Welcome Guest.   Make a donation to an author on the site April 23, 2014, 01:36:53 PM  *

Please login or register.
Or did you miss your validation email?


Login with username and password (forgot your password?)
Why not become a lifetime supporting member of the site with a one-time donation of any amount? Your donation entitles you to a ton of additional benefits, including access to exclusive discounts and downloads, the ability to enter monthly free software drawings, and a single non-expiring license key for all of our programs.


You must sign up here before you can post and access some areas of the site. Registration is totally free and confidential.
 
Your Support Funds this Site: View the Supporter Yearbook.
   
   Forum Home   Thread Marks Chat! Downloads Search Login Register  
Pages: Prev 1 [2] 3 4 Next   Go Down
  Reply  |  New Topic  |  Print  
Author Topic: Deduplication, encryption, security and... Dropbox  (Read 14774 times)
nudone
Cody's Creator
Columnist
***
Posts: 4,116



see users location on a map View Profile WWW Read user's biography. Give some DonationCredits to this forum member
« Reply #25 on: April 16, 2011, 02:36:29 AM »

Let the great Dropbox Diaspora begin!

Logged
CleverCat
Supporting Member
**
Posts: 1,112


Cat's Are Fun!

see users location on a map View Profile Give some DonationCredits to this forum member
« Reply #26 on: April 16, 2011, 04:16:52 AM »

phitsc - check your messages for invite...  Thmbsup
Logged

If you need help - JUST ASK!
f0dder
Charter Honorary Member
***
Posts: 8,774



[Well, THAT escalated quickly!]

see users location on a map View Profile WWW Read user's biography. Give some DonationCredits to this forum member
« Reply #27 on: April 16, 2011, 08:48:11 AM »

... and encryption really shouldn't slow anything down unless you've got an insane-speed internet connection smiley

Wouldn't the act of encryption slow things down?  i.e. step 1 encrypt, step 2 upload instead of just step 1 upload?
A fast consumer internet connection has 100kb/s upload rate. A 3 year old dualcore laptop can do ~140mb/s AES encryption smiley


I've asked Dropbox support if their FAQ statement that says that "Dropbox employees aren't able to access user files" were really true. Their response:

Quote
Yes. Dropbox employees can't access the file's contents. They can see the file names, move, delete or even restore files, but can't view them. The only exceptions are the executive staff who have a vested interest the company.

I have to admit that I am shocked about their slack interpretation of the word "employee". To be honest, I feel cheated by that FAQ statement. Already the fact that any employee could actually delete my files is unbelievable.
W...T...F?  ohmy ohmy ohmy ohmy ohmy ohmy ohmy ohmy ohmy ohmy ohmy
Logged

- carpe noctem
Armando
Charter Member
***
Posts: 2,666



see users location on a map View Profile Give some DonationCredits to this forum member
« Reply #28 on: April 16, 2011, 10:25:03 AM »

Quote
Yes. Dropbox employees can't access the file's contents. They can see the file names, move, delete or even restore files, but can't view them. The only exceptions are the executive staff who have a vested interest the company.

Thanks for sharing that, phitsc.
It seems very wrong. Even if their definition of employee wasn't slack...
Logged

"I suppose it can be said that I'm an absent-minded driver. It's true that I've driven through a number of red lights on occasion, but on the other hand, I've stopped at a lot of green ones but never gotten credit for it."
Glenn Gould
AndyM
Charter Member
***
Posts: 615


see users location on a map View Profile Give some DonationCredits to this forum member
« Reply #29 on: April 16, 2011, 01:45:07 PM »

This:
Quote
Yes. Dropbox employees can't access the file's contents. ....  The only exceptions are the executive staff who have a vested interest the company.
makes this:
Quote
"Dropbox employees aren't able to access user files"

a lie.

Try telling the IRS that any executive staff, whether or not they are officers of the corporation, whether or not they own stock or have any other vested interest, are not employees of the corporation. 
Logged
EĆ³in
Charter Member
***
Posts: 1,400


O'Callaghan

see users location on a map View Profile WWW Give some DonationCredits to this forum member
« Reply #30 on: April 16, 2011, 02:46:03 PM »

Executive staff aren't employees, they're gods!
« Last Edit: April 16, 2011, 02:48:12 PM by EĆ³in » Logged

Interviewer: Is there anything you don't like?
Bjarne Stroustrup: Marketing hype as a substitute for technical argument. Thoughtless adherence to dogma. Pride in ignorance.
Armando
Charter Member
***
Posts: 2,666



see users location on a map View Profile Give some DonationCredits to this forum member
« Reply #31 on: April 16, 2011, 03:34:40 PM »

And gods easily turn into dogs.
Logged

"I suppose it can be said that I'm an absent-minded driver. It's true that I've driven through a number of red lights on occasion, but on the other hand, I've stopped at a lot of green ones but never gotten credit for it."
Glenn Gould
phitsc
Honorary Member
**
Posts: 917



see users location on a map View Profile Give some DonationCredits to this forum member
« Reply #32 on: April 16, 2011, 04:57:31 PM »

And gods easily turn into dogs.

