Dropbox image tarnished over security concerns

Posted on by Mike Evans

The image of Dropbox has been tarnished in the past seven days. Naively, as it turns out, we swallowed the line that our data was totally secure from prying eyes at Dropbox HQ and, even more important, from interfering lawyers and governments. It was an illusion.

Not only do we now know that select Dropbox staff have the means of deciphering our every file, we have confirmation that the company is ready and willing to comply with any legal request for information.

We shouldn’t be surprised at this and it was foolish of us to think that in some way Dropbox was different to other cloud services. We accept that large corporations such as Amazon, Google and Apple, will cough up our stuff on demand, but somehow we put Dropbox on a pedestal and worshipped it from afar. Dropbox was different.

The fact that it isn’t different should not stop us using Dropbox. It remains a great service for cloud backup. We just need to know the beast and accept its limitations. If we have anything we don’t want anyone to see—and here I am mainly thinking of financial and personal records—we shouldn’t leave it in clear on any cloud server. And, for that matter, we shouldn’t we leave the information unencrypted on our Macs or even on external backups.

I’ve always been a bit paranoid about letting private stuff out of my immediate control and that’s why I store sensitive data in encrypted volumes on Drobox. These days this is not a problem. Only the bits that change are resynced, unlike some years ago when encrypted volumes had to be totally replaced in the event of change. Now there is no disadvantage other than the obligation to open the volume with a password.

∞ Permalink