 |
| It had so much potential |
Updated 12th March 2016. Newly added notes at the end of the post.
Back in 2014 I needed to choose a robust backup / DR solution that would help me prevent loss-of-hair & brown trouser moments - e.g. ransomware or user stupidity (my own mostly). All sorted and was fortunate enough to choose one that still covers my needs.
However since then I flirted with a couple of alternatives and ended up settling on a selection of cloudy storage options.
For the personal stuff I tend to use the big names (Google, Microsoft & Apple) which are linked into device accounts. These are really low-risk, low-value data items which business adversaries or other intruding agents [hackers] would find worthless.
However there's a lot of information which is business-focused - or that which is protected under one of my businesses ICO Data Controller registrations - which need more attention.
The reason I'm writing about it now is because since evaluating options I've moved away from Windows, so the requirements are now vastly different. So because I'm primarily focused on multi-platform solutions a lot of the offerings get defenestrated immediately.
Over the last few months I've been prodding and cajoling Tresorit to fix problems with their Linux client and have now officially given up. No responses from their support desk about quite critical issues in some time. One of the issues is that - whilst I had Visual Studio Code running, and doing some project work on a Python module - Tresorit started to sync one of the tresors which houses project work.
I watched in horror as the file list started reducing in number in VSC - it was like an unstoppable terror of code deletion. Anyone who's just discovered that code they've spent days or weeks applying themselves to is lost forever will know that feeling.
At first I hadn't made the connection between Tresorit and the file emigration but then I did a sudo find / -name <scriptname> only to see it right there. In a .tresorit/Trash/.. folder!!
Nope.
Not having that. Recovered all files - and a bunch of others I hadn't spotted were missing yet. Immediately closed Tresorit and fired up my previous DR solution. It took all night to get everything back up to sync and this morning to verify everything before ditching Tresorit completely.
Crisis averted. Still no response from Tresorit despite what now appears increasingly arrogant claims vs. it's competitors in the market. The Linux client came out of beta mid-2016 so should have been rigorously tested.
It's a real shame and I'm extremely disappointed - I really like that they have 2FA across a choice of mechanisms, and claim zero-knowledge across the entire platform (including via the web client - although this is unconfirmed). I'm not concerned with state actors as I've done nothing wrong but I need something that keeps competitors or their agents out - Tresorits Swiss & EU base fits this ideology too. I like the tresor mechanism of sharing and I'm now trying to frig something similar with my DR solution.
Updates
After hearing nothing for a few weeks I prompted the Tresorit Twitter account again - this time they promised a response from their support & dev team. Five months to get a response from vendor on a critical issue (and only after complaining on social media).
The explanation given via email was more unsettling than the problem itself - they could not replicate the issue and that some fixes applied since November 2016 'may' have resolved some of the problems. What I take from that is that although none of the fixes were specifically aimed at resolving the problems I reported, they want me to see if they fix it.
In the same email the support member tried to tell me that I must have deleted the files from the tresor on a different machine, which triggered the removal on the machine in question. The problem with that is that I hadn't deleted any of the files on any other machine. The files in question were / are live code files related to an anti-spam module & reporting system I've been designing and writing - there's no way I would delete these files - I've put so much effort in. The other files I found after checking other tresors for mysteriously deleted files were legal documents I would never delete under any circumstances. I rechecked the other machine and I hadn't deleted either set of files there.
Tresorit's support suggested I check the logs - which I did - to see if any files were listed as deleted by user(s). They weren't. Essentially it was just the DR system wrongly flagging files as deleted and that removes all confidence I had using the platform in the first place.
I've since replicated what I liked about the tresor repository system within Spideroak One.
Overall, it's vindication that I made the right decision in abandoning Tresorit altogether, although I'm still wondering what was deleted that I haven't noticed yet.
