4

I am looking for a convenient, and particularly a secure way to share files with business contacts in China. My priorities, in this order, are

  • Secure, non-hackable.
  • Accessible. I know many sites (YouTube, notably) are not universally accessible from China.
  • Ease of use.
stranger
  • 143
  • 4

5 Answers5

8

How paranoid are you?

Level 1: Use WinRAR or 7-Zip to create encrypted archives and share them over any file-sharing mechanisms. SHare the password over completely different means of communication.

Level 100: Use encryption software (Like VeraCrypt) to create an encrypted volume with a key and passphrase. Share the key separately (maybe an encrypted archive) and passphrase separately.

Level 9999: Ask your client to create a PGP key for himself and share the public key with you. You also create a PGP key with for yourself and share the public key with him. Now sign your file with your key and encrypt the file with your client's public key. Share the encrypted and signed file.

The sign can be validated by the recipient so he's sure the file is sent by you and only the recipient can decrypt the file ensuring your data is read only by your recipient.

feral_fenrir
  • 733
  • 5
  • 15
  • 5
    How is that even close to Level 9999. You have neglected the self destruct on the laptop, the tin foil hat for the building, the white noise generator, and the cyanide pill (in case of rubber hoses). – Aron Sep 16 '15 at 11:04
  • and we have a winner for Level ∞ !! – feral_fenrir Sep 16 '15 at 12:49
  • Dude, I haven't even gotten to importing all the bricks that make up your office. http://www.moscowveteran.org/sites/default/files/Moscow%20Embassy%20Construction%202012-08-21.pdf – Aron Sep 16 '15 at 13:05
3

You won't find a "non-hackable" system. Do you think that Dropbox and Google are non-hackable?

I think the best that you can do is to encrypt and decrypt files on your clients and then use any convenient file sharing service. The general opinion of answers of this Quora question is that using China-based file sharing services are least-likely to be blocked. 115.com is one that is suggested for having a good English translation.

As far as the encryption work, encrypted 7zip or zip (using AES encryption, not default encryption) files seem a fine choice though you could use other tools.

Edit: Added specifics about secure encryption thanks to comment by @Philipp

Neil Smithline
  • 14,702
  • 4
  • 38
  • 55
  • 4
    When using encrypted ZIP files, it is important to use an archive manager which supports AES encryption of zip archives. The standard Windows explorer, for example, only supports the standard ZIP encryption [which is very weak and cryptographically vulnerable](http://math.ucr.edu/~mike/zipattacks.pdf). – Philipp Sep 15 '15 at 08:43
  • Good point @Philipp - I updated answer – Neil Smithline Sep 15 '15 at 12:52
2

Set up your own ftp server and configure it to only allows implicit FTPS (encrypted ftp) with server-sided certificates and client-sided certificates. Also adding a client-sided password as an additional authentication factor is optional.

Most FTP clients support this out-of-the-box.

When it runs on your own server it is unlikely to be blocked unless you are targeted specifically.

Philipp
  • 49,017
  • 8
  • 127
  • 158
0

You have to encrypt your data locally prior leaving your computer. Send it to your client. The client in China will decrypt the data and use it. Your client will than encrypt data locally prior to sending to you.

PGP is universal (Windows, OS X, Linux, BSD). You encrypt folder(s) or file(s) with their key for them, and they encrypt it with your key for you.

For more security use GNU/Linux (preferably a distribution relying on free software only, such as Debian). Your client will add extra security layer as the Full Disk Encryption and firewall. It is important because the end point security is also very weak. Debian GNU/Linux will add more security (to avoid keyloggers, ransomware) and FDE in the case the computer gets stolen.

WhiteWinterWolf
  • 19,142
  • 4
  • 59
  • 107
octo
  • 1
  • 1
  • 3
    Please try to tone down the fanboyism. Debian is not particularly more or less secure than other Linux distributions. – Philipp Sep 15 '15 at 08:51
  • Fanboyism not here. Please give me proof of your response. Debian is extremely popular distribution. If I compare it with Mint, Ubuntu or RedHat (Fedora) - yes it is much more secure. All of these use non-free, even closed source software. Ubuntu and Fedora are under private corporations' control. – octo Sep 15 '15 at 08:55
-1

Well, because of Great China Firewall the vast majority of file sharing services do not work in Mainland China. A lot of users in China opt to use VPNs (virtual private network) to access all the platforms that are blocked by Firewall. VPNs use encryption and security protocols, so it is not publicly visible what services are you using via VPN. However the China’s government is constantly blocking these VPNs, and they are being shut down every now and then. From January 2017 China's Great Firewall is doubling up on VPN regulation, and Chinese government has tightened their grip on internet use in the country through a 14-month long campaign that will target the use of virtual private networks (VPNs) and other "illegal" internet.

That’s why I see you are looking for a file sharing platform that works across the Firewall. I work for Maytech, secure data transfer and storage company, we offer two online storages that work in China, both of them are registered on G-Cloud and accredited by the Cabinet Office for confidential data up to Official Sensitive: Quatrix and FTP Stream.

Quatrix - easy to deploy, easy to use, yet provides strong encryption both at rest and in transit, granular permissions, and a full audit trail.Quatrix provides pin protection for share; 2FA for user login, Outlook integration; secure connection over HTTPS and SFTP; PGP module; customization and branding.

FTP Stream China - a hosted ftp data transfer platform that enables you to rapidly send and receive files to China of any size securely and with no bandwidth limits; total site branding; HTTPS, FTP, SFTP transfer protocols; full logging and tracking for compliance; embed file transfer right into your website.

Anastasia
  • 19
  • 4
  • 1
    The OP is not looking for a product, but a technique and process. – schroeder Apr 10 '17 at 08:29
  • Thanks for your comments, Schroeder. I'm sure there is some technique or process to send files to China, however I do not really know how it all works from technical side – Anastasia Apr 18 '17 at 08:08