Dropbox's new security policy implies that they lied about privacy from the start -- UPDATED

Miguel de Icaza noticed that Dropbox's new security terms of service allows it to decrypt your stored files for law enforcement; but Dropbox has always claimed that it did not store the keys necessary to do this. This has been used as both a selling point ("we keep your files so safe, we can't access them") and an excuse ("don't ask us for help if you lose your crypto keys, we don't store them"), but it was, apparently, a lie. De Icaza worries that a company that lies about its crypto and security policy may not be trustworthy when it comes to files containing sensitive information:
If companies with a very strict set of security policies and procedures like Google have had problems with employees that abused their privileges, one has to wonder what can happen at a startup like Dropbox where the security perimeter and the policies are likely going to be orders of magnitude laxer.

Dropbox needs to come clear about what privacy do they actually offer in their product. Not only from the government, but from their own employees that could be bribed, blackmailed, making some money on the side or are just plain horny.

Dropbox needs to recruit a neutral third-party to vouch for their security procedures and their security stack that surrounds users' files and privacy. If they are not up to their own marketed statements, they need to clearly specify where their service falls short and what are the potential security breaches that

Unless Dropbox can prove that algorithmically they can protect your keys and only you can get access to your files, they need to revisit their public statements and explicitly state that Dropbox storage should be considered semi-public and not try to sell us snake oil.

Dropbox Lack of Security

Update: Arash Ferdowsi, CTO of Dropbox, wrote to me to clarify Dropbox's present and historical privacy policy:

first, I'd like to clarify what our intent was in how we represented privacy in our TOS. in our help article we stated "Dropbox employees aren't able to access user files" we didn't intend to mislead anybody with this statement - we prevent this via access controls on our backend as well as strict policy prohibitions. we don't feel this statement implies anything about who holds the encryption keys or what mechanisms prevent access to the data.

that said, it's become very clear to us that the statement wasn't explicit enough about what the barriers to access are. consequently, we've updated our help article and security overview to be explicit about this.

secondly, I'd like to clarify that we've never stated we don't have access to encryption keys. we've made quite a few posts in our public forums over the years about this very fact and we are quite open with our community: 1, 2, 3. via JWZ)


  1. There is no safe backup in the cloud. As simple as that. Hackers can brake into everything. Why would any online storage be any different?

    1. This is false; it is possible to create cloud-based storage that is algorithmically unbreakable, even to the employees. In order for it to work, you have to store the decryption keys on the client, and only on the client.

      Dropbox doesn’t store the keys on the client (you will see this if you install it on more than one machine, because you don’t have to enter a key). Therefore it’s certain that they hold the keys on their server to decrypt your at-rest files.

      There are some pretty substantial drawbacks to having such security, however. Specifically, the kind of file and photo sharing Dropbox allows is impossible if the server cannot decrypt your files.

    2. Not true, Spideroak for example does the encryption on the clientside. The only way they can access your data is when you use the website to download your data. Otherwise they have no access because they never have the key.

      1. And thanks for this, too. OpenSUSE is my distro of choice, but I don’t spend nearly enough time in it for various reasons. I end up swinging between it and Windows too much to spend time exploring (and I tend to strip it down during installation) so I’d never heard of iFolder.

      2. Yes. Both iFolder and SparkleShare are FLOSS systems that let you use your own server. Pretty bad ass! :) Tonido is also good: It makes a server out of your desktop/laptop/whatever computer, so again you don’t have to rely on anyone else. Unfortunately not FLOSS though.

    1. Thanks forteller. Something’s always made me uncomfortable about Dropbox’s privacy policy and no amount of Googling has put my mind at ease. There are plenty of Android features that support Dropbox integration so I hope one of those alternatives gains enough traction to make devs aware.

      1. Yes, that is always the big problem, isn’t it? You get locked in to the dominant players by the 3rd party support for just that player. Just like iPods (supported by tons of 3rd parties from skins to speakers to cars), etc, etc. Even though there are lots of better mp3 players it’s hard to go to a player with no 3rd party support at all.

        This is why we need standardized APIs for all kinds of services. 3rd party support acts like DRM, locking you in.

        1. Exactly. I mean, none of the applications I’m using are unusable without Dropbox (or they’d have been gone a long time ago) but they offer Dropbox features. Titanium Backup, for instance, can throw your phone backups to Dropbox (Google also offer this feature, but it seems to be less comprehensive and more scary). I usually just end up fudging things with rsync or sftp, but it’s always nice to have an open standard that you know you can rely on.

