Do you use a VPN when uploading/downloading with rclone?
Can my ISP see what files I'm downloading/uploading without a VPN? What exactly can they see? For example can they see I'm uploading/downloading from GDrive?
hi,
the isp cannot see the contents of what you are uploading/downloading, as rclone use https for transfers.
the isp might be able to see the filenames during transfer via https headers, perhaps someone can confirm that?
once a file has been uploaded to gdrive, google could see the filename.
google could scan the contents; as to whether google does that, perhaps someone can confirm?
the solution to all of this is that rclone supports encrypting
- the content of files
- the filenames
- the folder names.
read this and let us know if you have questions.
https://rclone.org/crypt/
I encrypt all file names and directory names with rclone.
So can then the ISP still see filenames? Or anything at all?
if you setup the crypted remote correctly, then the isp cannot see anything at all.
the contents are encrypted before upload and at rest
the filenames are encrypted before upload and at rest
the folder names are encrypted before upload and at rest
But they can see that I'm downloading/uploading something to GDrive, right?
are you downloading/uploading?
from gdrive itself
or
from a crypted remote in gdrive
Downloading/Uploading from a crypted remote in gdrive.
it depends on how you setup the remote.
can you do a rclone config show gcrypt: and post the output
change gcrypt: to the name of your crypted remote
redact any passwords
[gdrive-crypt]
type = crypt
remote = gdrive:/Files/
filename_encryption = standard
directory_name_encryption = true
password = *** ENCRYPTED ***
that looks good.
- the file contents are encrypted.
- filenames are encrypted.
- the directory names are encrypted.
the isp and google cannot see anything at all, when the files are
- uploaded
- downloaded
- at rest on gdrive.
Thanks again. But just to make sure, with rclone, the ISP cannot even see that I'm sending/receiving random data to GDrive?
Yes. Your ISP will see that you are talking to the drive.google.com endpoint because the TLS negotiation will expose that (this will change in TLS1.3). They will not be able to see what you are transferring (unless you're in part of the world that forces TLS interception, in which case use VPN for everything... but this is very very rare).
It doesn't matter if you use a crypt wrapper or not; at the end of the day your ISP would see the drive.google.com and would have some idea of how much traffic you're sending or receiving.
If you use a VPN then your VPN provider will know this, instead! And, depending on how good you are with your VPN, you may still leak DNS lookup requests so your ISP may still be able to make this guess.
Thanks. This makes sense.
I do use a VPN and the DNS are safe, I've tested the leaks.
Just one more thing. Is there any reason why rclone upload is slower on Windows than on Linux? When using it on Linux, I can reach max upload speeds of 100MB/s, but with Windows it only goes as far as 20MB/s...
sure, someone/isp can see where you are transferring and how much data is being transferred.
not sure what you mean about the what. can you clarify?
the files contents, the file names and the folder names are all encrypted using rclone before upload/download.
what are the specs of the linux computer and windows computer?
same internet/router for both?
Yeah same router.
It's actually even the same computer. It's Windows 10 and I use Linux with WSL2.
It works fine except that when the VPN is on, WSL2 randomly stops working if large amount of data are going through it, so I am forced to use rclone with Windows, which is five times slower..
so windows 10 rclone is slower then wsl2, which is a linux virtual machine and overhead to make it windows friendly?
Yeah exactly. Not sure what to make of it..
are you using the same config file and same commands for both windows and wsl2?