Slashdot Mirror
Dropbox Can't See Your Dat– Er, Never Mind
bizwriter writes "Dropbox, the online backup and file sharing service claims to have hit 25 million users in a single year. But a change in terms, noting that Dropbox will give up data to law enforcement under a legal request, showed that the company's security claims couldn't be possible. It turns out that Dropbox claims in one place that encrypted data makes it impossible for employees to see into user files, but in another says that they're only 'prohibited' from doing so."
Everyday I get a corporate client asking me why they can't just do all their work on the cloud. Here's the perfect reason why.
When the foot seeks the place of the head, the line is crossed. Know your place. Keep your place. Be a shoe.
it just depends on the encryption and all. And wether there is a backdoor or not. They are lying, the question is to whom ?
Just Encrypt it
This is a common question, which I'm sure has come up in legal battles. When you upload data to someone else's server, does the data belong to you or does it belong to the person/company that actually owns the hardware? I'm sure for law enforcement folks, they want it both ways.
Consider if the data service in question is raided because an employee had child pornography. They raid the company because he employee used hardware to hid his stash. Now everyone's data is available for search.
IANAL but it seems like if you insist on using these services, you have to give up certain rights. Or you can just encrypt all of your data before uploading. But then, if the hardware is ceased, you no longer have a backup.
We don't live in Shouldland.
How does Dropbox define "valid legal process"? Do they mean something like, I don't know, receiving an actual search warrant? Or do they mean rolling over when the police say, "Hey, um, we'd just like to look at all these users' files. We have no warrant or real reason to do so, but we think someone might potentially be doing something illegal and we promise we're only working to 'protect' people and all that jazz."
Keep your eyes to the sky.
How do you mount an encrypted disk image on Android? And what if it's updated through Dropbox?
Stop the brainwash
Wuala uses end-to-end encryption, ie. the data is encrypted and decrypted on the client. The employees can't access your data since they don't have the encryption key. This means you lose your data if you lose the key. It also means you can't access all your data in a convenient web interface -- though you can mark individual folders as being shared on the web (which obviously means trusting the server operators with the encryption key for that folder). I think it's a much more trustworthy model than Dropbox, and the Linux integration works well for me. Too bad it's not open source; IMO they should at least open-source the client component, for security and trust reasons if nothing else.
Switch back to Slashdot's D1 system.
....AFAIK, Dropbox has full support for Truecrypt volumes. Simple solution to this delimma? Take the encryption "problem" away from Dropbox and use your own.
http://www.washingtonpost.com/wp-dyn/content/article/2007/03/22/AR2007032201882.html
Does that story give you the creeps or not?
So the government can make you rat on your clients and you can't even tell your own people your doing the work of the government
* Winners compare their achievements to their goals, losers compare theirs to that of others.
Uh oh... I keep my 4chan folder on Dropbox. Better go delete some things...
Dropbox lied. No two ways about it. But this why you never store anything sensitive in "the cloud" anyway.
Agile Artisans
Is this really dropbox or Amazon that is behind this policy? While people rant and rave about dropbox, in the end it's really just a fancy front end onto Amazon's S3 service. Your data is actually stored on Amazon's servers and my guess is that it's ultimately Amazon that dictates policies such as this.
Monstar L
Is SFTP, mounted with SSHFS, where I create a Truecrypt volume which is finally mounted as an encrypted disc. Open source, well proven, reliable technology. Another benefit is that I can choose between the millions of different SFTP clients, so I can use software specialized for my needs!
Maybe it comes from working in IT, but I always assume that if someone else is holding my data, they can access it. It doesn't interest me what they say - that's my basic starting assumption. So I always assumed that Dropbox could get to my data, and if I cared about the privacy of that data I just encrypted the files myself first.
It's my data, I'm in control of it. Giving it up to someone else and hoping they keep it safe is silly.
I'm surprised so many people are surprised (and I wonder if the people are are surprised haven't been in IT long?)
If you have sensitive [or embarrassing] data, just do not store it on the cloud. Period. Do not trust Encryption. Do not trust what the cloud storage companies may claim. The terms may change on ce it is too late to remove your files.
I am Linux And Windows 7 was NOT my idea !
