[Lazlo_Nibble]

and, as I understand the overall issue to be, the concern is that DropBox may at some point "hand over your files" to (I assume) The Feds -- should they come knocking?

No, the concern is that Dropbox led people to believe that by use of encryption, Dropbox was preventing user files from being accessible to anyone except that user, which isn't actually true, and that Dropbox gained unearned competitive advantage because of that untruth.

Technically-savvy users who know (or more to the point, care) how Dropbox works behind the scenes may be able to figure out that user files had to be accessible to Dropbox (the "but how could they de-dupe files?" argument). Bully for them, but the fact that some people understand why an advertising claim is misleading doesn't make it okay for that claim to be misleading in the first place.

[wahnfrieden]

They can dedupe without needing to decrypt. Tarsnap does this. The issue is with features like being able to reset your password, downloading and sharing files via the web interface, etc.

[merijnv]

Yes, but Tarsnap (as far as I know) only dedupes your data i.e., if I upload the same file twice it will be stored once. This is easy, because two identical files encrypted by the same key (i.e., mine) are still identical.

Dropbox dedupes across users, if Alice and Bob both upload foo.txt with identical contents (but encrypted with their own keys) the encrypted result will not be identical even though the files are. Right now Dropbox does dedupe in this situation, which obviously required unencrypted access to both files.