It's too bad they focused on commercial closed-source solutions providers. The ecosystem would have really benefited if they had put their efforts to, for example, do the same work with NextCloud.

The sad state of E2E encryption for cloud storage is a big part of why I wrote mobiletto [1]. It supports transparent client-side encryption for S3, B2, local storage and more. Rekeying is easy- set up a new volume, mirror to it, then remove old volume.

[1] https://github.com/cobbzilla/mobiletto

The world changes once you realize why usually encryption is capped at AES256...

Hmm, I wish the author had reviewed Proton. I think it's kind of seen as a meme here? But I heavily rely on it and generally the Proton ecosystem is getting better and better from a UX perspective

curious about iCloud with Advanced Data Protection enabled

That was a good skim for me as someone who implemented one of the first independent mega.nz clients. Useful to know especially about structure authentication and ability to swap metadata on files and move files/chunks of files around when server is compromised, when there's no e2e authentication for this. Lots of traps all around. :)

Looks like the safest bet is still to just tar everything and encrypt/sign the result in one go.

I wonder how vulnerable eg. Linux filesystem level encryption is to these kinds of attacks...

I want to see the response from sync.com on this, especially about

  Unauthenticated Key Material

  Unauthenticated Public Keys