Sorry. I just don't get it. Why are people so surprised by this? I think the people that are shocked are people that just don't bother to think about the devices they use. This is the danger of this whole "ooooh it's magic" shellac marketing craze everyone seems caught up in.

All of this should have been obvious to anyone that bothered to think about what was going on before they stored their precious secrets in Dropbox. Obviously they are holding the encryption keys. Hell, that much was obvious to me when I started using/testing Dropbox just over a year ago and saw my files served over a web page. I can't help but muster a "meh".

The value I saw in their use of encryption is this: when they or amazon or whoever dispose of their drives it will be harder to harvest data off of them. That's all I've come to expect from them and that's all any of their information has ever warranted.

I still derive great value from their service.

Now, I will admit the one that I personally didn't think through back then was the key file thing, but really that's just the same as having an ssh private key. I was aware that it wasn't constantly prompting me for a password so at some level I knew it was going on. Maybe I would prefer some sort of passphrase at login using a keyring for that file. Minor issue.

I do trust them that the run-of-the-mill support personnel are barred from accessing the keystore. Its entirely feasible that there is no mechanism for them to just go browse around your files.

However, it should be blatantly obvious to anyone that understands anything about encryption that someone somewhere at dropbox can access your files. This has always been the case and obvious.

I guess I'm mostly amused by people that are surprised by any of this. The smarter they pretend to think they are, the more amusing they "fell" for something this obvious. It's like the people that fall for mint.com's attempts to obscure the fact that they store your bank account usernames and passwords (oh, sorry, I forgot, they pay a third party to do that for them instead). People just don't think through the mechanisms of their shiny trinkets. You get to just point and laugh.

It is completely reasonable for a layman to believe that his files are protected by a password, and therefore that nobody can access those files without the password. You don't have to be an idiot to have that mental model, especially when Dropbox reinforce it with explicit statements like "Dropbox employees aren't able to access user files".

It's a consumer service, and consumers don't know or care how encryption works. They just need to be told the consequences of whatever technical decisions have been made on their behalf, so it's important for Dropbox to be honest in explaining them.

It's also completely reasonable for laymen to assume that the government can gain access to their Dropbox files. I don't recall Dropbox ever claiming anywhere that they would be technologically incapable of complying with a subpoena.

When they said, "Dropbox employees aren't able to access user files", they were saying they were incapable of complying with a subpoena.

Perhaps. I don't think it's appropriate to edit out the context of that statement. What was actually said was "Dropbox employees aren’t able to access user files, and when troubleshooting an account they only have access to file metadata (filenames, file sizes, etc., not the file contents)". I don't think that statement as a whole necessarily responds to their capabilities to answer a subpoena. I don't think the lay public would conflate the two contexts.

It's reasonable for a layman to assume that Google can't read his Gmail? That Facebook can't see your private messages? We need to have higher expectations of "laymen."

Why does the degree of surprise matter? That a betrayal is expected does not make it alright.

Agreed. Pausing to think about how it is that you are able to share a file that is stored as encrypted over the web with your friends will provide a clue.

Now, if only there was an cross-platform (mobile + desktop) solution that would allow me to store files I encrypted on Dropbox. That would be pretty killer.

>All of this should have been obvious to anyone that bothered to think about what was going on

This is easy to claim, but we live in a world of tech. You need to step back and get some perspective. We have piles and piles of domain specific knowledge, the layman can barley set up a home router. Dropbox claims to have over 25 million customers. How many of those people do you expect to even have the knowledge to be able to figure this out?

You're putting the burden of realizing dropbox's claims don't hold water on the consumer, who probably doesn't understand a single thing about cryptography. Even if every one could figure it out, they still shouldn't have to.

>I guess I'm mostly amused by people that are surprised by any of this.

I wasn't surprised by any of this, what I am surprised by is people who see others trying to raise consumer awareness and are so quick to dismiss them just because they happen to be among the few who actually do understand the technical limitations of the cryptography implementation used.

I think it's more a question of poor wording than a deliberate attempt to mislead.

No-one with any technical expertise would think that Dropbox was incapable of reading stored files. They'd have to know the encryption key in order to provide their web interface.

So as a technically proficient user, my interpretation of their statement is that they don't give normal employees access to their production encryption keys. However, if the government asks, then presumably they have a legal responsibility to comply.

My guess is that the Dropbox employees who made those statements were also technically proficient, and made the same assumptions I did.

> No-one with any technical expertise would think that Dropbox was incapable of reading stored files.

I did. That is exactly what they made me think.

Really? Maybe I'm just unusually cynical, or I guess maybe I knew about the web interface and you didn't?

I don't think they've lied, I've always known about the fact that they manage the encryption keys, it was one of the first things I looked for when the service was launched.

You still haven't explained what it is you expect them to do.

In reality.

Knowing that they have millions of customers, and that they have invested years of work into their current infrastructure.

