Richard Pieri wrote: > Tom Metro wrote: >> If the encryption is done properly, and can be verified, it doesn't >> matter where your bits are stored. > > Well, yes, actually, it does. Dropbox for example does the encryption > properly but they can and do hand over the keys to law enforcement upon > request.
As Bill pointed out, from a crypto-perspective, that they have the ability to hand over your keys means that they fit the very definition of using a weak crypto model. Dropbox prioritizes convenience over privacy. They is very clear business and financial reasons why they have their system designed the way it is. It makes for a low cost, easy to support, user friendly service. I wouldn't recommend using it for anything, except documents you wouldn't mind sharing publicly, or as storage for client-side encrypted blobs. Google Docs is in the same league. -Tom -- Tom Metro The Perl Shop, Newton, MA, USA "Predictable On-demand Perl Consulting." http://www.theperlshop.com/ _______________________________________________ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss