

Dropbox, why it rox and how I (and others) use it. - jrnkntl
http://kudtler.com/2008/12/dropbox-why-it-rox-and-how-i-use-it/

======
dcurtis
I love Dropbox and use it every day. But this article says the data is
encrypted before being sent to the cloud, and that is not true. Because of
that, it's not a good idea to put sensitive stuff on Dropbox, like
"accounting" stuff or stock agreements.

For everything else, it is totally amazing.

~~~
jrnkntl
Update: <http://www.getdropbox.com/faq#security-and-privacy> Here it says it
does encrypt (256bit AES over SSL) the files before sending them to the cloud.

I agree with you on the matter that you don't place sensitive stuff on it. But
my 'accounting' stuff isn't that interesting for 3rd parties; as I also said
in the comments on my blog: "I get your concerns and need for a private key.
Also a key based on a combination of username and password would be the
simplest solution to this problem. For me the encryption isn’t that of a big
issue since 3rd parties viewing my files aren’t going to get anything out of
it that should do damage to me. Of course, when you store sensitive data on
it, you should also invest in some security on your part (like the mentioned
TrueCrypt)."

~~~
dcurtis
Regarding your update: that's saying they encrypt the pipe between your
computer and their servers using SSL. The files are still stored without
encryption on their servers (as far as I can tell).

~~~
hxa7241
Their FAQ item says the data is stored encrypted.

------
GavinB
Dropbox is awesome, miles ahead of the competition. My one complaint is that
it doesn't seem to sync files unless they are closed. So when if I'm working
on a manuscript for several hours, just pressing "save" doesn't back it up.
I'd have to close and re-open for it to back up.

This wouldn't be an issue, but my laptop is wheezing the wheeze of imminent
death.

~~~
huhtenberg
If I understand it correctly the Dropbox is an application-level file-
monitoring thingy. It is _not_ a filesystem-level real-time backup software,
which is something that is substantially more complex to implement.

~~~
jwilliams
Could you elaborate more on this? What triggers the sync in the application-
level example?

~~~
huhtenberg
An OS notification does. The app subscribes to the directory content changes
and the OS dispatches a notification (in whatever form) when the change
happens.

See <http://msdn.microsoft.com/en-us/library/aa365261.aspx> for example.

Another option, of course, is a periodic explicit directory scan, but that's
quite lame.

------
grouchyOldGuy
This looks like a simple solution for me. I have a TrueCrypt volume that I
keep account/password info in. I've been lazy and use email or ftp to get/send
copies of it, so any given copy could have stale info in it. Yeah, I could
rsync the file, but like I said, I'm lazy and didn't feel like configuring
rsync between Windows XP and Linux. This looks like a good solution for me.
Thanks!

~~~
colgur
PasswordSafe (Password Gorilla for Linux/Mac users) is a nice option for
password management (which I'm sure you've seen and decided against). But the
Truecrypt volume sync works very well. I've been keeping a PasswordSafe
archive along with the Truecrypt volume across Linux, Windows, and Mac.

------
k4st
Every time I come across a neat paper online, I download a PDF of it and then
put it up onto Dropbox so I don't lose it.

------
jmtame
Why I think it rox:

1) You can use it on Mac or PC (I have both, and transfer files between both)
2) You can instantly share folders with anyone else, all you need is their
e-mail address 3) You see files that change or get added in real-time (Growl
on a Mac makes this really slick)

~~~
netcan
I think what rox is that it does that without imposing itself at all. I have
it installed & barely ever use it. (no real need). I still haven't uninstalled
it. I feel no _cost_ to having it installed. It could come bundled with an OS.

------
windsurfer
For any advanced techie, the three main reasons (Backup, sync, sharing) for
using DropBox are irrelevant. For ordinary users: sure! It sounds like a great
solution. Let me explain.

I don't think anyone with valuable data would trust their only backup with an
external "in-the-cloud" source. On top of that, most people's upload capacity
is severely limited.

Syncing is accomplished with rsync or a network share on your home network.
Most geeks will SSH into their home computers, etc.

Sharing via drop box cannot be any better than a personally managed web
server. GIT/SVN on your server offers much more than drop box can.

On the other hand, maybe I just like to hack and get my hands dirty creating
my own solutions.

~~~
JesseAldridge
Have you _tried_ DropBox? The app is so damn easy to use it's ridiculous. Sure
there are other ways to do it, but the absolute lack of headaches makes
DropBox way better than those other techniques you suggested.

