Hacker News new | ask | show | jobs
by naitbit 5078 days ago
By "do the encryption for you" do you mean that they should encrypt on what you send them on their side? I'm afraid that gains you nothing. Not only they control encryption method, they also have unencrypted data and your key. Encryption must occur on client side to give you safety, and I would argue against using JavaScript to do it(after all website can be updated without your knowledge, and it is not practical to review site code each time you load it).
1 comments
jerf 5078 days ago
In theory, they can do the encryption for you, on the client, and never send themselves the key. However, the effort required to audit a given client and verify that they are in fact doing that, doing it securely, and doing it in a way where they won't later change their minds and grab the key or whatever greatly exceeds the effort of simply handling the encryption yourself.

I understand why people call for this, but it's really a very narrow window of "security concern" where that's a valid feature.

Much better would be an open API, and an open source client, which does the encryption, preferably not even technically affiliated with the cloud provider.

link
mike-cardwell 5077 days ago
Here would be my ideal scenario, but it requires changes at the OS level:

During installation, Dropbox asks the OS for an encrypted read/write view of "/home/user/Dropbox". The OS confirms this with the user. The user sets up the key/password for that encryption. Done.

If Dropbox is compelled in future to try and gain access to the unencrypted view of that same folder, it would have to ask the OS permission, and the OS would ask the user.

Dropbox could also ask for an unencrypted view on the initial installation, but the user should still be allowed to specify that the view it gets is of the encrypted versions of files only. This would be entirely transparent. Dropbox would have no idea if it's getting the full view or the encrypted view.

link
btilly 5077 days ago
Actually this option exists in practice, not just in theory. See http://www.tarsnap.com/ for details.

The author of that code is the FreeBSD security officer. He is also the author of my favorite comeback ever on Hacker News: http://news.ycombinator.com/item?id=35079

(Or navigate up to http://news.ycombinator.com/item?id=35068 and get some context. cperciva really is impressive.)

link