The typical user most likely *does* believe files are locally encrypted then sent to Dropbox. But isn't that still pretty meaningless? If Dropbox is encrypting your file then you have to trust that Dropbox either can't decrypt the file or that, if they can, they would never under any circumstance compromise your security. One name: HushMail.
If you don't encrypt it yourself using a tool that is *known* to be secure then it really can't be trusted. Someone hacking a server is really the least of your security worries. Anthony On 5/4/11, Jeffrey Walton <noloa...@gmail.com> wrote: > On Wed, May 4, 2011 at 10:24 PM, M.R. <makro...@gmail.com> wrote: >> On 03/05/11 15:50, Daniel Kahn Gillmor wrote: >> >>> Dropbox exposes your secret >>> keys to dropbox employees (and anyone who can convince them to snoop): >>> >>> >>> http://paranoia.dubfire.net/2011/04/how-dropbox-sacrifices-user-privacy-for.html >> >> That article makes no sense at all. >> > I was somewhat surprised at the article. > > I think a typical user expects that a file is encrypted locally and > then securely transmitted to DropBox for storage. (I don't use > DropBox, but its what I expected). I don't believe anyone would expect > that DropBox transmits a plain text file and then encrypts the file at > its leisure and pleasure. > > OT: I was just getting ready to audit DropBox via their public API for > another project. The article saved me a lot of time. > > Jeff > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > -- Anthony Papillion Lead Developer / Owner Get real about your software/web development and IT Services (918) 919-4624 Facebook: http://www.facebook.com/cajuntechie My Blog: http://www.cajuntechie.com _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
