Hacker Newsnew | comments | show | ask | jobs | submit login

It's a novel exploit of deduplication, but I don't see how it's practically any better than moving a file into the /Public directory and handing them a URL.



In theory, developing this a bit more would lead to searchable directories of files and an easy way to retrieve them, very similar to a torrent tracker.

That has significant benefit over shared files and I have to think would scare the heck out of dropbox because of the ire it might bring upon them. This would have to be a worst nightmare for them. Although removing deduplication would solve it for them (with significant increase in what has to be stored).

-----


Consider

1) User buys a file from the rights owner and explorers it into his Dropbox

2) User obtains a blockwise hash of the file and runs dropship on it

3) User obtains a public URL from somebody who has the file and downloads the file from the Dropbox web server

The point is that the Dropbox server cannot distinguish 1 from 2, but both from 3. Therefore, 2 should be more robust against takedown notices than 3.

-----


Dropbox has bandwidth limits on /Public URLs, particularly low for free accounts. This wholly circumvents that, and I suspect that's the real reason Arash asked for a takedown, not so much the loose association with piracy.

-----


Dropbox could do the same for hashes. For example internet cannot download more than 400MB from a hash (4MB) per day.

-----




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: