

How Dropbox sacrifices user privacy for cost savings - riffraff
http://paranoia.dubfire.net/2011/04/how-dropbox-sacrifices-user-privacy-for.html?showComment=1302661727678

======
Osiris
The author points to the behavior as a "flaw", but I disagree. There's no
defect or bug in the software, it's an architectural design. It would be a
flaw if Dropbox claimed that each user's data was individually encrypted with
a private key tied to the user's account credentials, but I don't think that
claim was made. I, for one, think that the deduplication is actually a huge
benefit, saving time and bandwidth in unnecessarily uploading files.

As the author suggested, the only way to ever ensure that you're files are
inaccessible to anyone but yourself is to encrypt them locally with something
like EncFS or TrueCrypt.

~~~
GiraffeNecktie
Maybe from the perspective of Dropbox it's "an architectural design", but from
the perspective of a user facing an RIAA lawsuit, it would be a flaw.

------
trustfundbaby
Its a pity this wasn't upvoted more ... I guess we'll have to wait for an
incident of this to actually happen before people come back to this post to
ooh and aah over how prescient it was. Good writeup.

