~/tools/storage

Cloud Storage & Sync

last updated 2026-06-17 · 11 recommendations · what changed

Google Drive and Dropbox can read every file you give them: that's how search, previews, and "smart" features work. The alternatives either encrypt before upload so the provider holds ciphertext, or skip the provider entirely and sync device-to-device.

before you pick Sync is not backup. Sync faithfully replicates your mistakes: delete a file or catch ransomware, and every copy follows. Whatever you choose here, keep one versioned backup that isn't part of the sync loop (an external drive plus something like BorgBackup or restic does fine).

what actually matters

encryption model

End-to-end means the provider stores ciphertext and can't read your files. "Encrypted at rest" without E2EE means they hold the keys.

cross-platform reality

Not the platform list on the pricing page: the actual client quality on each. A "supported" OS with a half-working client isn't supported.

sharing & access

Encrypted storage you can't share links from sends people back to Google. Check the collaboration story matches your life.

company viability

Your files should outlive the vendor's funding round. Smaller companies can be excellent, as long as you keep local copies regardless.

recommendations

Filen

the default pick
🇩🇪 germanyzero-knowledge e2eeall platforms incl. linuxtransparent teamfree 10gb · from ~€2/mo

Zero-knowledge, end-to-end encrypted, genuinely cross-platform (Linux included) and priced more competitively than almost everything in the category. Development pace is slower than a VC-backed product, but the core is solid and the team's communication is unusually transparent: public roadmap, active community, real responsiveness. This is what the default cloud should look like.

good
  • Zero-knowledge E2EE by design, on every plan including free
  • Proper clients across Windows/macOS/Linux/mobile
  • Aggressive recurring pricing on the tiers still on sale
  • Public roadmap and a team that answers questions like people
mind the
  • Lifetime plans are gone: Pro Lifetime sold out, Starter Lifetime paused with no promised return
  • Smaller company, slower release cadence
  • Long-term viability is the bet, so keep local backups regardless (you should anyway)
  • Collaboration features are thinner than the big suites
10GB free · paid from ~€2/mo filen.io →

Tresorit

the premium pick
🇨🇭 switzerlande2eewell-auditedenterprise-gradefree 3gb · from ~$14/mo

Polished, enterprise-grade, and thoroughly audited, with the best cross-platform client quality in the E2EE space: notably better than Proton Drive on reliability across systems. The edge is consistency: everything works, everywhere, all the time. You pay for that edge; if Filen's pace or size gives you pause, this is the premium answer.

good
  • Reference-quality E2EE clients on every platform
  • Long audit history; Swiss jurisdiction (Swiss Post ownership)
  • Granular sharing, permissions, and team features that actually work
  • Free Basic plan now exists (3GB, 500MB file limit, 2 devices)
mind the
  • Priciest entry on this page by a clear margin
  • Enterprise focus, so personal plans feel like a side door
  • Free tier is real but tight: small storage and a 500MB file-size cap
free 3GB Basic · paid from ~$14/mo tresorit.com →

Syncthing

the no-cloud pick
peer-to-peeropen sourceno accounttls between devicesfree

Files sync directly between your devices, encrypted in transit, and no third party ever holds a copy. No account, no quota, no subscription: it just quietly keeps folders identical across your laptop, phone, and that Raspberry Pi. Pairs beautifully with a KeePassXC vault, an Obsidian vault, or a notes folder.

good
  • No server, no provider, nothing to subpoena or breach
  • Unlimited by design: your disks are the quota
  • File versioning per folder if you turn it on
  • Open source with a decade of stability
mind the
  • Two devices must be on(line) to sync; an always-on node fixes this
  • No web access or share links: it's sync, not a cloud drive
  • Android app is fine; iOS support is via a third-party app (Möbius Sync)
free, open source syncthing.net →

Proton Drive

the ecosystem pick
🇨🇭 switzerlande2eeshare linksphoto backupfree 5gb · ~€4/mo

A normal-feeling cloud drive where everything is end-to-end encrypted: files, names, share links, photo backups. If you're already paying for Proton Mail, it's effectively included and worth using for photos and sharing. As a standalone primary it's harder to recommend right now: feature rollout is slow and Linux support is notably poor (no sync client), which rules it out as a practical primary for anyone on Linux.

