[fiddlerwoaroof]

Encrypting the data before uploading to Dropbox should make their security almost irrelevant? The issue I have with these anti-cloud sentiments is that they more or less give a moat to the established players like OneDrive or Google Drive or Dropbox. There has to be a better way to reduce the risk of alternative cloud services.

[3np]

That’s very valid nuance. But I also think that alternative cloud services can be successful without having to keep their server-side implementation closed and protected.

I absolutely agree that there’s a need for the middle ground.

I’d also say that I think nobody really cares if GH is running vanilla git, or which SMTP and IMAP server Fastmail is using; perhaps the important thing is that there exists at least one maintained fully API compatible open alternative, not necessarily 100% identical to the software run by the hosted, or even primarily developed or maintained by them.

(And, well, the insight that can be derived from metadata is not to be dismissed, so I wouldn’t agree on “almost irrelevant”)

[fiddlerwoaroof]

Well, you can mitigate the metadata issue various ways too: putting all secrets in one encrypted file, hashing/encrypting file names or whatever.