Damn, it took me about 10 seconds to see that. And it's only 4 letters Wink
Logged

Armando
Charter Member
***
Posts: 2,666



see users location on a map View Profile Give some DonationCredits to this forum member
« Reply #33 on: April 16, 2011, 09:52:36 PM »

...there's more in the blog article the quote is from.

Thanks for the link [Edit : Dropbox's lawyers should study it too]. And I'm also going to study that spideroak thing a bit more though before I Drop or prod the box.... which is definitely something I'll do. Just a matter of time.
« Last Edit: April 16, 2011, 09:54:28 PM by Armando; Reason: I Thin » Logged

"I suppose it can be said that I'm an absent-minded driver. It's true that I've driven through a number of red lights on occasion, but on the other hand, I've stopped at a lot of green ones but never gotten credit for it."
Glenn Gould
Armando
Charter Member
***
Posts: 2,666



see users location on a map View Profile Give some DonationCredits to this forum member
« Reply #34 on: April 16, 2011, 11:46:14 PM »

This is a pretty good and balanced general article : http://web.appstorm.net/r...ideroak-file-sync-battle/

It mentions security, but isn't focused on it.

And the website is also not bad at all... first time I see it.
Logged

"I suppose it can be said that I'm an absent-minded driver. It's true that I've driven through a number of red lights on occasion, but on the other hand, I've stopped at a lot of green ones but never gotten credit for it."
Glenn Gould
f0dder
Charter Honorary Member
***
Posts: 8,774



[Well, THAT escalated quickly!]

see users location on a map View Profile WWW Read user's biography. Give some DonationCredits to this forum member
« Reply #35 on: April 17, 2011, 07:59:51 AM »

In addition to those security concerns, also keep this in mind:

...in other words, if somebody gets access to your hostid, changing you password isn't going to matter the tiniest bit in the world.

And then we've got this:
Business Transfers. Dropbox may sell, transfer
    or otherwise share some or all of its assets,
    including your Personal Information, in connection
    with a merger,  acquisition, reorganization or
    sale of assets or in the event of bankruptcy.
...all your data are belong to us. Might be standard business practice, but is it particularly confidence-inspiring?

Really, start the DropBox exodus already.
« Last Edit: April 17, 2011, 08:01:26 AM by f0dder » Logged

- carpe noctem
Armando
Charter Member
***
Posts: 2,666



see users location on a map View Profile Give some DonationCredits to this forum member
« Reply #36 on: April 17, 2011, 11:17:07 AM »

Thanks for the links -- am having problems with the first one though. Installed spideroak last night and will experiment with it today.

Even if I don't have much sensitive stuff in my dropbox account, it's a question of principle: companies offering "cloud" storage should take privacy more seriously. With all that, Dropbook is starting to look like Facebox.
Logged

"I suppose it can be said that I'm an absent-minded driver. It's true that I've driven through a number of red lights on occasion, but on the other hand, I've stopped at a lot of green ones but never gotten credit for it."
Glenn Gould
Armando
Charter Member
***
Posts: 2,666



see users location on a map View Profile Give some DonationCredits to this forum member
« Reply #37 on: April 17, 2011, 01:12:35 PM »

Would it be unethical to ask SpiderOak for a special donationcoder discount ? I read quite a bit about it and I think they really have a good product. IMO, it's the perfect alternative to DropBox. Especially if the later doesn't put its act together.
Logged

"I suppose it can be said that I'm an absent-minded driver. It's true that I've driven through a number of red lights on occasion, but on the other hand, I've stopped at a lot of green ones but never gotten credit for it."
Glenn Gould
Carol Haynes
Waffles for England (patent pending)
Global Moderator
*****
Posts: 7,919



see users location on a map View Profile WWW Give some DonationCredits to this forum member
« Reply #38 on: April 17, 2011, 03:34:28 PM »

Who are the 'executive staff' andc how do they bypass their own security system?
Logged

Armando
Charter Member
***
Posts: 2,666



see users location on a map View Profile Give some DonationCredits to this forum member
« Reply #39 on: April 17, 2011, 03:46:00 PM »

Well, they said :

Yes. Dropbox employees can't access the file's contents. They can see the file names, move, delete or even restore files, but can't view them. The only exceptions are the executive staff who have a vested interest the company.

