So if you can work some magic to make that happen, that would be great 
The âvaultâ could just be a simple folder. You can put as many files and folders into that ârootâ folder and then encrypt it with GPG.
Cryptomator does not encrypt files themselves
Yes it does. If it didnât it would be useless. As soon as you lock the vault there is no real difference between the âvaultâ image and a folder encrypted with GPG, except with GPG you avoid needing a java application and itâs bloat on your system.
Besides if you want to install it youâre free to do so, but I see no need to include it.
DO NOT USE EncFS anymore! Even in the time of writing your post there were several known critical bugs. The developer himself said it is not recommended to use it anymore, especially for cloud storage because it is very likely to be possible to extract plain text data out of it if the attacker (cloud provider) has several different versions of the file.
Concerning Cryptomator: Keep in mind that the linux application is open source whereas the android app is closed.
1 Like
See the Feb edition of Linux magazine where they give this app a pretty good reviewâŚEXCEPT for the fact that it is a total resource hog.
Citation needed. 
the usually excellent arch wiki talks of some security issues which have been found in 2014 in an audit in version 1.7 and does not warn of using it. Wikipedia mentions that some of the issues from the audit have been adressed in 1.8rc1. And the last released version is 1.9.5. Neither Wikipedia nor the github pages warn of using encfs. Do you have a link to further information? I am quite curious about the vulnerabilities that it has.
EncFS seems to have some issues. I didnât have more luck either fully verifying vulnenrability or not. Generally, it is based on old standards (started in 2005) and it has a couple CVEs to itâs name. It seems notifications disagree if all have been fully fixed or not (1.7.5 was supposed to take care of the last), and probably wonât be before at least until the possible 2.X version (now in v1.9.5 / 2018-04-27). According to CVSS scoring, worst was/is somewhat serious: "A local attacker can [âŚ] cause a Denial of Service. Also multiple weak cryptographics practices have been found in encfs. " More indepth here. See also Github changelog (old log).
Regarding cloud storage, CryFS (which has a comparison table about cloud use and no CVEs yet) had this to say (without source or details): âEncFS is not secure when an attacker gets multiple versions of the same encrypted file at different times. So if you upload your files to your Dropbox and then modify them, they are not securely encrypted anymore.â This seems to suggest that comparing files allows for decryption after some process, which suggest there isnât sufficient cryptographic randomization and padding (for modern needs). And filenames are not encrypted. Of course, they are promoting their solution when pointing this out.
Btw. Cryptomator apparently can be used with other tools for additional features (server connectivity, mounting).
Now, if only people would start to use any tool to secure their dataâŚ
1 Like
Have a look at https://github.com/vgough/encfs/issues/314#issuecomment-325095995 where he mentions another project. See also the bugs which where mentioned in the first post of this issue. Many security issues have not been fixed yet and are stalled for an eventually upcoming 2.0 version.
2 Likes
Thanks, will follow up.