          Then again, I guess that’s exactly it. There essentially are open APIs for services — we can all access ftp, sftp, ssl, ssh, pgp, rsa, dsa, etc. specs; but then people like Dropbox do things like storing the key with the data and claiming to own your property. I’ll probably stick with a secured home server for now; I learn a lot more that way.

  2. This isn’t surprising. Dropbox are known spammers, and rule #1 of the rules of spam is “spammers lie”. So we should only be surprised if they WEREN’T lying about how secure data is.

    1. Dropbox are known spammers? Known to whom? That’s news to me, and I can’t find anything to confirm your allegation via a handful of google searches.

      1. Most anti-spam research and discussion doesn’t take place in public forums any more, thanks to threats from spammers. So unless you are known to the community and participating in private forums, you probably WON’T see these things.

        However, it’s not hard to find examples of spam from Dropbox. Here’s one — barely 24 hours old — that the spammers at Dropbox sent to the entire openbsd-advocacy mailing list:


        I’ve examined the headers on the original. It’s not a forgery, not a joe-job: it really did come from Dropbox’s outbound mail servers, therefore it’s their spam.

        1. Uh, what has happened here is that Masoom Shaikh has sent an invitation to the mailing group’s address. This is what the invitations look like when a user (NOT a dropbox employee) sends one to his or her friends.

          Since referrals get you extra storage space, Mr. Shaikh had a brain wave and decided to spam out his referral link to the openbasd-advocacy mailing link (a second brain wave probably would have had him realize that this scheme probably won’t work).

          Most people stop at putting their referral links in forum signatures and the like. Mr. Shaikh apparently has no shame.

          The point is though that this isn’t an example of Dropbox spamming. This is a Dropbox user – and most certainly not an employee – named Masoom Shaikh spamming, so he can get more free storage space.

          Please don’t make accusations like this without thinking. You say you looked at the technical bits of the message in detail, yet you missed the obvious fact in the message itself that it wasn’t Dropbox who decided to send the message to that mailing list, it was a user.

  3. With the world turning into a global police state more and more people are in search of privacy but are not finding it.

    1. @ Allie, sorry I did not see your post, I would like my post #10 to be considered a reply to yours. Apologies.

  4. I assumed this was the case anyway. Dropbox clearly deduplicates data, and as such must have had a way to read it. If you notice, if you copy common files, like the Firefox installer or other installers or commonly uploaded files, it uploads quickly without actually sending much data. This is because they’re using single instance storage or deduplication. Since they’re doing that, their computer systems must have a way to read the data, encrypted or not. As such, there is a way for them to recover and or decrypt the files, even if it isn’t easy for their employees to do so.

    I suspect that is the case, they encrypt the data to stop nosy employees, but the way their system works still presents a way in if they must (or want to). This is how most businesses treat their encryption as well. The data recovery agents can decyrpt the data, as can some systems and software, but it isn’t an easy process and usually triggers some alarms or alerts to other individuals in the company.

    1. Our goal is to have an open and honest relationship with you

      Uh, DropBox? That sounds like what a cheating spouse would say.

      Being open and honest isn’t “a goal”… it should have been what your business was about and enacted from the very beginning when people trusted you with their data.

      Enjoy your lawsuits. I hope it puts you out of business.

  5. There is no safe backup *anywhere*, but backup in the cloud can be as strong as modern cryptography allows it to be if you design it the right way. I suggest http://tahoe-lafs.org/trac/tahoe-lafs as an example of that. Others such as Wuala and AeroFS claim to do The Right Things, and that might actually be true, but since they’re not open source nobody can verify those claims. Personally I use a combination of sshfs (on-the-wire encryption) and encfs (at-rest encryption) which seems to do the job.

    Disclaimers: I consider Zooko (of Tahoe-LAFS) a friend, and I’m working on another project (CloudFS) which also has client-side-only encryption as a feature.

  6. While it seems true LOGICALLY that this implies they can decrypt the files, I’m not sure it really implies that in a LEGAL sense.

    I’ve found companies are often legally obligated, or think they are legally obligated, to state that they will do certain things in the event of X, even if they have nowhere near the capabilities to do so should X occur.

    So even if the TOS says they are allowed to decrypt for law enforcement, I don’t know if that actually means they can.

  7. They always could get at the files, I always took that stuff to mean that rank and file couldn’t get at the files, but it is really easy to do man in the middle when you control the crypto keys for an endpoint. Of course you would have to log in, but that isn’t exactly a high hurdle.

    I can’t understand how anyone who knows a bit about crypto would ever think that they couldn’t easily unlock your keys.

    1. Thanks for the SpiderOak link, Daniel. This part of their FAQ looks good. Let’s just hope they aren’t liars like Dropbox. I think I’d like it if anyone from SpiderOak under the threat of fraud would like to come forward and personally confirm this as fact?

      Does SpiderOak use encryption when storing and transferring data?

      Yes. Both. Always. SpiderOak encrypts your data at every stage in the process – from uploading to storage to downloading again. This process ensures complete security and privacy at all times.

      SpiderOak is a “zero knowledge” backup provider. This means that we do not know anything about the data that you store on SpiderOak — not even your folder or filenames. On the server we only see sequentially numbered containers of encrypted data.

      Speaking of fraud. Shouldn’t DropBox be charged with fraud at this point? I hope there’s a class action lawsuit on the way at least against them. People responsible for this fraud at DropBox need to be fired from the company too. It’s obvious that DropBox does NOT respect your business trade secrets and who knows if they’ve harnessed them for profit already? It’s not like we can trust them to tell us if they did, that’s for sure.

  8. I don’t see them as having lied. My reading of the ToS was *always* that data would be encrypted in transit, and the assurances with respect to what would happen on their Amazon S3 servers were *always* weaker. Thus, I’ve always stored sensitive info using truecrypt or encrypted .dng files.

    These “revelations” are utterly unsurprising, and I am a *very* happy DB user.

  9. I remember when it was illegal for librarians (and libraries)to inform the public or an individual that Homeland Security requested and received library usage information. I’m not sure if this is still applicable but I’m fearing that the same is going to happen with services like DropBox. Soon it may be illegal for online storage entity’s to even include or imply to Homeland Security’s practices because it may be viewed by Homeland Security as a security breech and thus illegal to inform the public, even in privacy usage statements, that their private information may be breeched.

    There’s a huge movement for the creation of laws to be set into place BEFORE anyone recognizes an issue on case by case opportunities seized by the government such as your cell phone dumping post performed by police during traffic stops.

    The multiple avenues of stored information are first invented the traveled by Government concerns and not by the inventors or users themselves setting privacy precedents, it’s blindly ignored then only challenged when the system had become legally entrenched and challenging too expensive.

    By the way; do you know how millions of people each year get tricked into being removed from “DO NOT” lists? Those stupid contests at fairs and festivals, where you fill out a simple entry form to win a product or service. On the back of that slip, in very tiny print hidden among all the fluff, is a consent that you agree to be removed from all and any “DO NOT” list. Be careful.

    1. “Soon it may be illegal for online storage entity’s to even include or imply to Homeland Security’s practices…”

      This is unparsable. It looks superficially like communication, but it isn’t.

      Sort of like this:

      “The multiple avenues of stored information are first invented the traveled by Government concerns and not by the inventors or users themselves…”

      Whatever you’re trying to say, you didn’t say it.

  10. I’m a programmer at SpiderOak.

    IMO it’s a matter of good design more than fear of a police state. If your keys are not isolated from content sooner or later something is going to leak

  11. I’ve come close to using dropbox more than once, it’s on my list of things to do in the near future. I would of course prefer if no one but me can access my data, but I’m rarely hardcore enough about such things that it keeps me from using “cloud-based storage”. What I am hardcore about is not doing business with liars. If you say my shit is secure that means no one can sniff it unless I let them. Ever.

  12. Yup, just like Microsoft employees can read your HotMail messages, Google employees can read all your Google docs, and Yahoo employees can see your private flickr uploads.

    Any sort of existing commercial “cloud” service is like this. It’s all based on trusting some corporation with your private data. There are alternatives to this that are truly secure (decryption keys are never stored with your data) but they’re significantly harder to use and deploy due to key-management issues, so I don’t think they’ll take off commercially.

  13. I updated the old adage long ago; “Never trust your digital files to a third party if you wouldn’t want them repeated to you in court.”

    I have always assumed nothing online is private. Uploading files to the cloud is an act of faith. You are assuming the files will be private, available forever, and not sold or hijacked. Whether the assumption is based on a friends recommendation, or a T.O.S. agreement at the end of the day you are putting your trust in a stranger whose priorities one day might contradict your own.

    Sometimes, even online, a price is paid for convenience.

  14. Am I the only one that always thought that Dropbox was a front for the NSA? How better to gather files and information than to open up a service where people _willingly_ upload them to your servers? Bonus: earn a little bit of money while doing the whole thing.

  15. I wish there was an android app that syncs and opens truecrypt containers that have been uploaded to dropbox. It works flawlessly on the PC.

  16. Can we start by separating the mere nerds from the storage sysadmins, and have everyone read up on block-level de-duplication?

    The fact that the storage systems can identify and remove duplicate chunks of data is far different from human beings be able to access other human beings’ files.

  17. I totally understand why this isn’t cool, but if you’re working with any sensitive data you really should be encrypting it yourself. It’s not really fair to compare this to a lot of the specialty cloud services like Gmail and Flickr, because they require unencrypted data to function, that is your emails, .jpgs or whatever. Dropbox is just storing your ones and zeros, in whatever format or encryption.

    And that being said, you don’t have to be a super-secret spy to encrypt files. If anything, just put them in a 7zip archive and turn on AES (also encrypting the filenames).

    1. I’m going to agree with you — but I have a question: is there a way to automate this process on your computer? Much of the benefit of something like dropbox is the seamless nature of a folder that exists on multiple machines — can that feeling still exist if you encrypt on your own machine?

      1. I’ve just sort of internalized the encryption process over the years, so I’m honestly not sure. I can definitely picture it being done with autohotkey scripting, but I haven’t seen anything in particular.

  18. It’s important to understand that privacy and security, while related, are different things. Dropbox appears to be, and is most likely (in my opinion) secure. This means that they are likely taking every possible measure to ensure that data you send them is safe while in their care. They use SSL to transfer files from your computer to their servers, they claim to encrypt the data while on disk, and they no doubt have firewalls, locks on their doors, etc to prevent unauthorized access. These are all ways to keep your data ‘secure’.

    However, when you send your file to their servers, they have total access to it, at least at the beginning, when their servers receive it. If they encrypt the data at this point, that’s fine, that’s a good security measure, but it doesn’t do much for privacy. They have both the encrypted data and the key, which is the same thing as having the decrypted data.

    Essentially, any time you send unencrypted data to any online service, you’ve entered into a trust relationship with them. Only if you encrypt it first on your computer, can you ensure actual privacy.

    This whole debate is fascinating, because it highlights something that I’ve felt was missing all along in the ‘cloud’ discussion. Everyone seemed to simply gloss over the fact that people you don’t know and probably will never meet are storing your data on hardware in who-knows-what-location. They claim it’s in a Level 3/Tier 1 data center, but is it really on a rack in their garage, next to their Malibu?

    My startup just released a small app last week (talk about timing) that was motivated by the very issues discussed here. It works with Dropbox and other sync services, and encrypts your files on your computer before putting them into Dropbox. I’m not trying to spam, but here’s the link in case it sounds interesting to anyone. This is an early beta:


  19. I personally use Dreamhost for storage. $10/month and I can just scp stuff up, with effectively unlimited space and bandwidth.

    If I were worried about other people accessing my stuff, I’d just set up a script to run bcrypt on the files beforehand. Easy, peasy, febreezy, parcheesi.

  20. @dhasenan

    The problem with the “hosting provider as storage” is that all of those providers (1&1, dreamhost, etc.) have a clause somewhere that (essentially) states you must make all content web-accessible.

    So if they don’t notice you, fantastic, but if you have your photo or mp3 collection up on dreamhost, but it’s not publicly accessible via the web, they’re going to cut you loose. They know full well what the promise of “unlimited” means.

    I point everyone I can to my own storage provider: rsync.net, who elucidate this concept very clearly: flat rate storage providers.

    You could do a lot worse than store data with the people who brought you the warrant canary.

  21. Compleat, Utter Rubbish. Doublespeak Permeates Dropbox, like the Detritus of it’s Rapidly Shrinking User Base. The Damage is Already Done, as Trust be a Fleeting Whippoorwill…

  22. It is revealing that the DropBox CTO doesn’t take the trouble to capitalize his sentences properly when writing such an important message. It would imply that he is either uneducated, or that he may be just as slapdash about other areas of his company. In either case it may be another indication that DropBox doesn’t take things as seriously as they should.

  23. We use encfs on mac (via macfuse) and then mirror the ENCRYPTED files to our Amazon S3 bucket using JungleDisk. Their folder sync option gives me the parts of dropbox I need. We just install encfs on the other systems, enable the folder sync on the new machine and ::BLAM:: we are up and running.

  24. I see that the updated version of the help article is equally ambiguous:

    “Dropbox employees are prohibited from viewing the content of files you store in your Dropbox account, and are only permitted to view file metadata”

    Note the words ‘prohibited’ and ‘permitted’, which are compatible with mere company rules, rather than words such as ‘prevented’ and ‘able’ which would suggest stronger protection.

Comments are closed.