[arashf]

hi there, arash from dropbox here. all data is (as we state in the referenced help article) encrypted before it's stored on the backend. I'm not sure why you're concluding that de-duplication implies lack of encryption. the de-duplication occurs prior to encryption.

all data on dropbox can be made shareable and is web viewable. as a consequence, we do need the ability to decrypt in the cloud.

re. employee access to files - there are controls to prevent this. for example, even drew (founder/CEO), doesn't have physical access to our storage servers anymore.

for very sensitive data, there's always the option to use truecrypt (we even offer this as a recommendation in our security documentation: https://www.dropbox.com/terms#security)

[steve19]

I love your product but your encryption is pretty useless and y'all must know it.

It only protects my data if your S3 account is compromised. There is a much greater chance that your web frontend, servers or client are compromised (either by an external or internal attacker) and then my files are easily accessed and decrypted.

It is like naive programmers who store user passwords with 'government level encryption' instead of correctly salting and hashing them, thus having to put encryption key in the source code

select AES_ENCRYPT("user password", "our secret key");

Saying your CEO can't access it, is just more security theater.

[pgbovine]

esteemed mr. arash, perhaps it might be a good idea for someone within dropbox to write a blog post answering common security-related concerns.

having a security sub-section in TOS is great, but it might be buried in google searches. anyways, it seems like this is a common concern amongst bloggers as you guys are exponentially rising in popularity, so some good PR on that front might be needed.

as usual, we're all rooting for you :)

[zdw]

Dedupe and cleartext metadata as stated in the article I referenced, would allow for the following possibilities:

If an attacker could figure out the hash method used by dropbox on the files and intercept a few hashes from a victim, it's plausible that an attacker could trick the service into thinking that he had uploaded the files on his own account, allowing access to the victim's files.

Could you explain what would need to be done to protect against this attack method?

Security is hard - I hope yours improves.

[arashf]

cryptographic signatures of files are never transmitted over plaintext. yes, the current incarnation of the mobile apps don't encrypt the names of the files but we are working on a fix for this as soon as we can adequately improve the SSL performance of our mobile apps.