...but it's not a safe deposit box. It may actually be more like a storage unit or a bus station rental locker. In both cases, the owner of the container and the police can search at will, and you have no expectations of privacy from them. The only reasonable expectation is that the the owners of other lockers won't get your old sweat sox.
This is simple. If you use a service like dropbox, simply house an encrypted "disk" on the site. You can put anything you want in it, but dropbox doesn't have the key. Sure, if you put a naked file up there, and they encrypt it for you, *they* have the key. If you're that worried about your files, it's probably not a good place for them.
Seriously, is anyone really surprised by this? I use DropBox, and not once have I considered that my data in DropBox is completely private. Sure, I use it for transferring some documents that are potentially sensitive (a lot of documentation on a lawsuit I'm involved in for example) but where there's sensitive data I always encrypt the documents myself with TrueCrypt.
This is precisely why I think the "cloud" is a bad idea for corporations. Until there are guarantees and safeguards against data theft or loss there is no way that I would entrust my company's critical data to a third party provider. Yes, the costs of managing that data myself are higher but the risk of that data getting out of our control and management is greatly mitigated.
And what about a data breach? Loss of data due to crackers? Seriously... all it's going to take is for one of these cloud providers to become big enough that the majority of corporations using their services are completely without options when a breach occurs. The big provider can simply turn around and say "Well, crap happens but who else are you going to turn to?" and there's nothing the average corporation can do about it. There may be financial guarantees in place, but simply put the cat is already out of the bag at that point.
valuable/confidential data on servers you don't personally fully control, you're deserving whatever you get.
And by this I don't mean you shouldn't use things like DropBox. DropBox is great and cheap and easy to use for what it does. Just don't use it for things you don't want to get into the wrong hands or at least encrypt your data beforehand. What's so hard to understand here? And this of course is not limited to DropBox. If you have a rented server out there it may be "yours" but what do you think will the company you're renting it from do when push comes to shove?
Seems like in the past few days I've seen fewer and fewer posts modded up or down.
Hail Eris, full of mischief...
E pluribus sanguinem
Encrypting your files before drop-box gets hold of them is fine EXCEPT you are trusting the drop box client you installed on your machine to: 1) Not watch you encrypting those files, and sniff the password. 2) Not make other files on your computer available to law enforcement There used to be a 3) Encrypt your files in the cloud and not give anyone access. But your trust in number 3) has already shown to be wrong. Tell me why you still have faith in 1) and 2) again?
I still don't get what the big deal is. What does dropbox do that can't be done with a simple sftp site (other than some free online storage)?
Dropbox, like any and every other internet entity, is subject to the laws of their land, and therefore must provide data when requested by valid court order. As for Dropbox having access to my data, again, this is not a surprise considering my first point.
Personally, the utility of Dropbox is worth the risk. However, it is incumbent on me to be careful what data I put on Dropbox, and in what format. When I put sensitive data on Dropbox, it has been encrypted. Since I am sharing files on multiple computers I really don't want this data accessible anyway.
I recommend Dropbox, Mozy, Carbonite and all the others to family and friends because it is painless file backup. I also warn them that data backed up to the cloud is accessible by people we hope are moral and altruistic. I warn them that they may not be.
So pardon me for saying big effin' deal...
A clever person solves a problem, A wise person avoids it. -Einstein
Simple solution: Use a Truecrypt volume for your private files and loose Dropbox for anything non-private. If you want something better than that, roll your own solution on your own servers. If you don't know how something works, don't trust it outright.
Most posters in comments say âoeencrypt your data before putting it in the dropbox folderâ as a solution. They blithely ignore that the drop box closed source client with unknown capabilities sits on the computer running all the time. And itâ(TM)s safe to encrypt your data on a computer running a program that already been shown to have have deliberately violated your trust? It could sniff passwords during encryption, it could make available ANY files on your computer not just the ones you want, it could do anything. The point is we donâ(TM)t know what it can/canâ(TM)t/could do, and we trust the rest of the computer it sits on? Not having a go at drop box, Iâ(TM)m still going to keep using it, but astonished by the lunacy being displayed by users of a techie site. Encrypting your data on a computer running a program that has already shown to abuse/not respect trust is just crazy!!!!
