[Tfug] Collaborative editing environments?
Zack Williams
zdwzdw at gmail.com
Sun Mar 27 19:38:22 MST 2011
> AFAIK, the Dropbox mobile app doesn't use SSL to transmit file
> metadata, but the actual file contents are still encrypted. The
> desktop client uses SSL all the time.
That's the issue - but metadata can also be embarrassing or incriminating.
> Also, I would appreciate it if you could point me towards some
> references about their "quite a few security issues". I'm genuinely
> interested to find out what they were.
Historically they've had a few incidents, which are likely resolved.
>From their security page:
https://www.dropbox.com/help/27
They're using Amazon S3 for storage, and encrypt your data with the
account password, but as it's a closed implementation it's hard to
know how well engineered it is.
I'm really hesitant of solutions that involve putting data that you
want to be secure on someone else's system that I isn't open for
introspection. See also the Drobo in the data integrity arena, where
nobody outside the company knows how to deal with it's on-disk format.
Count me as paranoid about this stuff.
- Zack
More information about the tfug
mailing list