good
  • E2EE by default with zero configuration
  • Password-protected, expiring share links
  • Mobile photo backup that replaces Google Photos for storage
  • Effectively free if you're on a Proton bundle anyway
mind the
  • Still no Linux sync client (web/CLI only for now), though Proton has confirmed a native one is in active development
  • Slow feature cadence compared to the rest of the Proton suite
  • E2EE means no server-side search inside file contents
5GB free · 200GB from ~€4/mo proton.me/drive →

Cryptomator

the keep-your-cloud pick
client-side e2eeopen sourceworks on any cloudauditedfree desktop

Not storage: a transparent encryption layer for storage you already have. Point it at Dropbox, Google Drive, or OneDrive and it creates a vault the provider sees only as encrypted noise. The pragmatic answer when work, family, or inertia keeps you on a big-tech cloud but the contents are nobody's business.

good
  • Makes any cloud zero-knowledge after the fact
  • Open source with published independent audits
  • Desktop apps free; no account, no subscription
mind the
  • Encrypted files can't use the provider's web preview/search/sharing
  • Mobile apps are a one-time purchase (~€30, up from ~€15 before Jan 2026)
  • Filename/structure metadata protection has limits; read their docs
desktop free · mobile ~€30 one-off cryptomator.org →

Nextcloud

the self-hosted pick
self-hostedopen sourcefull suiteyou run the serverfree (your hardware)

Not just storage: a full self-hosted cloud suite covering files, calendar, contacts, and office docs, all on hardware you control entirely. Open source from top to bottom. The trade-off is real: you become the sysadmin, and a neglected instance is worse than the big-tech cloud you left. Worth it if you want full control and don't mind the setup work; a turnkey option above is the better fit otherwise.

good
  • You own the server, the data, and the jurisdiction entirely
  • Replaces files, calendar, contacts, and office docs in one suite
  • Open source with a large plugin/app ecosystem
mind the
  • You are the security team: updates, backups, exposure are on you
  • More setup work than any turnkey option on this page
  • E2EE is available but is opt-in and less seamless than dedicated E2EE clouds
free, open source (self-hosted) nextcloud.com →

pCloud

the lifetime-plan pick
🇨🇭 swiss jurisdictionlifetime plansclient-side encryption add-onnot e2ee by defaultfree 10gb

Best known for genuinely unusual lifetime plans (pay once, keep the storage). Switzerland is the company's legal home (Swiss FADP applies), but it's not a storage location: data actually lives in Dallas (US) or Luxembourg (EU), whichever region you pick. Client-side encryption exists, but it's a paid add-on, not the default: out of the box, pCloud is encrypted-at-rest like Dropbox, not zero-knowledge. Turn on the encryption add-on if you want the privacy story to match the marketing.

good
  • Lifetime plans are a real, rare differentiator
  • Swiss jurisdiction (FADP) for the company itself
  • Client-side "Crypto" encryption available as an add-on
mind the
  • No Swiss data center: storage regions are US (Dallas) or EU (Luxembourg) only
  • Client-side encryption is not on by default: it's a separate paid add-on
  • Without that add-on, pCloud can read your files like any standard cloud
  • Lifetime plans bet on the company's longevity for a very long time
10GB free · lifetime plans available pcloud.com →

Mega NZ

the generous-free-tier pick
client-side e2ee claimsgenerous free tiercheckered historyfree 20gb

A genuinely generous free tier and client-side, "zero-knowledge" encryption claims that hold up technically. The honest caveat is the company's history: Mega has a checkered ownership and legal past, tracing back to Kim Dotcom and years of associated controversy. The current technical encryption claims stand on their own merits, but the ownership history is worth knowing before you trust it with anything sensitive.

good
  • 20GB free tier is among the most generous in the category
  • Client-side encryption with reasonable technical claims
  • Cross-platform clients including Linux
mind the
  • Checkered ownership/legal history (Kim Dotcom era), worth knowing even if unrelated to current crypto
  • Less independent audit history than Tresorit or Cryptomator
  • Sharing features can undercut the zero-knowledge story if used carelessly
20GB free · paid tiers available mega.nz →

Ente Photos

the photos pick
e2eeopen sourcephotos-onlygoogle photos replacementfree 10gb

End-to-end encrypted photo backup specifically, not general file storage. From the same team as Ente Auth, with the same open source, audited-encryption approach applied to photo libraries. The most complete answer to "I want to leave Google Photos but keep automatic, encrypted backup" available right now.