Drop it like a Box of rocks
just encrypt the file *prior* to uploading it... problem solved
Sure the users data can be encrypted with whatever algorithm but it is obvious they have the keys too and can unencrypt at will. To access files user only needs to provide a password which can be recovered via email. Duh.
Read the EULA.
I have a dropbox account and don't remember seeing that section where they claimed they couldn't read my files. I'm certain I read it, but I never would have believed it to mean they were truly unable to read my files -- if they encrypted them before storing them, they'd have to be able to decrypt them to send them back to me, or to track changes. Did someone actually think they had an irreversible encryption process which could somehow be reversed by the magic between them and me? A one time pad which somehow evaporated while sending files back to me? It might be reasonable to think they have some sort of access controls so ordinary people there can't browser customer data, but I never would have put any ironclad faith in such policies. That's wy it was common knowledge, near as I could tell, all round the web that you needed to encrypt backups and such yourself before sending them to dropbox.
I don't understand why anyone would expect otherwise. This is a tempest in a teapot.
Infuriate left and right
Either by cockup or design, your entire (Windows PC) hard disk's contents can be compromised by dropbox because of shoddy authentication method... http://www.theregister.co.uk/2011/04/12/dropbox_security/
Anyone that has done any of their challenges knew this. IF they can drop files into your dropbox without giving them permission then that means it's not encrypted. or has a known key.
Do not look at laser with remaining good eye.
Hierarchical organizations are subject to the threats and favors of the state. Keep your data at home where the Fourth Amendment still (sort of) exists.
"All your data is encrypted" and "we'll give the cops some files" aren't mutually exclusive, if they give the cops encrypted files...
I mod down anyone who says "I will be modded down for this", regardless of the rest of their comment
There's a simple solution to this that I already use - I keep an encrypted Truecrypt volume in my Dropbox folder. It syncs over fine and is backed up but the only thing they see is the encrypted volume.
"People who think they know everything are very annoying to those of us who do."-Mark Twain
XOR your data with entropy from /dev/urandom before uploading them.
Easy peasy...
(I was actually kidding but now I'm tempted...this can be the poor man's one-time-pad.)
Too bad SpiderOak's synchronization doesn't work most of the time. Otherwise, it would be a great alternative.
Is it just my observation, or are there way too many stupid people in the world?
Hello,
I use encfs. You don't end up with a large monolithic file. Instead, a directory is created that stores all your files in encrypted format. An advantage is that your data on disk is stored encrypted--even the filenames. It is only decrypted in your core memory and in any "temporary backup" files your application may store elsewhere. There's a performance hit, though.
I then use rsync to back up the encrypted data. Your data is secure to all but the likes of keyloggers, applications that leave garbage outside of your secure dir and memory, root compromise of your machine, or walking away from your machine with the data unlocked.
I think it is even secure to some small degree from root compromise of your machine, though I'm not sure how. By this I don't mean that someone with root couldn't get your data one way or another, I just mean they'd have to work at it a bit. I admit I could be underestimating the strength of the security against root compromise.
I can't speak to the strength of the encryption used or the strength of the implementation, however, they seem to be using AES or another few choices of encryption algorithm. AES, if done right, can be strong encryption.
I really like how it works, though. I've had no problems with it other than the occasional problem remembering my key (fortunately temporary.)
Best,
--PeterM
Steganography and plausible deniability remain open to your consideration The question also is how would they prohibit such encrypted/obscured uploads anyway? Unless they scan upload on the fly to see if they're a known openable/parsable filetype or distinguishable binary format.
Take a look at SpiderOak (http://www.spideroak.com). Their fundamental security policy is "zero knowledge", meaning that their services works in such a way that everything is encrypted from the client. This is powerful stuff.
Just put a single DMG in your dropbox, an encrypted disk image. Then they can look at your DMG file all they want unless they feel like dealing with AES256.
I work for the Department of Redundancy Department.
Of course DropBox can see your data. Of course they can turn it over to the authorities. Even if they are encrypting it on arrival, they have to decrypt it to send it back to you.
