Yes, I have to add to this sentiment. In my mind, I imagine Dropbox to be just as secure and private as my own hard drive. It's a bit of a fiction, I know, but until now nothing caused me to really question it. I use it for important files -- the sensitive ones that I really don't want to lose.
Maybe it's all perception, but this makes my private files feel dangerously close to the wide open web.
Dropbox, don't make me feel dumb for using your service for stuff that matters. If your service is meant for funny cat pictures and not my tax returns, please tell me now.
I helped build this feature and just wanted to say we're as concerned about privacy and security as you are. A couple specifics that might help:
* No feature is for everyone -- this is opt-in in the strictest sense. (And, since you pick the files/directories, as fine-grained as you want.)
* You can disable a link anytime: from the the sharing tab (https://www.dropbox.com/share), click "Linked Items" to see all your links and disable anything.
* 3 means of sharing (shared folders, a public dir, and sharing links) gives you more control over privacy, not less.
* Similar to etherpad links, the shortened db.tt links are public but unfeasible to guess. We've heard a few concerns about the 6-digit hashes -- well, as more links are shared, don't assume the hash will stay at 6 digits :) can't get into details but we do a few more things to make link fishing near-impossible.
The problem is how close my data is to being a web page now.
I feel like all that private data is one click away from being public. Anyone passing by my computer can right click and change a folder to a web page, when they get back to their PC, download everything.
At least before there was somewhat of a barrier, though narrow, it was there.
Do the "linked" files at least get a new bold icon with a globe on it or something so I know it's public. Do I get an email when a folder is made public? Something? What if a malicious script is run on my computer that just makes everything public in my Dropbox folder?
> Similar to etherpad links, the shortened db.tt links are public but unfeasible to guess
I imagine people will be searching Google for them, and later creating programs that just go through all the possibilities (if the hash isn't long enough), download whatever they can find, and then later go through whatever they got to see if there's anything of value.
Maybe it's all perception, but this makes my private files feel dangerously close to the wide open web.
Dropbox, don't make me feel dumb for using your service for stuff that matters. If your service is meant for funny cat pictures and not my tax returns, please tell me now.