Dropbox hasn't dropped AWS, they moved things off AWS as it made sense to. The article is talking about two things, the move of file storage and a network backbone. Neither of which were done recently.
The file storage move from S3 to Magic Pocket is detailed in these blog posts:
Early SSL/TLS termination is to reduce latency; the longer-lived connections from PoPs to Dropbox datacenters is over a TLS 1.2 connection with PFS. See an earlier blog post[1]:
> We use TLS 1.2 and a PFS cipher suite at both our origin data centers and proxies. Additionally, we’ve enabled upstream certificate validation and certificate pinning on our proxy servers. This helps ensure that the edge proxy server knows it’s talking to our upstream server, and not someone attempting a man-in-the-middle attack.
(N.B.: I work on security at Dropbox, and consulted on this design)
I'm not a lawyer, but I did work on one of the previous Transparency Reports[1]. From our most recent one:
> Between July and December 2016, Dropbox did not comply with any non-US government legal process unless issued by a US court as a result of the Mutual Legal Assistance Treaty process.
... if that helps answer what you're getting at :)
I don't know if they use SSL/TLS to their upstreams, I'm just saying terminating in at the edge doesn't mean that is the end of all SSL/TLS. It is totally normal to terminate SSL/TLS at the edge, pretty much anyone using an HTTPS load balancer or CDN does it, but the LB or CDN can still use SSL/TLS to the upstreams and verify certificates of upstreams.
The 'value' cloud services provide is purely for experimental services an organization does not want to commit physical assets. Those deluded to believing cloud services provide any value beyond test service deployments are propaganda poster boys for today's tech sucker awards.
Surely, there are people out there who overpay for AWS resources. But the truly deluded are those who purport to understand the sheer width and breadth of organisations and their wildly different requirements and priorities well enough to to brand them suckers.
You are extremely wrong. The Dropbox story shows that if the bulk of your value comes from selling a commodity (storage) then you need to improve your margins by moving away from a provider that also makes the bulk of their money selling the same commodity.
For companies where the value lies in the utility of a service that can't be easily replicated, you have pricing power to make the convenience of AWS worth the expense.
Pretty sure that the value of Dropbox doesn't come from the storage. It comes from their software. The magic thing that allows to replicate all your data seamlessly between as many computers and phones as you want, without the need to click any button or understand what the word storage even means.
Reminds me of the infamous "SSL added and removed here! :^)".
Does anyone know if there are any additional protections from snooping on their internal network?
edit: phrasing