Unless the end-user has full control over the keys used for the encryption and only the public key is ever supplied to DropBox's servers (i.e. if all encryption/decryption is done by the client) AND the encryption algorithm has no known exploit, can this be even considered remotely safe.
- Anonymous "Tin-Hat" Coward
- avoiding all things 'Cloud' since Final Fantasy 7.
I don't doubt that they encrypt your data using military encryption when they store it on their servers, the problem is that they also have access to the encryption keys. Many people have a hard enough time remembering passwords, let alone remembering to save encryption keys somewhere safe. Dropbox wouldn't be as popular as it is if people were too intimidated by the complexity of managing encryption. Sounds like they made a business decision to focus on ease of use over security.
I am a security consultant and recently spent a great deal of time revamping the security program of another major cloud storage provider. When I first got there they had the same issue -- everything was encrypted using the same set of keys to hide the complexity from the users. Customers were given the option to specify their own key, but very few of them did. Not surprising, since most people don't care about security.. for good reason most of the time. I don't care if dropbox has access to my MP3's or any of the other junk I put on there, and I don't have to worry about losing my data if my house blows up or if I inadvertently wipe out my home directory (not that I've ever done that.....) We eliminated the option to use a shared key and built a comprehensive key management solution so that we could securely store individual keys for each account, but also made it easier for users to specify and manage their own keys if they need higher security. We also hardened the rest of the environment to get ISO & SAS-70 certifications.
Clouds are not inherently insecure, but you have to consider their target market to get an idea of the assumptions they're going to make about you. If you need greater security, always ask them for details on their security program and practices. They should be more than happy to share that, and you may find that they have much higher security options available for those who want it. If they can't share their security practices then you should probably look elsewhere.
Boy, that VPS setup with SSH and rsync doesn't sound so hard to setup now, does it?
PS - git instead of rsync also works pretty well.
Nathan's blog
It doesn't matter. If a system has holes, it has holes. The holes' supposedly-benign purpose or any policies about when to abuse the holes and when to abstain from doing that, isn't relevant.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
I have a problem with cloud sites that advertise encryption simply because you don't have control of the key - or of who has it. There's no doubt in my mind that all of these services can decrypt your files for you if you lose your key.
I personally just encrypt my own stuff and stick it in a folder in my gmail account.
we see things not as as they are, but as we are.
-- anais nin
Saying that personal computers in 2011 can't do what personal computers in 2001 could do, is just utterly ridiculous. It really sounds like you cherry-picked the most limited stuff (e.g. Apple's mobiles) and used its limitations to make a general statement. That's like finding a computer that runs MS-DOS and saying "computers can't easily multitask."
Throw away your IBM mainframe from the 1960s (iPhone) and check out some 1977 tech (N900). You'll find it to be a lot more oriented toward letting the user do whatever the hell he wants. And if that doesn't pave the way for your future, you'll have no one to blame but yourself.
When I first read the title, I thought the article was talking about the Dropbox local utility reading data on the _rest_ of your hard drive. Well, seems everyone is talking about the data you actually put in your drop box, which is fine... simple solution, just encrypt it. (I've been using encfs.)
But considering you're deploying a local program that has access to your whole home folder, and whose only job is to upload data to a server, it wouldn't be such a big stretch for Dropbox to be asked by authorities or even by some rogue employee to access any old file on your hard drive. By installing a closed-source program that is always running in the background, you're basically giving them carte-blanche access to your data, whether it's in your drop box or not.
For all the above reasons I use encfs because it is only mounted when I choose, for just my eyes, and is easily backed up on a file by file basis so incremental backups work just fine. Just point your DropBox uploader to the encrypted file tree and back it up as soon as you unmount your crypto session volume. I have a script that mounts the crypto volume, opens a file manager to pause the script, and when the file manager is closed the session is immediately unmounted. All you need do is add a command to the end of the script to kick off a DropBox incremental upload.
Law enforcement probably filed a bug report. The encryption problem that prevented them from viewing users files has now been fixed. Cheers!!!
The difference between impossible and prohibited is like the difference between a welded shut steel safe and a sticky note that says "don't look at this."
-- QED
Parent has nailed this on the head. And before we fork the argument from below, client-side encryption doesn't work because you lose Dropbox's incremental update features.
