Storing secrets on other people's computers

Jeffrey Walton noloader at gmail.com
Thu May 5 06:23:16 CEST 2011


On Wed, May 4, 2011 at 10:24 PM, M.R. <makrober at gmail.com> wrote:
> On 03/05/11 15:50, Daniel Kahn Gillmor wrote:
>
>> Dropbox exposes your secret
>> keys to dropbox employees (and anyone who can convince them to snoop):
>>
>>
>> http://paranoia.dubfire.net/2011/04/how-dropbox-sacrifices-user-privacy-for.html
>
> That article makes no sense at all.
>
I was somewhat surprised at the article.

I think a typical user expects that a file is encrypted locally and
then securely transmitted to DropBox for storage. (I don't use
DropBox, but its what I expected). I don't believe anyone would expect
that DropBox transmits a plain text file and then encrypts the file at
its leisure and pleasure.

OT: I was just getting ready to audit DropBox via their public API for
another project. The article saved me a lot of time.

Jeff



More information about the Gnupg-users mailing list