I am a big Dropbox user. I have always felt secure that my files were safe up there in the cloud. But who am I kidding? I have never really felt that there was no way anyone could get access to my data. I am not blindly trusting.
When you sign up for a service that touts itself as offering full encryption, and it is a major cloud file player, you would think that they would put some teeth behind their claim. Dropbox had made statements that their staff were unable to access your files, but it has come to light that some staff can. In my opinion, it is there for those warrentless government searches that happen in the USA.
I am not too worried though. All my personal files that need to be kept private(you know, tax info, wills, porn), I encrypt first using TrueCrypt, then I upload them to Dropbox. That way, there is no way that even if someone hacked my online account, or stole the file directly from the Dropbox server, they would not be able to open it.
Will I still use Dropbox? Sure I will. Most of the stuff on there is not Top Secret! Who cares if someone gets my resume. Honestly…My pictures backup? Have a laugh looking at it…
Still, Dropbox finds themselves in a bit of hot water. Here is a bit about it over at Wired.com…
Dropbox, the wildly popular online storage system, deceived users about the security and encryption of its services, putting it at a competitive advantage, according to an FTC complaint filed Thursday by a prominent security researcher.
The FTC complaint charges Dropbox (.pdf) with telling users that their files were totally encrypted and even Dropbox employees could not see the contents of the file. Ph.D. student Christopher Soghoian published data last month showing that Dropbox could indeed see the contents of files, putting users at risk of government searches, rogue Dropbox employees, and even companies trying to bring mass copyright-infringement suits.
What are your thoughts about cloud computing, and the safety of putting our data there?
- Dropbox Told Us Our Files Were Encrypted and Private. Turns Out They Aren’t? [Security] (gizmodo.com)
- Soghoian’s FTC Complaint: How Dropbox Lied (infosecurity.us)
- Dropbox Lied to Users about Data Security, Complaint to FTC Alleges (wired.com)
- Dropbox Accused of Lying About Security (hardware.slashdot.org)