

Is DropBox Decrypt something we need to worry about? - biturd

Aside from probably being a good idea to look at a local alternative which I saw mentioned on here to day or yesterday, I am curious, is this something we need to be concerned about?<p>http:&#x2F;&#x2F;www.magnetforensics.com&#x2F;decrypting-the-dropbox-filecache-dbx-file-new-free-tool&#x2F;<p>I was looking to find out what the files were, why they are so large, do they need to be backed up, etc. And then, ran into a way to decrypt them.<p>Suggestions and opinions?
======
Someone1234
That isn't a security issue.

If you have access to the encrypted DropBox cache you likely also have access
to the raw files themselves (via both DropBox and the File System) and also
have the meta data stored elsewhere (e.g. filesystem, backups, restore points,
et al).

The fact that DropBox even encrypts that is "cute." The fact they encrypt it
using the LSASS makes it almost worth while (almost). But realistically there
are very few scenarios outside of computer forensics where this kind of thing
is useful to someone.

The reason it is useful to them is: They may not have a warrant for your
DropBox (but do have your computer in their possession). The files are deleted
locally but on DropBox, so they can leverage the cache to get a warrant for
DropBox.

As a note tons of other stuff caches meta data within unencrypted SQLite
databases such as Skype, Chrome, Firefox, Thunderbird, et al. It isn't a
security issue there either as your user is meant to have access to this (just
as with DropBox).

~~~
biturd
Thanks for the reply. One of my main issues is just knowing what the files are
and what they can be used for against me potentially.

They are in ~ in a dir that is a .dir so hidden from 90% ( guessing ) of most
casual DB users. If someone were to delete their home files, by putting them
in the trash, they may think they deleted their DropBox data too, but they
would be wrong.

It was that scenario I was concerted about, or at least, wanted to know more
about so I could be sure to delete those files and know it is safe to do so,
and won't harm the files stored in my DropBox on other machines, or in a
recovery procedure.

------
anonymouse123
If you're concerned about this sort of thing (which I think we all should be)
you can use something like boxcryptor.

------
guhuifeng
Decryption helps.

