Ubuntu Wiki

This page lists security measures in place to protect Ubuntu One subscriber data including files and personal information.

Data transmission - We use both SSL and secure certificates to deliver Ubuntu One services in a secure manner. Secure certificates ensure that you are communicating with Ubuntu One and SSL encrypts the transmission of all subscriber data. This data include files, notes, and all other data backed-up and synchronized through your personal cloud. SSL is good enough for banks so it should be good enough for us.

To authenticate the desktop software, we use oauth. This means that the desktop has a token that passes to the server to validate it. This enables subscribers to authenticate many computers independently and remove access from any one machine just by going to the Ubuntu One website.

We do not store your files encrypted in our data storage since we need them unencrypted in order to send them to the people you choose to share with. If you are concerned about storing your files unencrypted in the Ubuntu One cloud, you could always store the files already encrypted so Ubuntu One never sees the plain text files. Doing so may prevent the proper functionality of some Ubuntu One features such as multiple computer synchronization, web browser access, and sharing with others. Some work has been done to integrate Ubuntu One with Ubuntu's encrypted private folders feature by manosx: if you're technical, you may find http://ubuntuforums.org/showthread.php?p=8517221 useful to have Ubuntu One store your data encrypted.

Additional details can be found in the Ubuntu One Terms of Service and Privacy Policy.

Personal data - Ubuntu One uses the Ubuntu Single Sign On service for user authentication. Please refer to the Ubuntu Privacy Policy for details on data security and retention.