Maybe you should try reading the article you linked to. It doesn't say what you think it says.
there are customers to be betrayed.
Meaning: they want to stay in business, so they will happily dance to the tune called by any tin badge.
Rule one for storing anything in the Cloud that you don't want made public? Strong encryption of the data before it gets stored.
"If your that technically illiterate, why are you sharing valuable information in the first place? "
Does not compute. The technically illterate share valuable information all the time. That's what facebook is for.
Look, I've got a DropBox account. I signed up for it on my laptop. Then I went to my desktop, and logged into my account. I did no sort of file transfer from laptop to desktop. Then I uploaded some unencrypted Mercurial repositories.
At no time did I do any key management. A key couldn't have been generated randomly in the client, or I'd have to transfer it from laptop to desktop. Therefore, there can be no client-side encryption, except for any files I want to encrypt myself.
Therefore, any encryption is done server-side, and DropBox maintains the keys (they have to be able to send the files back to me, after all). They advertise AES-256, which is a symmetric cipher, so encryption and decryption rely on the same key. Therefore, DropBox itself can access my data. It may be that many or most employees don't have access to both the accounts and the keys, so they can't look at my personal software projects and bad fiction. Somebody in the company certainly can, and they can turn the stuff over to law enforcement.
This doesn't depend on DropBox advertising at all. Just from how I interact with DropBox, I know that my files are not secure from them. That's why I won't trust them with anything sensitive I don't first encrypt myself (on a machine under my physical control, with no outsider logged in, because I've read about AES side-channel attacks).
Anybody who knows much of anything about file storage and encryption (and I'd hope this means most Slashdotters) should have known this from the start. It will come as a surprise only to the ignorant or thoughtless.
"When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
It turns out that Dropbox claims in one place that encrypted data makes it impossible for employees to see into user files, but in another says that they're only 'prohibited' from doing so.
The two claims are not mutually exclusive -- support agents cannot get in because they don't have decryption keys, while deeper levels of the company can get access because they have access to the keys.
It makes sense to me, anyway. At any rate, the moral of the story is if you want something to be private, do not rely on third parties to encrypt things for you (and, if you do, it's not secure).
Price, Quality, Time. Pick none. What, you thought you had a choice?
I use use Blowfish Advanced CS and it works great. Very good freeware tool (open too).
For some uses I find it a lot handier than TrueCrypt. http://www.lassekolb.info/bfacs.htm
Take a look at the Tahoe Least Authority Filesystem:
http://en.wikipedia.org/wiki/Tahoe_Least-Authority_Filesystem
One way of doing this is to use Truecrypt to create an encrypted volume and sync that with your Dropbox. But this is actually a headache as it has to upload the entire volume each time you make changes and you have to mount and unmount the volume for that to occur. I found this to be too much of a headache.
After Google searching around, I found the perfect solution. And no, I don't work for the company that puts this out. This lets you create a folder in your Dropbox that encrypts the data inside that folder with your own key and encrypts / decrypts in in real time. Great solution and works perfect! I wanted to share this gem that I found and hope you guys find it useful.
http://www.boxcryptor.com/
http://www.spideroak.com/
Go give them some love, will ya? Great company, actually zero-knowledge...replete with performance issues caused by it. Give your business to someone that's doing it right.
Karma: Chameleon (mostly due to the fact that you come and go).
Here's Dropbox's indemnity language:
You agree to defend, indemnify, and hold Dropbox, its officers, directors, employees and agents, harmless from and against any claims, liabilities, damages, losses and expenses, including, without limitation, reasonable attorneys' fees and costs, arising out of or in any way connected with: (i) your access to or use of the Site, Content, Files and Services; (ii) your violation of this Agreement; (iii) your violation of any third party right, including without limitation any intellectual property right, including but not limited to right of attribution, publicity, confidentiality, property or privacy right; or (iv) any claim that Your Files, or your use of Files, caused damage to a third party, including without limitation claims that Your Files, or use of Files, infringe the rights of another.
If somebody files an absolutely baseless lawsuit against Dropbox relating to the stuff you keep on Dropbox, you're promising to pay all of Dropbox's legal expenses defending that lawsuit.
