Main Area and Open Discussion > General Software Discussion

Deduplication, encryption, security and... Dropbox

<< < (9/16) > >>

f0dder:
Given what we've heard about DropBox, the "how do the executives bypass security" is probably as simple as "grantAccess = (user.isExecutive == true);"

Carol Haynes:
But if the data is supposed to be encrypted by a private key ...

Armando:
[slightly off-topic] hmmmm... I'm having problems with spideroak's deduplication... Maybe because my some of my data is already encrypted? see https://www.donationcoder.com/forum/index.php?topic=26330.msg245855#msg245855 [/slightly off-topic]

phitsc:
Who are the 'executive staff' andc how do they bypass their own security system?
-Carol Haynes (April 17, 2011, 03:34 PM)
--- End quote ---

I would assume that it means executive staff have access to the private keys they use for encryption.

Even if I would trust these executive staff (whoever and however many that are), the problem is that if they have access to my data, then a not properly fixed or yet to be discovered security problem on their servers could possibly make my data available to hackers as well.

phitsc:
I like it how SpiderOak tries to be very clear about where possible security problems in using their service could be, e.g. here about accessing one's data over the web interface:

https://spideroak.com/engineering_matters#instant_access

Navigation

[0] Message Index

[#] Next page

[*] Previous page