Dropbox Can Go To Hell

Dropbox Lied to Users About Data Security, Complaint to FTC Alleges

After being told by people again and again I should use Dropbox, the truth of it finally emerges!

Dropbox, which has more than 25 million users, revised its website claims about its data security April 13, from:

All files stored on Dropbox servers are encrypted (AES256) and are inaccessible without your account password.

to:

All files stored on Dropbox servers are encrypted (AES 256).

All of you who put your trust in that service have been betrayed.

Every Cloud service will betray you the same damn way.

20 Comments

Filed under Stupid

20 responses to “Dropbox Can Go To Hell

  1. As I’ve said before, we need a specially configured orgone cloudbuster take this tech out ;-)

  2. Well, that’ll save me $20 month.

    I was already (after a month of hard [trial] use) getting disenchanted. Anybody who is sharing your folder can MOVE the files OFF your drive. NOW WTF would I do that? Also, anything I delete off DropBox from my mobile disappears from my drive too. I don’t fucking think so. I’ll go back to carbonite.

    • Carbonite does a completely different thing from Dropbox. Carbonite does backups. Dropbox does syncing. If you’re using Dropbox as a Carbonite replacement, then of course you’re going to be disappointed.

      • No, I know. I was going to use them in tandem. I should’ve said, “Back to Carbonite ALONE” and see if I can find some other replacement service to do what I want, which I *think* might be PCAnywhere.

  3. Anybody who’s put a thought into this would realise that the inaccessibility blurb was specifically about employee access as one of Dropbox’s features is being able to log onto the website and access your files from there.

    So, yeah, I think this discussion and ‘scandal’ is a bit dumb, as people are assuming a level of security that was clearly never promised or implied given the service’s feature set.

    And, btw, the files are still inaccessible to general Dropbox employees.

    Dropbox’s only real failure is that they don’t document the procedures that employees have to go through to access customer files, not that the files are accessible in the first place.

    If Dropbox functioned like those complaining are expecting it to then it would be bloody useless and awkward.

    I don’t get the Dropbox hate. It does exactly what it says it does. Sync files. Access them anywhere.

  4. savedr

    Except SpiderOak…

  5. Brian

    I’m not sure it’s as sketchy as it sounds. First, it could just be legalese, and encrypted data can be accessed without one’s password, but the data inside may not be. Second, just because they can, doesn’t mean they will. Third, maybe some external weird Patriot-act type legality requires them to have access. And lastly, keeping sensitive data in the cloud is pretty stupid if you don’t encrypt it yourself–if you control its encryption, you control access. With the tools available for pgp/gpg, and with TrueCrypt both being easy and freely available, there’s no real reason not to use them for sensitive stuff if one insists on dropboxing it. Besides, I’m not even sure if the connection is encrypted for the sync anyway?

  6. Just to be clear. I wouldn’t put any of my financial or banking data into Dropbox, but even with Dropbox’s current design (which isn’t particularly secure), it is still more secure and safer than, say, using Windows XP in the first place.

    And it is very probably more secure than Googlemail or Google Docs, for instance, which are just as likely to contain sensitive data.

  7. Ben

    Moriah: it’s not a backup service: it’s a distributed file syncing service. Delete a file in one place, it’s deleted everywhere: that’s how it’s supposed to work.

    On the article: did anyone really think that it was completely secure? If you’re storing sensitive documents on someone else’s infrastructure without your own encryption layer I really don’t have much sympathy for you.

  8. Patrick Nouhailler

    Before you atart falling into complete paranoia read https://www.dropbox.com/help/27

    “How secure is Dropbox?
    Your files are actually safer while stored in your Dropbox than on your computer in some cases. We use the same secure methods as banks and the military.

    Dropbox takes the security of your files and of our software very seriously. We use the best tools and engineering practices available to build our software, and we have smart people making sure that Dropbox remains secure. Your files are backed-up, stored securely, and password-protected.

    Other Dropbox users can’t see your private files in Dropbox unless you deliberately invite them or put them in your Public folder. Everything in your Public folder is, by definition, accessible to anyone.

    Dropbox employees are prohibited from viewing the content of files you store in your Dropbox account, and are only permitted to view file metadata (e.g., file names and locations). Like most online services, we have a small number of employees who must be able to access user data for the reasons stated in our privacy policy (e.g., when legally required to do so). But that’s the rare exception, not the rule. We have strict policy and technical access controls that prohibit employee access except in these rare circumstances. In addition, we employ a number of physical and electronic security measures to protect user information from unauthorized access.
    For Our Advanced Users
    Dropbox uses modern encryption methods to both transfer and store your data.

    Shared folders are viewable only by people you invite
    All transmission of file data occurs over an encrypted channel (SSL).
    All files stored on Dropbox servers are encrypted (AES-256)
    Dropbox website and client software have been hardened against attacks from hackers
    Public files are only viewable by people who have a link to the file(s). Public folders are not browsable or searchable
    Dropbox uses Amazon’s Simple Storage Service (S3) for storage, which has a robust security policy of its own. You can find more information on Amazon’s data security from the S3 site or, read more about how Dropbox and Amazon securely stores data.”

  9. erik

    DropBox stole $99 from. I cannot call them and they dont answer e-mail.
    I use dropbox free sins feb 2013 but my Visa is charged with $99. I have dropbox free now ok and missing $99.. Somebody at dropbox really fucked up here.

  10. york

    i use dropbox and dont know why as all the files in dropbox take the same space away from my harddrive as if i had left them on my desktop??? i thought its a cloud drive, not some program taking up space on my pc. this is bullshit

  11. jim

    drop box is so fu*king g*y

  12. Jeff

    Waste of time. I’m deleting my terrabyte Dropbox account tonight.

  13. John

    Have the $120/yr PAID SUBSCRIPTION. Hate dropbox, it refused to sync with my computer thus I could’nt backup my photos there. Monday I tried to contact dropbox support but all I got were there worthless FAQ’s. No real tech support.

    Tuesday my laptop with my past life for the last 10 years was stolen out of Starbucks. Thus I’m terminating my paid subscription.

  14. Bruce Wyche

    Dropbox synced a ransomware attack. Tried 6 or 7 antivirus programs to no avail. Wifes PC bit the dust 1st, killed her drive, replaced drive, killed new one, killed her brand new pwrsupply also. My PC had a new Seagate, it was killed, my primary drive will not update windows 7 64bit. Ya think the buddy
    that sent me shit via Dropbox, uses antivirus ? No. He doesn’t…Never again.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s