You're also promising to pay Dropbox for all "EXPENSES" in any way connected with your use of the Dropbox site! What the hell does that mean? Super caveat emptor baby.
Here's the liability exclusion language:
IN NO EVENT WILL DROPBOX BE LIABLE TO YOU OR TO ANY THIRD PARTY FOR DAMAGES OF ANY KIND, INCLUDING, WITHOUT LIMITATION, DIRECT, SPECIAL, INCIDENTAL, PUNITIVE OR CONSEQUENTIAL DAMAGES (INCLUDING LOSS OF USE, DATA, BUSINESS OR PROFITS) ARISING OUT OF OR IN CONNECTION WITH THIS AGREEMENT, OR FROM YOUR ACCESS TO OR USE OF, OR INABILITY TO ACCESS OR USE, THE SITE, CONTENT, FILES AND/OR SERVICES, OR FOR ANY ERROR OR DEFECT IN THE SITE, CONTENT, FILES OR SERVICES, WHETHER SUCH LIABILITY ARISES FROM ANY CLAIM BASED UPON CONTRACT, WARRANTY, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY OR OTHERWISE, OR ANY OTHER LEGAL THEORY, WHETHER OR NOT DROPBOX HAS BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGE, EVEN IF A REMEDY SET FORTH HEREIN IS FOUND TO HAVE FAILED OF ITS ESSENTIAL PURPOSE. YOU SPECIFICALLY ACKNOWLEDGE THAT DROPBOX IS NOT LIABLE FOR THE DEFAMATORY, OFFENSIVE OR ILLEGAL CONDUCT OF OTHER USERS OR THIRD PARTIES AND THAT THE RISK OF INJURY FROM THE FOREGOING RESTS ENTIRELY WITH YOU. FURTHER, DROPBOX WILL HAVE NO LIABILITY TO YOU OR TO ANY THIRD PARTY FOR ANY THIRD PARTY CONTENT UPLOADED ONTO OR DOWNLOADED FROM THE SITE OR THROUGH THE SERVICES AND/OR THE FILES, OR IF YOUR DATA IS LOST, CORRUPTED OR EXPOSED TO UNINTENDED THIRD PARTIES.
FREE ACCOUNT HOLDERS: YOU AGREE THAT THE AGGREGATE LIABILITY OF DROPBOX TO YOU FOR ANY AND ALL CLAIMS ARISING FROM THE USE OF THE SITE, CONTENT, FILES AND/OR SERVICES IS LIMITED TO TWENTY ($20) U.S. DOLLARS. THE LIMITATIONS OF DAMAGES SET FORTH ABOVE ARE FUNDAMENTAL ELEMENTS OF THE BASIS OF THE BARGAIN BETWEEN DROPBOX AND YOU.
PREMIUM ACCOUNT HOLDERS: YOU AGREE THAT THE AGGREGATE LIABILITY OF DROPBOX TO YOU FOR ANY AND ALL CLAIMS ARISING FROM THE USE OF THE SITE, CONTENT, FILES AND/OR SERVICES IS LIMITED TO LOWER OF THE AMOUNTS YOU HAVE PAID TO DROPBOX DURING THE THREE MONTH PERIOD PRIOR TO SUCH CLAIM, FOR ACCESS TO AND USE OF THE SITE, CONTENT, FILES OR SERVICES, OR ONE-HUNDRED ($100) DOLLARS. THE LIMITATIONS OF DAMAGES SET FORTH ABOVE ARE FUNDAMENTAL ELEMENTS OF THE BASIS OF THE BARGAIN BETWEEN DROPBOX AND YOU.
Note that you can't sue them if your data is exposed to unintended third parties. Doesn't that make their privacy policy totally toothless?
From here: https://spideroak.com/blog/200811201300
"Most storage providers -- if they offer encryption at all -- only use one encryption key per account. Instead, SpiderOak uses a nested system of many small scoped encryption keys. When you create a ShareRoom, the SpiderOak client makes the encryption keys of appropriate scope for the contents of that share room public.
This makes it possible for our webservers to present the contents to visitors, but nothing beyond the Share Room is known.
So, the upload transaction to create a new ShareRoom and suddenly be sharing a lot of data within your account is very small, and your ShareRoom is ready for company very soon."
