Skip to main content

Dropbox security woes are back, FTC complaint filed

dropbox-logo-largeLess than a month ago, we questioned whether Dropbox’s privacy changes warranted concern of PlayStation proportions. The phrase that piqued users’ interest had to do with sharing information with outside entities, namely the government and law authorities. “We may disclose to parties outside Dropbox files stored in your Dropbox and information about you that we collect when we have a good faith to believe that disclosure is reasonably necessary,” the statement reads, and lists various legal, security, and safety situations in which it may have to do this.

Dropbox also clarified the state of security of your stored documents. Namely, its encryption process wasn’t quite what users believed it to be, and while Dropbox assured everyone its system is adequately safe, nerves were rattled to say the least. And now, it looks like users aren’t the only ones calling foul, as a complaint against the company has been filed with the Federal Trade Commission.

The site previously claimed that “all files stored on Dropbox servers are encrypted (AES-256) and are inaccessible without your account password” (AES-256 is the highest strength of Advanced Encryption Standard ciphers used to encrypt data). Instead, Dropbox has been using file dedpulication when it’s initially uploading a document in order to determine if that file has already been uploaded by someone else (and if it has, it then links to the formerly uploaded one). This process means Dropbox can save ample storage space and bandwidth, but by means of a less secure system.

Ph.D. candidate and graduate fellow at Indiana University Christopher Soghoian filed the complaint, and explained in his blog his reasons for questioning Dropbox’s policies. He argues that if Dropbox is using a deduplication system, it definitely is able to see unencrypted version of your files in order to determine if there are duplicates. And as Soghoian explains, these measures are “useless against many attacks if the encryption key isn’t kept private,” which he’s uncertain of. The complaint states that “Dropbox does not employ industry best practices regarding the use of encryption technology. Specifically, Dropbox’s employees have the ability to access its customers’ unencrypted files.” The statement goes on to say that the encryption keys are stored on company servers.

For anyone storing particularly sensitive information on the site, this news if cause for concern. But there are also users who believe cloud-based storage can only be so safe, and you’re taking a leap of faith by using them altogether. But what does Dropbox have to say about it? “We believe this complaint is without merit, and raises issues that were addressed in our blog post on April 21, 2011 .  Millions of people depend on our service every day and we work hard to keep their data safe, secure, and private,” says company spokesperson Julie Supan.

Adding a strange twist to the whole thing is the fact that Soghoian broke the Facebook PR scandal story. Busy guy.

Molly McHugh
Former Digital Trends Contributor
Before coming to Digital Trends, Molly worked as a freelance writer, occasional photographer, and general technical lackey…
This Asus laptop handily beats the XPS 13 — and it’s cheaper
The Zenbook S 14 on a table in front of a grass lawn.

Windows manufacturers have been hungering for a chipset that can keep up with Apple's very fast and efficient M3 architecture. Enter Qualcomm with its Snapdragon X and Intel with iLunar Lake. Each aims at providing better battery life with good performance, as well as adding faster on-device AI speeds to support Microsoft's Copilot+ PC initiative.

The XPS 13 9345 is among the first Qualcomm laptops and the Zenbook S 14 is the first Lunar Lake laptop that we've reviewed. This makes it an important battle to see which platform can make it to our list of the best laptops.
Specs and configurations

Read more
Here are the 10 best gaming keyboards I’d recommend to anyone in 2024
A custom keyboard sitting among keycaps and switches.

Whether you want to gain a competitive edge or just mess around with some RGB lighting, you'll need one of the best gaming keyboards. Although the old guard of brands like Corsair, SteelSeries, and Razer still make some excellent gaming keyboards, the competition is fierce in 2024, with smaller brands rising up to push the market of gaming keyboards forward.

An excellent example of that is our top pick, Asus' ROG Strix Scope II 96, which elevates gaming keyboards to an enthusiast level while maintaining a mainstream price. Although it's the top gaming keyboard for most people, it isn't the best for everyone. After putting our fingers on dozens of different gaming keyboards, these 10 are the only ones you should keep in mind.

Read more
Nvidia’s CEO — yes, one person — is now worth more than all of Intel
Jensen Huang at GTX 2020.

Nvidia is one of the richest companies in the world, so it's no surprise that the company's CEO, Jensen Huang, is quite wealthy. The most recent net worth numbers from Forbes puts into context just how wealthy the executive really is, though. Huang has an estimated net worth of $109.2 billion, which is around $13 billion more than the market cap of Intel across the entire company.

Although Nvidia makes some of the best graphics cards, the obscene amount of money the company has racked up over the past two years stems from its AI accelerators. In 2020, Forbes estimated that Huang was worth $4.7 billion, and even in 2023, after ChatGPT had already exploded onto the scene, the executive was worth $21.1 billion. Now, Huang is the 11th richest person in the world, outpacing Bill Gates, Michael Dell, and Michael Bloomberg.

Read more