[VuongN]

Hi there, awakeasleep.

I think all your points are very solid. I would, however, disagree with you about Dropbox or any other cloud provider implementing their own, in-house, encryption.

They're the one with the data and having the key to open your data as well is, to me, a conflict of interest. I've share my thoughts on this a while back (http://vuongnguyen.com/personal-business-cloud-security.html).

Now, if you haven't had a chance to use nCrypted Cloud, give us a try: http://ncryptedcloud.com. We do client-side encryption and work on top of Dropbox and shortly other cloud providers. We're free for regular consumer. The enterprise clients we have a usually more interested in the integration, management and control mechanisms we have in place.

Thanks,

-V.

PS: Please feel free to contact me if I could be of any help. My email is in profile.