Storing secrets on other people's computers
noloader at gmail.com
Thu May 5 06:23:16 CEST 2011
On Wed, May 4, 2011 at 10:24 PM, M.R. <makrober at gmail.com> wrote:
> On 03/05/11 15:50, Daniel Kahn Gillmor wrote:
>> Dropbox exposes your secret
>> keys to dropbox employees (and anyone who can convince them to snoop):
> That article makes no sense at all.
I was somewhat surprised at the article.
I think a typical user expects that a file is encrypted locally and
then securely transmitted to DropBox for storage. (I don't use
DropBox, but its what I expected). I don't believe anyone would expect
that DropBox transmits a plain text file and then encrypts the file at
its leisure and pleasure.
OT: I was just getting ready to audit DropBox via their public API for
another project. The article saved me a lot of time.
More information about the Gnupg-users