FWIW, article about Dropbox security:
http://windowssecrets.com/newsletter/re-examining-dropbox-and-its-alternatives/
**
Thanks for the info.
Good thing I only keep college work on there.
I don’t understand how this is an unfair advantage? Is the claim that dropbox security is sub-par simply because employees have a process to go through in order to access the file contents?
Using COTS cloud services, especially free services, to store sensitive proprietary information for a company has been a known no-no in the IT industry since the word “cloud” was even coined. For anything sensitive, the best philosophy isn’t centered around if something gets hacked, but rather a matter of when it will become hacked (hi Sony!). Sure, we lose agility by the inability to automatically sync files, or have files available anywhere – but the tradeoff is well worth it for trade secrets.
For the really paranoid, there’s also the good-ol’ trusty IronKey USB sticks. 4GB of 256-bit AES on a key chain FTW.
Because if they can un-encrypt your data, they can “deduplicate” files and use delta storage for large files, which takes less storage. He mentioned that in the article.
Yes. He mentioned other companies in the article which have no access to decryption.
Please note: I am neither agreeing nor disagreeing with the above, simply explaining what I think he meant.
**
Gotcha. Interestingly, I’d never heard of drop box until I went back to school, and hadn’t heard of any of the other sync-services until this article.
TANSTAAFL indeed.
Is there something exactly like dropbox but where you run the server on your own machine somewhere?
In the article the author mentions alternatives to Dropbox. All of them are client applications I think, but at least one of them generates the passwords and encryption locally so that the server has no access to the content of your files.
If you want to run an Apache server on your own machine you could certainly store files there and completely control access to them. I know that’s not “like Dropbox”, but it would give you access to your files from any internet-connected device.
**
SparkleShare is supposed to do what you’re asking. It doesn’t look quite ready for regular use yet, though. There’s also iFolder, which seems more complete.
Funambol is one that I have been looking at. It has several sync clients that work with several different types of devices.
I use Subversion, but it is not “exactly like dropbox” but it is a great way to keep files in sync across many computers.
-Hugh
1745 Still uses Dropbox for its stuff but all of our financials are now in a Truecrypt container.
I found the whole thing stinks. the way they presented it to people is that they encrypted/decrypted it locally then only stored the hash ( without the password) like lastpass. but really the only thing keeping your files safe is a company policy (and disgruntled/blackmailed/hacked employees always follow policy)
as far as alts ( if you dont want to pre encrypt ) Steve Gibson ( from Security Now / Grc.com) uses Jungle disk for all his stuff and if its good enough for Steve it should be good enough for us.