MyNotes - Dropbox Possible Security Issues

Update 05/28/2014 - TrueCrypt is now defunct

Update 01/3/2012: I now recommend the free, open source AESCrypt in lieu of AxCrypt/NCrypt as a simple, easy to use cross-platform encryption tool. Find out more here.

Source: http://realityupgrade.com/wp-content/uploads/
2009/07/lock_picking_breakin_in.jpg

When I read the following, it occurred to me that if you haven't made an effort to learn how to use Truecrypt.org, as well as other encryption tools for your data, and you are posting it online via Dropbox, you are deserving of the critique levelled in the comment at the end of this post.

For those who may have missed it, read Securing Confidential Info-A Laundry List of Privacy Tools.

How do *I* use Dropbox? I only post non-confidential content. Anything confidential--some folks like to post KeepassX database (read Securing Confidential Info for more on that)--should be fine if encrypted. One easy encryption tool to use is TrueCrypt. For the really techie people, try this solution on Windows and GNU/Linux.

The truth is, though, you shouldn't be saving stuff on Dropbox that is confidential unless it is encrypted...that's home, family content that you don't want anyone browsing through.

My Notes on the Article linked below:
Dropbox faces possible FTC investigation over security | Electronista
    • Dropbox faces possible FTC investigation over security
      • Dropbox has had a complaint (PDF) filed against it with the FTC by a well-known security researcher.
        • Ph.D student Christopher Soghoian, who has worked with the FTC, has accused Dropbox of making, "deceptive statements to consumers regarding the extent to which it protects and encrypts therir data." Previously, Dropbox has told users that their files are encrypted and even unreadable by its own employees. Soghoian has demonstrated that this is not the case and that user's information could be vulnerable to government searches and unscrupulous Dropbox employees.
          • It is foolish to upload anything sensitive to "the cloud" without first encrypting it yourself. Relying on other's assurances of keeping your data private is just silly. 


            Comments

            Popular posts from this blog

            #Chromecast Add-Ons to Play Various Video File Formats

            Free Professional Learning! Education On Air #googleedu

            10 Steps to a Blended Learning Classroom #MIEexpert #MIE #tceamie1