On Sun, Jan 6, 2013 at 3:50 PM, John Adams <[email protected]> wrote: > Why don't you just get around the problem entirely and use Dropbox's storage > for encrypted disk images? > > If you have data sufficiently encrypted, it doesn't matter how it's stored. > > -j
On Sun, Jan 6, 2013 at 4:47 PM, Jacob Appelbaum <[email protected]> wrote: > The main concern that I have is that an attacker pwning a Dropbox > account could tamper with encrypted files. Dropbox has a history of breaking encrypted files and truecrypt containers. Which makes a lot of sense when you consider that when syncing a file, Dropbox replaces only the part of the file that has changed. (Or tries to). [1] There are a lot of great uses for Dropbox, Box.net, SpiderOak etc etc -- but storing sensitive files securely is not one of them. I have Dropbox and Box accounts, and use them for client designs and stock art. I think this is a pretty standard use of the service and would not recommend putting anything particularly sensitive there. In terms of security from other people, an encrypted hard drive, thumb drive or memory card is going to be a much better choice. If you absolutely need to pass an encrypted container back and forth, there's probably not a cloud service that fits your needs. Best, Griffin [1] http://dl.dropbox.com/u/27532820/original_screencast.html -- "What do you think Indians are supposed to look like? What's the real difference between an eagle feather fan and a pink necktie? Not much." ~Sherman Alexie PGP Key etc: https://www.noisebridge.net/wiki/User:Fontaine -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
