[oellegaard]

Such an awesome idea. However, in light of the recent events the first thing to come up in my mind when I see "datastore" and a US corporation is "PRISM integration". I'd like to see proper encryption of Dropbox as the next feature, so that we - innocent users- are not uploading our data to the US government.

[Afforess]

Can't you just encrypt the data before storing it in your app? Why does Dropbox need to do this for you? Would you even trust Dropbox if they did add it themselves?

[peterkelly]

Well, the nice thing about PRISM is that it's API is so simple that you don't even need to muck around with SDKs, REST, JSON encoding etc. Integration is completely straightforward.

[lovemenot]

Expect to see the NSA as a back-up-of-last-resort cloud solution provider any time soon?

[redblacktree]

I combine dropbox with TrueCrypt for sensitive stuff. For me, that's just digital copies of important documents.

[aasarava]

So are you just syncing entire truecrypt .tc files to Dropbox? Does that work incrementally or does the entire .tc file have to get resent every time you modify a file within?

[d23]

I always assumed it wouldn't work incrementally, but it seems to sync my 200MB tc file too quickly to be uploading the entire thing when I make a small change. Perhaps someone who actually knows something about encryption can speak to this. Does every byte in an encrypted volume change when a piece of data changes? I guess that would be too inefficient to be the case, no?

[dchest]

Yes, only parts of the underlying file are changed. TrueCrypt uses XTS mode of operation (https://en.wikipedia.org/wiki/Disk_encryption_theory, http://www.truecrypt.org/docs/modes-of-operation).

[redblacktree]

The entire file may be resent, but practically it works just fine for me. The total volume is only 250mb and it is updated infrequently.

[Afforess]

The entire file is resent.

[sigil]

No, only changed blocks are resent. The scattering effect of Truecrypt encryption plus the relatively large blocksize does amplify the number of changed blocks somewhat.

Previous investigation and results:

http://news.ycombinator.com/item?id=2546626

[BHSPitMonkey]

Citation? Other comments are offering conflicting reports.

[philip1209]

Yes - in my dropbox public folder, I keep a truecrypt bucket with scans of everything in my wallet, should I lose it.

[hcarvalhoalves]

The right approach is to encrypt before pushing down the wire - it's useless if Dropbox just encrypts on their end.

[r00fus]

Sadly, you're going to need to encrypt before uploading. Just as the webserver should never trust the client, the user should never trust the server with sensitive data.

Try boxcryptor - works with more than just Dropbox.

[duaneb]

Proper encryption meaning metadata is encrypted as well? Isn't that the whole appeal of http://mega.co.nz/?