good
  • End-to-end encrypted photo and video backup, automatic on mobile
  • Open source clients and server
  • From the same team behind Ente Auth: consistent track record
mind the
  • Photos and videos only, not a general file-storage replacement
  • Smaller free tier than dedicated general-purpose clouds
10GB free · paid tiers available ente.io →

IceDrive

verify before trusting
client-side encryption optionproprietary cryptonot independently auditedcheap

Cheap, with a client-side encryption option on paper. The catch: that encryption implementation is proprietary and hasn't received the kind of independent audit that Cryptomator or Tresorit have, and it's drawn real scrutiny and skepticism in the privacy community as a result. It exists, it's affordable, and some people use it without issue, but verify the crypto claims yourself before trusting it with anything sensitive.

good
  • Inexpensive plans with a client-side encryption option
  • Reasonably polished apps across platforms
mind the
  • Proprietary crypto implementation, not independently audited like the established E2EE players
  • Privacy community skepticism specifically around the encryption claims
  • Treat as "exists and is cheap" rather than a strong recommendation for sensitive files
low-cost plans icedrive.net →

Internxt

verify before trusting
🇪🇸 spainzero-knowledge claimspost-quantum claimssmaller company

Spain-based, with zero-knowledge encryption claims and marketing around post-quantum readiness. Independently audited twice by Securitum, most recently August 2025 (web, desktop, mobile, and cloud infrastructure, no major flaws found), and open source on both the client and server. Holds GDPR, ISO 27001, SOC 2, and HIPAA certifications.

good
  • Zero-knowledge encryption claims, with post-quantum cryptography marketing
  • Independently audited twice by Securitum, most recently Aug 2025, no major flaws found
  • Fully open source: both client and server code
  • EU-based (Spain), competitive pricing; GDPR, ISO 27001, SOC 2, HIPAA certified
mind the
  • Launched in 2017 as a decentralized crypto ICO; now centralized. Marketing still describes "distributed nodes" and decentralized storage; the current architecture does not
  • Documented pattern of stripping advertised features (WebDAV, CLI, backups) from lifetime plans, then charging €480-500+ for restoration
  • 2.6/5 on Trustpilot (~1,300 reviews) with widespread reports of sync failures, file loss, and support delays
  • StackSocial buyers report differential treatment; complaints have reportedly triggered account and subreddit bans
  • Reliability issues (broken sync, file corruption) undermine the value of verifiable encryption if data is inaccessible
  • Smaller company than the established players on this page
  • Bold claims (post-quantum, zero-knowledge) still benefit from continued outside scrutiny
free tier · paid plans available internxt.com →

at a glance

toolmodelprovider can readopen sourceshare linkscost
Filene2ee cloudnoyes (all clients on GitHub)yesfree–€2/mo
Tresorite2ee cloudnono (closed)yes~€10/mo
Syncthingp2p syncno provideryes (fully)nofree
Proton Drivee2ee cloudnoyesyesfree–€4/mo
Cryptomatorencryption layerno (vault)yes (fully)not encrypted onesfree–€12
Nextcloudself-hosted suitedepends on setupyes (fully)yesfree (your hardware)
pCloudcloud (e2ee add-on)yes, unless add-onno (closed)yesfree–lifetime plans
Mega NZe2ee cloudnopartial (crypto SDK open, full app not)yesfree 20GB+
Ente Photose2ee cloud (photos only)noyes (fully)yesfree 10GB+
IceDrivecloud (e2ee option)unaudited claimno (closed)yeslow-cost
Internxte2ee cloud (claimed)unaudited claimyesyesfree–paid

"provider can read" refers to file contents inside the tool's protection.

worth knowing

Mix and match: these aren't rivals. Filen for the cloud layer, Syncthing for working folders, Cryptomator over the Dropbox your family insists on. Each covers a different shape of problem, and using Filen as the sync backend for a notes app (see Notes) keeps your vendor count down.

The 3-2-1 rule still applies. Three copies, two media, one off-site. An E2EE cloud counts as the off-site copy; a versioned external drive covers the ransomware case sync can't, and doubles as your hedge on any smaller provider's longevity.

Self-hosting is a different page of trade-offs. Nextcloud replaces a whole Google Workspace on hardware you control, but you become the security team, and a neglected instance is worse than the cloud you left. Worth it for some; know what you're signing up for.

Photos are the real lock-in. They're the biggest dataset and the most personal one. Filen and Proton Drive both do mobile photo backup; Ente Photos (E2EE, from the Ente Auth people) is the dedicated-photos answer.