Dropbox security revisited: Plus ca change
by Jeffrey Goldberg on
Plus ça change, plus c’est même chose — Jean-Baptiste Alphonse Karr
Summary: Dropbox remains safe for 1Password use despite some high profile discussion of its security.
Keeping up with news about security issues can make your head spin. It certainly does that to me. Most often important news gets little public attention, and at other times non-events go viral. I think the latter has happened with respect to the complaint filed against Dropbox (PDF) with the United States Federal Trade Commission.
Naturally, when I heard that the complaint had been filed I had to read it closely. After all, the security of Dropbox is of great concern to us all. So what did I find? I found that every security issue mentioned in the FTC filing was something that we had already looked at. I discussed all of these points in earlier posting.
There is no new information in the FTC filing or discussion surrounding it, and so the conclusion posted earlier still stands:
[T]here is no need to panic about Dropbox security. The issues that have come up all do raise very legitimate concerns about how Dropbox presents their security claims and addresses issues when they arise, but the actual issues are not nearly as serious as some of the the discussion would suggest. They are even less of an issue for 1Password users. Your sensitive information in your 1Password data is extremely well encrypted and we remain comfortable recommending syncing with Dropbox.
It seems that not even I can resist blogging about the FTC filing, but recent news has put me in the position of having to say that just because there is new “news” doesn’t mean there is new information. Real security must be based on level headed assessments of the threats, whether those are highly publicized or – as is more common – are only discussed by those in the field.
Informed users are the best users, and the outpouring of questions to us regarding Dropbox let us know that you want to be informed. I am delighted by this, but it has also meant that we haven’t been able to respond to queries as quickly as we would like. We are all working hard to catch up, and we should soon be back to providing the speedy responses you deserve and have come to expect from us.