Please never store Truecrypt files in dropbox. I have tried this and it does not work as mentioned.
A small additional file changes the encrypted file so much that it causes dropbox to sync a large change through to the server although dropbox only sync's changes.
True. encFS is much better choice. It can be transparently mounted as regular folder in linux but I don't know if there is a windows way of accessing to it.
As an alternate to Truecrypt volumes, I use Windows Scheduler to run batch files that create 7-zip archives and copy them to my Dropbox folder. 7-zip can create AES-256 encrypted archives.
I still use dropbox + truecrypt, but it definitely does NOT work as mentioned. I just update the truecrypt volume so infrequently thats its not a huge deal to upload the whole thing (still cant complain about free cloud storage with no bandwidth costs)
I haven't had this problem. TrueCrypt encrypts each block independently, and Dropbox has typically been pretty good at just updating the deltas.
The biggest problem I've had storing TrueCrypt volumes in Dropbox has been forgetting to unmount the volume when I move from one system to another, resulting in unsynced changes and lots of conflict files.
One solution is to store your entire Dropbox directory within a TrueCrypt volume, but this is a bit cumbersome as you'd need to create a separate TrueCrypt volume on each system, and ensure that you have the volume mounted before running Dropbox (although this can easily be worked around with a launch script).
Has the security of dropbox ever been analysed by someone who knows what they're doing? How safe are my files there, from a "not losing them" point of view, and from a "not being hacked" pov?
They use Amazon's S3, so as far as not losing your files is concerned, you are as likely to lose files on dropbox as you are on any other services that relies on S3 for storage.
Personally, I am interested to know more about privacy. Can dropbox employees access any files anytime they want and look at any information from account? Reading some comments (last year) on their forum in reply to file deletion I got the impression that they have unlimited access to user files. I don't have any citation nor can I verify that assumption at the moment.
> They use Amazon's S3, so as far as not losing your files is concerned, you are as likely to lose files on dropbox as you are on any other services that relies on S3 for storage
Dropbox will sync on any computer you use though. That means that you have a copy per computer, plus the server.
The real risk is that they accidentally "update" my files out of existence or revert them to some point way in the past in a way that can't be undone. The change might push to all my devices before I realized it. I periodically tar my dropbox and put it on a backup disk.
Dropbox mentions that files get encrypted with AES, but I guess this only protects them from Amazon employees or from someone hacking Amazon, not from Dropbox employees (unless the AES password is generated from the user password and dropbox somehow doesn't have access to that (only a Hash? not sure how that could work).
That’s – from my own anecdotal evidence – actually a big PR problem for Dropbox. Many people I’ve told about Dropbox absolutely didn’t want to install a program which accesses their filesystem. (When I told my friend that only stuff in his Dropbox folder would be synced he said “Yeah, sure, ’only’ my Dropbox folder …”)
That, to me, doesn’t seem to be a very defensible position – every program could just access your filesystem and upload random stuff. But a service which reminds people of that fact is bound to run into problems.
(The story with my friend has a happy ending, by the way. When he learned a bit more about the company and its history he started to trust them and didn’t just sign up for the free account but bought 50 GB of storage for a year.)
I've had dropbox lose files inside bundles. We were abusing dropbox with hundreds of thousands of small files, so I'd be very careful about putting your entire $HOME folder in there since it's a pretty similar scenario. My personal rule is that only copies of data go into dropbox. Nothing important ever "lives" in dropbox.
Wow, this is literally the first time I've ever heard of Dropbox actively losing data. Not that this is especially helpful, but were the files at least available inside the Dropbox web UI?
For what it's worth, I've been using the 0.7x series with several small-to-medium-sized Git repositories (over a quarter-million files/directories) with no ill effects to speak of beyond Dropbox taking a while to initialize.
Of course the repositories themselves have several copies on the various developer machines and GitHub, and I keep a Time Machine volume handy as a backup.
We were abusing Dropbox beyond belief at that company. We had a single account w/ 50GB and there were about 5 of us sharing the single account, updating it simultaneously. Dropbox was simply never meant for that.
Now that I think about it, $HOME in Dropbox might be ok since (presumably) there'd only be one person using it at any given time.
I had similar problems, only to later realize that I closed my computer on one end before it finished syncing. Also some older dropbox clients was a bit buggy. I haven't had this problem for more than a year now. Using it across Linux, windows and Mac clients, even stored Virtual machine instances on dropbox and loaded them from virtual-box on all machines.
The best use that I've found (and it was recommended by someone here) is to put your 1Password data file in your dropbox directory so that it's up to date on all your computers.
I wouldn't go so far as to say it sucks. It's rough, or spartan, but in a good (fastmail.fm) way. And fast. Lastpass on Chrome is the only password manager I've been able to live with, and I've tried a few.
I actually put my KeePass database in a public directory on my Dropbox. This lets me keep my password DB in sync not only across my desktop systems, but also the iPhone version of KeePass.
When my cofounder was finishing his Masters thesis and went dark for a week (no IM, limited email), I would use dropbox to communicate vital things to him. I just made a file called "did you remember to sign this", and he would `echo "yes"` into it. Worked amazing well, since it basically gave me a live pipe into his growl notifications.
I've used dropbox for remote teamwork. The experience worked magically, and the non-web savvy group interacted with it well. I even got enough bonus space for inviting new people to store our entire project.
One issue: because editing and saving is not live there were some issues, namely that we had to coordinate who was using the document when. We ended up with several conflicted copies and extra work.
Definitely makes life easier in remote teams - I'm working on a project with team members in Aus, UK, US, and Canada and Dropbox works excellently.
We're currently trialling it for corporate templates (Coaching Programs, Project Documents etc). Point their MS Office to a Dropbox folder, and every coach in the world will have the latest templates all of the time.
We would benefit from some permission levels (read, no write etc) to make sharing less of a risk for a bigger team, however. While it can be unwound, one person accidentally changing a template could go unnoticed.
Shameless plug: for synchronisation with full file locking, take a look at Synctus. It guarantees no synchronisation conflicts, and LAN-only access means that it is more suited to office environments (no software installation, no extra account management, etc).
I didn't dig too deep, but when we let someone go, we'd prefer that they not be able to access our private files anymore. (Especially when they go to work for a competitor!)
It's not a shared account... You remove it from their device and revoke their access to the shared folder. So, the same way you'd do it if they had a branch checked out, etc.
I recently implemented a somewhat clever Dropbox hack for a client's project.
Basically, their customers had to upload hundreds of photos to a website and found it to be a pain. We created an unofficial dropbox API and were able to automatically create a shared folder (and invite the customer to it). Then, when the customer added files to that folder, we automatically synced them with the web app, bypassing the web uploader.
Would also make a great Facebook Pics/Dropbox app.
A long time ago, I tried to get torrenting to work, but it seems that Dropbox auto-deletes any .torrents. Has anyone managed to get this to actually work?
Another: Set your desktop to a foode in dropbox. It works well to me because my computers are all set up similiarly and most of the shortcuts on my desktop are chrome web app pages but in my use case it has been very effective and convient.
As a web developer, build a cron in /etc/crontab to do an rsync compressed backup of your /var/www to Dropbox. You can even improve upon it by storing files for each day of the week, overwriting previous files.
Nearly all of my spec work goes on inside Dropbox; it makes brain-dead simple to know that I'm always working on the latest revision, whether I last edited it on my laptop, home or work machine.
A small additional file changes the encrypted file so much that it causes dropbox to sync a large change through to the server although dropbox only sync's changes.