So, playing devil's advocate for the moment --- and taking the above facts into account --- what, precisely, would you do in their position?

JungleDisk uses an encryption key protected by an additional password. To access your files online you have to provide this additional password which is used to decrypt the encryption key for the actual data.

Granted, they can still steal your password...

Let me be more clear.

You are now Drew. You start this morning by visiting Hacker News. "Dear god," you exclaim, "I've been such a fool! We've been Doing It Rong all these years!"

Inspired by this new revelation, you spring out of your chair and out the door. You stride into "The Programmer Pit" and over to the new hire, backhanding him across the face. "Get the hell off of Portal 2! We have work to do! Jessica, go pick up four cases of Red Bull --- It worked at MIT, it'll work here."

Now that you have Acquired Their Attention, you say, "Okay, here's-a what we gonna do. Step 1: Jimmy, I want you to ..."

... Now. What, exactly, fellow HNers, is Step 1? Fill in the blank.

What, step-by-step, do you want Dropbox to do?

Can't we all agree, at least, that step one should be to clearly admit that they lied?

Maybe they don't need to do anything else. Dropbox is a fine service as it stands; security must be traded off against convenience, and the trade-off that Dropbox makes is acceptable to lots of people. They do have a responsibility to make sure that those people understand the trade-off, though, as well as a responsibility to admit that they've swept important details under the carpet in the past.

1. Say "we take reasonable precautions to protect your files, but we are capable of accessing their content at any time."

I suspect the truth is closer to:

"Our goal is for no single employee acting alone is able to access your files. However, there is a procedure where multiple people working in concert can recover your files and provide them to law enforcement. Unfortunately, it is possible for a hacker / programmer to create a backdoor and there is nothing we can do about this."

Add an option to create secure folders which are encrypted client side, using a key which is only available client side. these folders wouldn't be usable with things like the web interface because there is no server side capability to decrypt their contents.

"But Drew!" Jimmy exclaims, "What if someone uses Dropbox at work and at home? Are these special folders going to be synced across computers? If so, how will the key be easily transferred (email, USB stick)? What happens when the user's hard drive crashes and his key file is lost permanently? Otherwise, if these special folders won't be synced, then what is the point of the folders being in Dropbox at all?"

Those are just minor implementation details. Off the top of my head, the key can be stored as a password protected file inside the Dropbox account its self, synced like any normal file, but perhaps hidden from the end user. The encrypted folders contents are synced like any others. On any client where you want to access the decrypted folder contents, you'd just enter the password to decrypt the password protected key and the folder contents would become available. If you forget the password then you're screwed.

The only way Dropbox could access those files then would be to backdoor the Dropbox client. But if they were going to do that, it wouldn't even be safe to use TrueCrypt or GnuPG either.

Why wait? Do that today: use ecryptfs.

Will that work with the Dropbox clients on my Android phone, my Android tablet, my Windows desktop, my OSX laptop and my Linux server? If not, then it's no use to me.

It works well for me (primarily linux, also Windows in a linux-hosted VM with dropbox served locally via samba). ecryptfs is standard on Debian and Ubuntu (very likely Redhat as they develop it). I have noticed some efforts to get ecryptfs running on the sdcard/data partitions in Android, but I haven't tried them yet. I haven't used Dropbox on Android since I learned their mobile client doesn't use https. As far as OSX goes, I don't know and I'm unlikely to care.

The Android and iOS mobile clients don't currently use HTTPS for transferring meta-data, but do for file contents.

ecryptfs isn't a suitable alternative to my suggested solution which would involve all Dropbox clients having the capability built in. Of course, people who are really paranoid can use their own layer of encryption on top as well/instead.

Paranoid, functional, existing, and "unsuitable" trumps vaporware. :)

Fair enough, but having something built in to Dropbox for people who value convenience wouldn't prevent anyone from using solutions like ecryptfs as well.

In the beginning, JungleDisk allowed users to manage their own keys from the client-side without ever sharing the key with JungleDisk. I think they dropped this feature subsequently, and there must have been a reason... too many problems with users losing their keys?

Encryption is always a trade-off, since it introduces the possibility of total data loss if the key is mismanaged.

What do I expect them to do? In reality? I expect them to continue to lie, defraud their customers, and attack the credibility of anyone who criticizes them, treating this as a public relations issue instead of an issue of personal integrity.

> So, playing devil's advocate for the moment --- and taking the above facts into account --- what, precisely, would you do in their position?

That depends on the law. Is it legal in the US to store someone else's strongly encrypted data on one's server? Assuming it is, then they should encrypt by default and then if law enforcement forces them to give up data, give what they have.

Why should any critic have to explain what they should do? Perhaps they can do nothing. This doesn't absolve them of guilt.

Personally, I'd let them off the hook if they admitted their previous deception and explained the limitations of their security model in terms that any user can understand.