Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Dropbox's website suggests that they store files using some sort of AES-256 encryption and they cannot read them: https://www.dropbox.com/help/27 I wouldn't make the claim that they are more (or as) secure as Tarsnap (especially since there is no page as detailed as http://www.tarsnap.com/crypto.html on Dropbox's website), but this suggests that files on Dropbox are not readable by the company.


"Suggests." However, the fact that there is a web GUI tells us they can read the data.


...when they are provided with your password.


If you forget your password, can Dropbox reset it for you? If they reset your password for you, can you still read your data? If the answer to both of these is "yes", then dropbox can read your data without you providing your password.

(Honest questions -- I don't use Dropbox, so don't know.)


This comment is cryptographically correct.


+1, https://www.dropbox.com/forgot is a password reset link.

Besides, there is much more to cryptography and building a secured system than just using that crypto suit or another (e.g. AES256-HMAC-SHA256 etc.)




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: