Dropbox is great. I love being able to simply drop a file in my Dropbox folder on one PC and have it appear on all my other systems. I also love taking a photo with my iPhone and have it on my PC automatically (an app called Quickshots allows this to happen). Like I said, I love Dropbox, but don’t trust it.
I have always felt that no matter what a company’s privacy statement says or how much they tout their state of the art encryption, anything I store on “the cloud” was less secure than promised. On Sunday Dropbox proved me right. For a few hours on Sunday Dropbox accounts were accessible without requiring a password. This issue was quickly discovered and fixed, but it still shows that once you store something on someone else’s system, it is open to compromise.
So what should we do? Should we stop using these cloud services? No, but we should use them knowing that we are taking a risk. In other words, assume that anything you post could be accessed by people that you may not wish to share it with. If you have a document that you want to ensure unauthorized people don’t ever have access to, then don’t store it on services like this. You can also take extra steps to protect yourself when using these types of services. An easy way to encrypt files before you post them is to zip them and password protect the file.
The fact that these service are not infallible could be good in one respect. This might help us remember to clean up files that we really don’t need to store offsite or that we no longer need. That reminds me, I have to go clean up some files now.