribe at toku.us <mailto:lctg-subscribe at toku.us> To unsubscribe: emaillctg-unsubscribe at toku.us <mailto:lctg-unsubscribe at toku.us>
> Future and Past meeting information:http://LCTG.toku.us <http://LCTG.toku.us>
> List information:http://lists.toku.us/listinfo.cgi/lctg-toku.us <http://lists.toku.us/listinfo.cgi/lctg-toku.us>
> This message was sent todking65 at kingconsulting.us <mailto:dking65 at kingconsulting.us>.
> Set your list options:http://lists.toku.us/options.cgi/lctg-toku.us/dking65@kingconsulting.us <http://lists.toku.us/options.cgi/lctg-toku.us/dking65@kingconsulting.us>
> --
> Drew King
>
>
>
> ===============================================
> ::The Lexington Computer and Technology Group Mailing List::
> Reply goes to sender only; Reply All to send to list.
> Send to the list: LCTG at lists.toku.us Message archives:
> http://lists.toku.us/pipermail/lctg-toku.us/
> To subscribe: email lctg-subscribe at toku.us To unsubscribe: email
> lctg-unsubscribe at toku.us
> Future and Past meeting information: http://LCTG.toku.us
> <http://LCTG.toku.us>
> List information: http://lists.toku.us/listinfo.cgi/lctg-toku.us
> This message was sent to bobprimak at yahoo.com.
> Set your list options:
> http://lists.toku.us/options.cgi/lctg-toku.us/bobprimak@yahoo.com
--
Drew King
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.toku.us/pipermail/lctg-toku.us/attachments/20251103/2285b449/attachment.htm>
More information about the LCTG
mailing list