Dropbox Will Hand Over Your Files to the Feds If Asked
Dropbox Will Hand Over Your Files to the Feds If Asked
Popular cloud-storage service Dropbox has updated its terms of service to include a clause that states it will turn your files over to the government--if the government asks, of course.
This is nothing groundbreaking, Business Insider points out; it's a fairly common clause that appears in other cloud services' TOS, including Gmail, Hotmail, and Amazon cloud.
Dropbox is one of the leading cloud-storage services, and it works by installing a special "cloud" folder to your computer's hard disk. Any files you place in this special folder are then synced with your Dropboxes around the world (you can install Dropbox on any number of computers, phones, and tablets), and can be accessed from any Dropbox-enabled device.
The updated passage reads:
As set forth in our privacy policy, and in compliance with United States law, Dropbox cooperates with United States law enforcement when it receives valid legal process, which may require Dropbox to provide the contents of your private Dropbox. In these cases, Dropbox will remove Dropbox's encryption from the files before providing them to law enforcement.
Ok, so no worries--so long as you're not doing anything wrong, you should be fine. So why is this news?
Well, as programmer Miguel de Icaza points out on his personal blog, Dropbox makes some "bold claims" about security on its website. Specifically, it says that Dropbox uses "modern encryption methods" to transfer and store your data, and that nobody, not even Dropbox employees, are able to access user files. In fact, here's the exact wording:
"Dropbox employees aren't able to access user files, and when troubleshooting an account they only have access to file metadata (filenames, file sizes, etc., not the file contents)."
De Icaza points out that Dropbox's claim that it's able to decrypt user files if the government asks contradicts its previous public statements.
"They claim that Dropbox employees aren't able to access user files," de Icaza writes, "This announcement means that Dropbox never had any mechanism to prevent employees from accessing your files, and it means that Dropbox never had the crypto smarts to ensure the privacy of your files and never had the smarts to only decrypt the files for you."
Troubling. Perhaps it's time to rethink your cloud storage service. Also, stop saving your child porn and drug money receipts in your Dropbox folder.
Original Article
This is nothing groundbreaking, Business Insider points out; it's a fairly common clause that appears in other cloud services' TOS, including Gmail, Hotmail, and Amazon cloud.
Dropbox is one of the leading cloud-storage services, and it works by installing a special "cloud" folder to your computer's hard disk. Any files you place in this special folder are then synced with your Dropboxes around the world (you can install Dropbox on any number of computers, phones, and tablets), and can be accessed from any Dropbox-enabled device.
The updated passage reads:
As set forth in our privacy policy, and in compliance with United States law, Dropbox cooperates with United States law enforcement when it receives valid legal process, which may require Dropbox to provide the contents of your private Dropbox. In these cases, Dropbox will remove Dropbox's encryption from the files before providing them to law enforcement.
Ok, so no worries--so long as you're not doing anything wrong, you should be fine. So why is this news?
Well, as programmer Miguel de Icaza points out on his personal blog, Dropbox makes some "bold claims" about security on its website. Specifically, it says that Dropbox uses "modern encryption methods" to transfer and store your data, and that nobody, not even Dropbox employees, are able to access user files. In fact, here's the exact wording:
"Dropbox employees aren't able to access user files, and when troubleshooting an account they only have access to file metadata (filenames, file sizes, etc., not the file contents)."
De Icaza points out that Dropbox's claim that it's able to decrypt user files if the government asks contradicts its previous public statements.
"They claim that Dropbox employees aren't able to access user files," de Icaza writes, "This announcement means that Dropbox never had any mechanism to prevent employees from accessing your files, and it means that Dropbox never had the crypto smarts to ensure the privacy of your files and never had the smarts to only decrypt the files for you."
Troubling. Perhaps it's time to rethink your cloud storage service. Also, stop saving your child porn and drug money receipts in your Dropbox folder.
Original Article
Similar topics
» Major Dropbox security flaw discovered
» Dropbox tries shutting down open source project
» Search Program and Files Bar
» Recover deleted files from Windows or Mac
» Dropbox tries shutting down open source project
» Search Program and Files Bar
» Recover deleted files from Windows or Mac
Permissions in this forum:
You cannot reply to topics in this forum