... but, to know how they do it... they'd have to tell us exactly.
Logged

"I suppose it can be said that I'm an absent-minded driver. It's true that I've driven through a number of red lights on occasion, but on the other hand, I've stopped at a lot of green ones but never gotten credit for it."
Glenn Gould
f0dder
Charter Honorary Member
***
Posts: 8,774



[Well, THAT escalated quickly!]

see users location on a map View Profile WWW Read user's biography. Give some DonationCredits to this forum member
« Reply #40 on: April 17, 2011, 04:15:12 PM »

Given what we've heard about DropBox, the "how do the executives bypass security" is probably as simple as "grantAccess = (user.isExecutive == true);"
Logged

- carpe noctem
Carol Haynes
Waffles for England (patent pending)
Global Moderator
*****
Posts: 7,919



see users location on a map View Profile WWW Give some DonationCredits to this forum member
« Reply #41 on: April 17, 2011, 05:10:51 PM »

But if the data is supposed to be encrypted by a private key ...
Logged

Armando
Charter Member
***
Posts: 2,666



see users location on a map View Profile Give some DonationCredits to this forum member
« Reply #42 on: April 17, 2011, 06:23:52 PM »

[slightly off-topic] hmmmm... I'm having problems with spideroak's deduplication... Maybe because my some of my data is already encrypted? see http://www.donationcoder....26330.msg245855#msg245855 [/slightly off-topic]
Logged

"I suppose it can be said that I'm an absent-minded driver. It's true that I've driven through a number of red lights on occasion, but on the other hand, I've stopped at a lot of green ones but never gotten credit for it."
Glenn Gould
phitsc
Honorary Member
**
Posts: 917



see users location on a map View Profile Give some DonationCredits to this forum member
« Reply #43 on: April 18, 2011, 02:07:09 AM »

Who are the 'executive staff' andc how do they bypass their own security system?

I would assume that it means executive staff have access to the private keys they use for encryption.

Even if I would trust these executive staff (whoever and however many that are), the problem is that if they have access to my data, then a not properly fixed or yet to be discovered security problem on their servers could possibly make my data available to hackers as well.
Logged

phitsc
Honorary Member
**
Posts: 917



see users location on a map View Profile Give some DonationCredits to this forum member
« Reply #44 on: April 18, 2011, 02:11:55 AM »

I like it how SpiderOak tries to be very clear about where possible security problems in using their service could be, e.g. here about accessing one's data over the web interface:

https://spideroak.com/eng...ng_matters#instant_access
Logged

phitsc
Honorary Member
**
Posts: 917



see users location on a map View Profile Give some DonationCredits to this forum member
« Reply #45 on: May 06, 2011, 10:38:05 AM »

And here comes the "workaround":

http://lifehacker.com/579...and-weve-got-beta-invites
Logged

Armando
Charter Member
***
Posts: 2,666



see users location on a map View Profile Give some DonationCredits to this forum member
« Reply #46 on: May 06, 2011, 12:08:55 PM »

Thanks or the heads up !  Will have a look at it later.
Logged

"I suppose it can be said that I'm an absent-minded driver. It's true that I've driven through a number of red lights on occasion, but on the other hand, I've stopped at a lot of green ones but never gotten credit for it."
Glenn Gould
phitsc
Honorary Member
**
Posts: 917



see users location on a map View Profile Give some DonationCredits to this forum member
« Reply #47 on: May 16, 2011, 02:12:14 AM »

And the tale goes on:

http://www.wired.com/thre...evel/2011/05/dropbox-ftc/
Logged

Stoic Joker
Honorary Member
**
Posts: 4,880



View Profile WWW Give some DonationCredits to this forum member
« Reply #48 on: May 16, 2011, 07:02:31 AM »

Zoiks! ...So apparently, at this point, it's safer to have your head in the sand, than in the cloud(s).
Logged
Armando
Charter Member
***
Posts: 2,666



see users location on a map View Profile Give some DonationCredits to this forum member
« Reply #49 on: May 16, 2011, 10:41:19 AM »

Wonder what DropBox is going to do now. There might be lawsuits coming.
Logged

"I suppose it can be said that I'm an absent-minded driver. It's true that I've driven through a number of red lights on occasion, but on the other hand, I've stopped at a lot of green ones but never gotten credit for it."
Glenn Gould
Pages: Prev 1 [2] 3 4 Next   Go Up
  Reply  |  New Topic  |  Print  
 
Jump to:  
   Forum Home   Thread Marks Chat! Downloads Search Login Register  

DonationCoder.com | About Us
DonationCoder.com Forum | Powered by SMF
[ Page time: 0.05s | Server load: 0 ]