In our help article we state that Dropbox employees aren't able to access user files. This is not an intentionally misleading statement -- it is enforced by technical access controls on our backend storage infrastructure as well as strict policy prohibitions. The contents of a file will never be accessed by a Dropbox employee without the user's permission. We can see, however, why people may have misinterpreted "Dropbox employees aren't able to access user files" as a statement about how Dropbox uses encryption, so we will change this article to use the clearer "Dropbox employees are prohibited from accessing user files".
Thread here : http://forums.dropbox.com/topic.php?id=36835
Poor choice of words indeed.
It's actually worse than that. The FBI has for the past several years been demanding librarians turn over records of who's reading what and trying to place the library staff under a gag regarding the whole thing. Some librarians have been able to make a fight of it. Some have not. The ones who lost this battle are precisely the ones we'll never hear from.
Tin foil hats aside, if you've been doing a term paper on Islam or the Haber process, the American Library Association reports the FBI wants to know about you.
He put his boots up on the table and made a face. "The sig," he smirked. "You can waste your life in search of the sig."
For SME organizations cloud services are perfect, for larger corporates however cloud services/providers need to mature a bit for it to be a viable solution (from a security point of view). there is a lot of research going on right now to help solve many of these concerns.I personally hope that public clouds will become viable for larger corporations and I agree that only the cloud providers themselves are pushing the services e.g. SAP Business ByDesign and many others
Unless they use the same key for every subscriber. Try this - grab a file off of Bit Torrent, most any file will do, but make sure it is at least a few hundred megs. Now, upload it to your Dropbox account. Notice how the sync process was near instant? Thats because DB has that file already - someone else already uploaded it and DB was able to match it by checksum, skipping the need to actually upload it. Now, take a file that is unique to you - maybe a zip containing your vacation photos. Make sure it is at least a few hundred megs in size. Now, upload that to Dropbox. Note that it takes quite a bit longer, more in line with what you would expect uploading a file from your computer to a remote server over the Internet. If your files on Dropbox were encrypted with a unique key, every file you uploaded would be unique, so from this it is obvious that Dropbox not only has the capability to decrypt your data, but it does so regularly, if it encrypts it at all. Their data de-duplication would not work optimally if they couldn't.
Oh, was that my outside voice?
Dropbox must have a bunch of idiots working for them. Under no circumstances does the US government ever require a cloud storage service to have a special back door to get past data encryption. If law enforcement at any level wanted a customer's Dropbox data then Dropbox would only be legally required to hand over the encrypted data. They would not be legally required to decrypt that data for law enforcement. If what RIM has said about their push messaging service is true then it's not possible to create a back door to spy on someone's messaging activities for any government.
Bear in mind they may be require to turn over your data, but it's not clear that they are obligated to decrypt it.
In the UK I believe it's a crime not to incriminate yourself, and you can be forced to turn over your passwords. Don't know how that would apply here, but if you don't encrypt your data first on the client then you are far more trusting than I. At the least the data, the key, and the crypto code are needed.
Linux users can use encfs to protect data which network mounted, although I don't know if dropbox mounts in a manner to make that happen.
If you're going to put your most personal and private documents online in ANY form, encrypted or otherwise, you stand the risk of being exposed. Still want to do it? At least encrypt that data beforehand and don't trust the site to do it for you.
My whole take on their policy isn't as "oh no, they can see me with my pants down now!" as some of the blogs and news outlets are getting. My take on it is that if law enforcement asks to have access to a user's account, they'll simply give admin access to that account. Are the files encrypted? Probably... but for each user that has access to those encrypted files, there's more than likely an admin account that has access to all of them. Chances are very slim that the average employee has that level of access anyway, so my concern isn't as great.
Dropbox PR just released a new statement that said their employees are prohibited from viewing them through "technical access controls". However, that also implies that there could be an "access control" to give full permissive access to the files, which I'm pretty sure they have. For all we know only the president of the company has that level of access... or maybe nobody does... but the fact that it can be granted is what concerns me the most.
All that stands between your data and them is an "if"-statement. Nevermind encryption. Encryption is meaningless when you are giving people valid access to the encrypted files.