Slashdot Mirror
Dropbox Head Responds To Snowden Claims About Privacy
First time accepted submitter Carly Page writes When asked for its response to Edward Snowden's claims that "Dropbox is hostile to privacy", Dropbox told The INQUIRER that users concerned about privacy should add their own encryption. The firm warned however that if users do, not all of the service's features will work. Head of Product at Dropbox for Business Ilya Fushman says: "We have data encrypted on our servers. We think of encryption beyond that as a users choice. If you look at our third-party developer ecosystem you'll find many client-side encryption apps....It's hard to do things like rich document rendering if they're client-side encrypted. Search is also difficult, we can't index the content of files. Finally, we need users to understand that if they use client-side encryption and lose the password, we can't then help them recover those files."
Search is also difficult, we can't index the content of files.
umm duh, that's the point? sucks when your customers can't trust you.
Wasn't all of this already known?
With the keys we readily hand over when warranted.... o_O
This has to be one of the worse responses of all time. I have no idea how well Dropbox protects their users privacy, but the suggestion that if users do not trust them they can use their own encryption, but then none of their features will work is just stupid.
Troll is not a replacement for I disagree.
Dropbox has Condoleeza Rice on its board of directors. If anyone remembers, she was Secretary of State and also the president's National Security Advisor during the Bush administration. She basically allowed torture, and is responsible for Guantanamo. She had no problem with torturing people without even doing a basic check to see if the person being tortured was guilty of the crime he was being tortured for. And you want to talk about spying? She was part of the administration that developed the PATRIOT Act. The justification being "it's ok to spy on foreigners" .. Oh and we can DECLARE you a foreigner without any due process by making you prove your Americanness. She was cool with torturing foreigners without giving them any sort of due process, so why would you assume that she wont torture citizens if she was scared into doing so? We already know she doesn't think people need privacy.
Dropbox is cloud. Cloud is a remote hard disk. My hard disk has nothing to do with privacy; anyone who can SSH into my computer can read my hard disk. Put that hard disk on the Internet, in "the cloud", and the same thing applies, anybody logged in to the Internet can read your dropbox. Hey, I thought that was the PURPOSE of Drop box, to share files. If you want privacy, burn a DVD and hand it to the guy.
For me, my notebook has a 1TB hard disk. I have a web site I control. Yeah, my web site is hostile to privacy; that's the whole purpose of a PUBLIC web site. I had a "Dropbox" and dropped it.
From the article:
I store my own most personal information on Dropbox, down to a scan of my social security card.
All this comes just when previously good files in Dropbox servers start to give virus warnings..
>> Finally, we need users to understand that if they use client-side encryption and lose the password, we can't then help them recover those files.
Really, computer users do not know that?
people need to stop using these services and host it themselves. its not hard and its the only way to get control.
I've decided to stop wasting my time responding to AC trolls/sockpuppets... so if you want a response from me... login.
Steve Gibson's mantra: TNO. If the host has your encryption password/key, then they can't be trusted. If you don't believe that, ask Snowden's email provider, Lavabit's founder Ladar Levison: http://www.wired.com/2014/04/l...
In a time of universal deceit, telling the truth is a revolutionary act. George Orwell
I don't need them to do "rich document rendering" (whatever the hell that is) nor do I need them (or anyone else to) index the contents of my files. All I want is for someone to STORE the shit and keep it synced between all my machines. Dropbox does this very well.
As for encryption, I don't have time for that nonsense. Anything sensative such as financials is kept locally on my own server or burned to a DVD and put in the closet. I couldn't care less if someone gets a hold of my vast collection of pictures and documents. It is private, but not going to hurt me if someone at the NSA starts snooping around.
What does it men by that ?
Some kind of git-hub-style document reports showing metadata* about documents . like line number or total number of words ?
For me at least, this is not the part I care about his service.
* again this noun I hate so much
Look, I'm not a hateful person or anything, I believe we should all live and let live. But lately, I've been having a real problem with these homosexuals. You see, just about wherever I go these days, one of them approaches me and starts sucking my cock.
Take last Sunday, for instance, when I casually struck up a conversation with this guy in the health-club locker room. Nothing fruity, just a couple of fellas talking about their workout routines while enjoying a nice hot shower. The guy looked like a real man's man, tooÃ"big biceps, meaty thighs, thick neck. He didn't seem the least bit gay. At least not until he started sucking my cock, that is.
