[ale] Dropbox opinions wanted

Michael Trausch mike at trausch.us
Fri Sep 17 00:05:20 EDT 2010


They could be encrypting to 2 keys: your password and a key that they do not
share, but use to read from Amazon or whatever. It is possible that they
also then generate the hashes prior to encryption. The level of protection
is such that one couldn't steal the files from S3 but a DB empl might be
able to.

Just some speculation...

--
Sent from my HTC Dream---Running Froyo!
Thanks, @cyanogen!

On Sep 16, 2010 12:32 PM, "Pat Regan" <thehead at patshead.com> wrote:
> On Thu, 16 Sep 2010 12:00:02 -0400
> Geoffrey Myers <lists at serioustechnology.com> wrote:
>
>> I guess they should specify that if the find the file in their global
>> repository, then they won't copy it. Point being, they should be up
>> front in telling you they'll look at your stuff for the sake of
>> expediency when updating other folk's stuff.
>
> If they have the ability to identify and deliver an identical file from
> someone else's account then it makes their claim that your files are
> being protected by aes-256 and are inaccessible to their employees feel
> pretty hollow.
>
> Pat
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.ale.org/pipermail/ale/attachments/20100917/7987fb7a/attachment-0001.html 


More information about the Ale mailing list