Home > All, Security Issues > Is it safe to carry on using Dropbox? Yes and No

Is it safe to carry on using Dropbox? Yes and No

Dropbox is a great little company. I use Dropbox. It allows you to store your files in the cloud for free. I use it move work files between my various different platforms, mainly Windows and Mac, in various different locations.

Recently, however, it has had some bad press. Firstly it suddenly and apparently arbitrarily changed its T&Cs. The privacy policy includes:

Compliance with Laws and Law Enforcement Requests; Protection of Dropbox’s Rights. We may disclose to parties outside Dropbox files stored in your Dropbox and information about you that we collect when we have a good faith belief that disclosure is reasonably necessary to (a) comply with a law, regulation or compulsory legal request; (b) protect the safety of any person from death or serious bodily injury; (c) prevent fraud or abuse of Dropbox or its users; or (d) to protect Dropbox’s property rights. If we provide your Dropbox files to a law enforcement agency as set forth above, we will remove Dropbox’s encryption from the files before providing them to law enforcement. However, Dropbox will not be able to decrypt any files that you encrypted prior to storing them on Dropbox.

This has upset a lot of people. However, it seems to me that the company is simply complying with the law; it has no choice.

The second concern is with the more recent announcement of a freely available Dropbox Reader. This ‘product’ can apparently read anybody’s Dropbox files without needing a password to access the account. It is not produced by Dropbox. It was developed by Cyber Marshal. “Dropbox Reader is a suite of command-line tools for parsing configuration and cache files associated with the Dropbox cloud storage software. These tools can run on Windows, Macintosh, and Linux systems,” says the Cyber Marshal website.

More sinister to my mind, however, is the statement on the About page:

Cyber Marshall

Lifted from Cyber Marshal’s About page

So I asked Dropbox to comment on Dropbox Reader. Would it do anything to counteract it? I haven’t had a reply. That’s a shame.

But there is really only one takeaway from this. You don’t need to stop using Dropbox, or any of its competitors, or Google Docs – just never, ever put anything confidential or legally dubious anywhere in the cloud. Just don’t.

[See also: Is it safe to carry on using Dropbox? Yes and No: Part II – 5 August 2012]

Dropbox
Cyber Marshal

Categories: All, Security Issues
  1. nxb3942
    March 19, 2012 at 5:52 pm

    Dropbox Enterprise File Transfer from Thru is the secure solution for businesses and enterprises. Their solutions have been working for large businesses for ten years without a single security breach.
    http://www.thruinc.com/solutions/dropbox-enterprise-file-transfer/
    http://www.thruinc.com/products-services/secure-file-transfer/

    Like

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s