Where does this queer get the nerve to suck my cock? Did I look gay to him? Was I wearing a pink feather boa without realizing it? I don't recall the phrase, "Suck my cock" entering the conversation, and I don't have a sign around my neck that reads, "Please, You Homosexuals, Suck My Cock."
I've got nothing against homosexuals. Let them be free to do their gay thing in peace, I say. But when they start sucking my cock, then I've got a real problem.
Then there was the time I was hiking through the woods and came across a rugged-looking, blond-haired man in his early 30s. He seemed straight enough to me while we were bathing in that mountain stream, but, before you know it, he's sucking my cock!
What is it with these homos? Can't they control their sexual urges? Aren't there enough gay cocks out there for them to suck on without them having to target normal people like me?
Believe me, I have no interest in getting my cock sucked by some queer. But try telling that to the guy at the beach club. Or the one at the video store. Or the one who catered my wedding. Or any of the countless other homos who've come on to me recently. All of them sucked my cock, and there was nothing I could do to stop them.
I tell you, when a homosexual is sucking your cock, a lot of strange thoughts go through your head: How the hell did this happen? Where did this fairy ever get the idea that I was gay? And where did he get those fantastic boots?
It screws with your head at other times, too. Every time a man passes me on the street, I'm afraid he's going to grab me and drag me off to some bathroom to suck my cock. I've even started to visualize these repulsive cock-sucking episodes during the healthy, heterosexual marital relations I enjoy with my wife even some that haven't actually happened, like the sweaty, post-game locker-room tryst with Vancouver Canucks forward Mark Messier that I can't seem to stop thinking about.
Things could be worse, I suppose. It could be women trying to suck my cock, which would be adultery and would make me feel tremendously guilty. As it is, I'm just angry and sickened. But believe me, that's enough. I don't know what makes these homosexuals mistake me for a guy who wants his cock sucked, and, frankly, I don't want to know. I just wish there were some way to get them to stop.
I've tried all sorts of things to get them to stop, but it has all been to no avail. A few months back, I started wearing an intimidating-looking black leather thong with menacing metal studs in the hopes that it would frighten those faggots off, but it didn't work. In fact, it only seemed to encourage them. Then, I really started getting rough, slapping them around whenever they were sucking my cock, but that failed, too. Even pulling out of their mouths just before ejaculation and shooting sperm all over their face, neck, chest and hair seemed to have no effect. What do I have to do to get the message across to these swishes?
I swear, if these homosexuals don't take a hint and quit sucking my cock all the time, I'm going to have to resort to drastic measures like maybe pinning them down to the cement floor of the loading dock with my powerful forearms and working my cock all the way up their butt so they understand loud and clear just how much I disapprove of their unwelcome advances. I mean, you can't get much more direct than that.
iDrive, which is supposed to be a remote backup service, has a similar problem. They used to be a honest remote backup service, with client-side encryption. (They didn't protect the client password very well on the client machine, but at least the server didn't have it.) File contents were encrypted, but filenames were not, so you could look at logs and the directory tree on line. Then they came out with a "new version" of the service, one that is "web based" and offers "sharing".
For "sharing" to work, of course, they need to know your encryption key. They suggest using the "default encryption key". Even if you're not "sharing", when you want to recover a copy of a file, you're prompted to enter your encryption key onto a web page. The web page immediately sends the encryption key to the server as plain text, as can be seen from a browser log. Asked about this, they first denied the problem, then, when presented with a browser log, refused to answer further questions.
They try real hard to get their hands on your encryption key. After you log into their web site, a huge pop-up demands your encryption key. Without it, some of the menu items at the top of the page still work, and with some difficulty, you can actually find logs of what you backed up. You can't browse your directory tree, though.
It's possible to use the service securely (maybe), but you have to run only the application for recovery, and never use the web-based service. They don't tell you that.
This isn't a free service. I pay them $150 a year.
You must not have much exposure to bullshit.
This is actually a genuine and honest statement that is frank and straightforward.
Syncplicity lets enterprises store files on their own servers, with an extra layer of authentication that prevents Syncplicity staff from getting to the files. It still allows for access to these files through a web browser. When enterprises use single-sign-on, users don't even realize that they're authenticating multiple times.
This is a very hard problem to solve for consumers, though. Most people don't have the time to set up their own cloud servers.
