WingNews logo WingNews GitHub [2]
top | item 6037519

DropBox doesn't offer full privacy or encryption

11 points| whitecap | 12 years ago | reply

In today's day and age, where everyone is looking in to your data, its shocking that popular services like Dropbox dont have strict privacy policy in place (something like zero-knowledge)... is it intentional so that they can use data in the future to sell ADs or is it technology? just curious because there are few who offer 100% encryption but not the popular ones, very strange !!!

8 comments

order
[+] Illniyar|12 years ago|reply
DropBox is built on the premise of availability (I.E. it's available from everywhere, and easy to share). Availability is usually in direct conflict with Security (let alone encryption).

If you want your files encrypted (or just some of the files), do what the rest of the world does, and encrypt them locally (with archive software or builtin protections most content making programs provide)

[+] newsign|12 years ago|reply
It is not completely impossible as SpiderOak and others are able to offer.... it could be the cost of implementing it .... Cost vs. Benefit ... benefit in terms of how much revenue it can generate by adding particular feature....but the demand is growing so lets hope that things change soon.
[+] Piskvorrr|12 years ago|reply
I have an alternate explanation: It's easier this way. I'm not attempting to downplay Dropbox's (or anyone else's) efforts, but Crypto Is Hard. Really Hard. Once you try to implement zero-knowledge full encryption, it gets Really Freaking Ridiculously Hard, some cool things stop even being possible (Web access? Sorry, no can do.), and it becomes easy to fail while appearing to work (see e.g. http://www.cryptofails.com/2013/07/synergy-integer-overflow-... ).

Also, there isn't (yet) a mass demand for such features, and there are smaller providers offering those.

[+] migrantgeek|12 years ago|reply
Dropbox doesn't offer great encryption because the service is meant to make it very easy to share files and not a secure repository for your things.

The gripe is like someone saying "this axe doesn't cut butter very well".

Wrap your Dropbox stuff in TrueCrypt if you want security at the expense of ease of sharing.

[+] falk|12 years ago|reply
I'm not saying this is the reason why, but Dropbox was implicated in the whole Prism scandal as "coming soon".
[+] jmacd|12 years ago|reply
Dropbox de-duplicates data. That means that if you are storing the exact same file as I am, then Dropbox only stores that file once. It is possible to do something similar with encryption but it is far less efficient.
[+] sigsergv|12 years ago|reply
Just use encfs for basic encryption, and something more powerful for reliable solid encryption (pgp/gnupg for example).