No, I will not work for your startup
That is the lamest explanation for a deficiency in service I have ever heard from a fellow fluent in the language du jour.
You misspelled layman. Sometimes you nerds often forget that services like Dropbox have gone mainstream, and therefore take an extra helping of "for dummies" ladled on top of the usual rhetoric. This isn't some *NIX SFTP server you download and configure manually in a VM. Dropbox is about as easy as Facebook to set up. Therefore, when coming forth with a form of CYA explanation regarding a deficiency, one must be able to speak to the entire audience.
That said, I promise 80% of Dropbox users reading the words "developer ecosystem" will respond with a stare more blanked out than a Kardashian at a cell phone kiosk. Even this explanation wasn't layman enough.
Perhaps "hostile" was unfair, but I appreciate that he said made it sound shocking. I am shocked when I learn people store secret docs unencrypted on Dropbox. Then they are then shocked when I tell them Dropbox is insecure. There should be a lot less shock all around.
That's an accurate and sensible response.
In fact, 3rd party client encryption tools might be better than built-in support by Dropbox. They can be produced outside the USA by companies or individuals unaffiliated with DropBox and potentially harder to pressure into backdooring the software in an update.
I'll stick to SpiderOak personally, despite the awful transfer speeds and somewhat clunky usability, because I just want a remote store that stores my gibberish bytes and gives me the same gibberish bytes back later.
I tried using SpiderOak, but it was a bit too slow for me atm. What I really needed was a off-site backup, so I ended up with Amazon Glacier with client side encryption. Can't beat the price :)
I have dropbox too, and it's ok for it's use. Just have to realize that everything you upload to them is not private anymore.
I wish more services did secure by default and option to reduce security for wanted features.
There is also a strong argument for company like Dropbox to avoid or at least not encourage too much client side encryption: deduplication. If deduplication is no more working, it will considerably increase their storage cost, which the core of their business.
One of Dropbox's features is the ability to access your Dropbox files through your web browser. Which can be very convenient for some people.
Obviously they couldn't do that if your account was encrypted to an extent that even Dropbox couldn't decrypt it.
I don't understand people complaining about a service that is up front about offering more convenience than security (not that Dropbox is insecure, they just trade off some security for convenience).
If you want a service that offers more security than convenience, then don't use Dropbox. Duh.
Yes you'd have to warn the user that a protected folder means exactly that and there are restrictions on what you can do with it, e.g. access in some dropbox clients, web browsers, sharing to others. People will get it.
Even better, this encryption / decryption could be thrown open as a pluggable API so 3rd parties could write their own encryption protocols to whatever personal or corporate standard they desired. For transparency the aforementioned passphrase encryption could even be supplied for review.
Same goes for Skydrive, Google Drive etc. There is no excuse for not offering encryption. Not that I'm in the tinfoil hat camp to think this is to facilitate monitoring (although it does). More likely it's because these cloud storage servers use file hashing to spare themselves the bother of storing 1,000,000 copies of the same file. It still sucks though and even if the option is off by default, encryption of at least one folder should be provided.
why not roll your own? a VPS is too cheap these days...
I think its clear no matter if you talk Dropbox or Google Cloud, Microsoft cloud or Apple iCloud. You have a system of sharing that may not be so secure as to limit the ease at which you can use those services without causing problems. After all, many people have trouble using anything without a lot of help. All of these "sharing" service have to juggle making things easy with making things secure. The biggest security tool is encryption and yet that in itself is the most problematic
solution for security. Oh, if we only were a society that had no bad people trying to get our information sharing would be so much simpler and reliable.
Putting multiple layers of encryption on data just to protect that data is just a stop gap measure that it seems eventually gets cracked by people trying to get at it.
What does this continue to prove? That cloud storage is going to have to continually improve security in order to satisfy customers concerns. Otherwise cloud storage will go nowhere in attracting more customers. Myself, I already see the writing on the wall that cloud storage as it stands now will not find its way into critical storage solutions for sensitive data. Nobody seems willing to guarantee security when the bad guys are lurking just a click behind the security advances.
Anyone that posts anything on the Internet (i.e. on another person's computer and network) and demands privacy or security is a moron. You can ask .. but no one is obligated to give it to you. Becoming indignant or angry because they won't is just about the most self-centered and egotistical thing I can think of, thinking someone else owes you something. Why should they?? Because you demanded it?? What do you have to offer in return beyond shutting your mouth??
It's their decision and theirs alone. You want things private and secure, keep them on your own computer. Unplugged from any network.
Anything else is up for grabs.
I rarely read replies, it's my opinion and if you thought about your opinion a little more, I'm OK with that.
The price of the features they supply is your data. If you want security, encrypt before it leaves your computer.
As long as you still trust TrueCrypt, there's no reason you shouldn't use an encrypted container file (or multiple smaller containers) in your Dropbox. Some people might not know this, but Dropbox only re-uploads the parts of the file that change (it does a binary comparison), and TrueCrypt typically only updates relatively small sections of the container file when you add/remove/modify a file in the container, so it doesn't take much bandwidth except for the initial upload. Just make sure you dismount frequently enough to allow Dropbox to sync when you make changes. (I'd recommend setting TrueCrypt to automatically dismount after an hour or so of no data being read/written.)
You could use the dynamic disk option when creating the TC container to save bandwidth during the initial upload, if you're starting with an empty container (the size of the container will change, up to a set maximum, to match the contents), but that will have other performance penalties when using the container, and it brings with it the increased risks. In particular, it makes it possible for an analyst to get some idea of how you are storing files in the container, potentially making it easier to break the encryption.
And since it's being stored in the cloud, you should maximize your security by using local keyfiles/tokens rather than a single password. You might as well assume that the whole world has a copy of the container.
For convenience, you can store a portable unencrypted copy of TrueCrypt in Dropbox as well, but you should really only do that if you keep a local copy of the checksums for the binaries and compare them to the files whenever you run them. (That will ensure that nobody has accessed your account and replaced your portable TC binaries with compromised versions capable of stealing your keys.) Or carry a portable version on a USB drive.
The only downside I can see to this is that if you need access to your files on a new machine, you will need to download the whole container, and if the new machine is compromised, you could have your keys stolen. Even so, it's much more secure than using Dropbox on its own, and in my opinion, it's worth the potential inconvenience to have good encryption and cloud access.
How to do this transparently: Use Dropbox normally. Create a folder call ".encrypted". Use "encfs" to mount this folder to some mount point, say "DropboxData". The stuff you put into DropboxData will be will be encrypted locally before being put into the ".encrypted" folder on Dropbox.
Anything you don't consider private goes into Dropbox normally. Anything sensitive goes into DropboxData. You decide the balance.
You can get encfs clients for Linux, Mac, Windows and even Android.
Enjoy life! This is not a dress rehearsal.
What's funny is that I gave the same answer to my boss as to how they can prevent me as a sysadmin from reading their confidential documents. Unless they encrypt their files with passwords or keys I don't know, I can come up with a way to access their files. Any other answer would just be a lie.
Fair and balanced, mon frere...
Journalistic integrity requires we present both sides of the story: the facts, and my distortions, half-truths, propaganda and outright lies.
It's only fair.
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
Well, "We have data encrypted on our servers." seems very suspicious to me. It's certainly very different from saying all the data on our servers is encrypted. And to top it off this statement:
"....It's hard to do things like rich document rendering if they're client-side encrypted. Search is also difficult, we can't index the content of files. Finally, we need users to understand that if they use client-side encryption and lose the password, we can't then help them recover those files."
Seems to dirrectly contradict what was implied in the first statement
"It's hard to do things like rich document rendering if they're client-side encrypted."
The documents are only rendered at the client where the encryption is,nobody else has to render.
Indexing every word in a document at a 3rd party, is kinda counter-productive for encrypted documents.
People ought to know by now that the internet is not "private." You can't expect privacy from providers. Everyone is responsible for their own security. You can't store something on someone else's server and expect no one will ever look at it, unless you've encrypted it, and encrypted it on your own machine. The only area where we don't have this control is with email, since it takes two to encrypt. But that's not your email provider's fault.
-- sudon't
Air-ride Equipped
So in other words, Dropbox confirmed Snowden's claims.
I'm neither surprised, nor disappointed by the response from Dropbox. It's frightening how much blind trust I'm seeing businesses place in these cloud storage platforms. I worked for a client that had us posting customer configuration files with clear text passwords on these services. I can only imagine the level of risk others are taking on. This is all uncharted territory and with services being so cheap and easy, it's guaranteed that users, even business users who should know better will take huge risks they don't bother to evaluate. You can outsource the activity of file storage, but when you delegate responsibility you are still accountable for any related failure, ethically if not legally.