Or TrueCrypt the drive if this is a concern?
There’s also this workaround for “remote wiping”. The feature has a lot of support in the forums and their votebox, I expect to see it in future versions (unlink and remote wipe, that is).
Right, a windows password. At least. Maybe use bitlocker or some other nonsense, if you want to be extra sure. If someone got my laptop, the files on my dropbox would be the least of my concerns.
Relying on a windows password to protect your data is like using a curtain for your front door.
Pretty much. Unless you also encrypt the data, anyway.
Yeah, a password is nice, but encryption is even better. Especially if you set up bitlocker (or whatever) to ask for a key at boot up and during copies to USB drives. I just did that today on my laptop and it’s not too difficult, if you have compatible hardware/os.
Yeah, it’s not too hard to crack, but I was thinking more along the lines of a crime of opportunity or simply losing your laptop.
JeffL
28
Well, I’d be more concerned about all of the files on my laptop, not just the Dropbox folders. I treat Dropbox just like I do other folders: for anything that is of a secure nature, I use an encryption program that password protects and hides the folder and contents.
JD
29
One more reason for storing only encrypted data (unless it’s not really sensitive): “Dropbox Left User Accounts Unlocked for 4 Hours Sunday”
At a time when hackers are on a tear looting information willy-nilly from insecure sites on the Web, Dropbox did the unthinkable Sunday — it allowed anyone in the world to access any one of its 25 million customers’ online storage lockers — simply by typing in any password.
Wohoo. Sounds like great quality management right there.
That’s pretty goddamn egregious, I’ve gotta say.
Yeah, I’m going to seriously look in to alternatives now. Wulua is looking pretty nice.
So yeah, convenient for transferring public files around. But you’d have to be pretty foolish to put anything personal, sensitive, or corporate confidential on Dropbox. Trusting Dropbox or any other network provider’s security is folly. It would take only slight paranoia to avoid even running Dropbox at all on a machine with any important data.
If you’re going to go to the trouble of using high quality cryptography on your files, using methods that really are secure, I guess in theory it’s OK, but how many people really know how to be secure in the first place? It just seems safer not to use Dropbox for anything even slightly important.
Might as well use Skydrive instead.
If you are storing your work in a SVN repository, is there a reason that you are avoiding using a hosted SVN repository? Places like unfuddle offer free private SVN hosting.
Don’t you then have to manually upload and download files?
I hadn’t heard of Unfuddle. It’s a bit more setup, but seems like it should work well as an easy to use remote SVN is basically what I want.
Glancing through it though there are some flaws, at least for the free version:
- limited to 2 people.
- You can only have one project. That’s a deal breaker right there.
- No SSL. There goes any security edge!
Clearly they’re geared towards subscribers rather than free use, which is fine for larger organizations, but I’m cash strapped right now and not looking to expand my expenses.
There are also a few further issues I have questions about, although the answers are moot to me (until I’m willing to subscribe) as I need more than 1 repository anyway:
-
Looks like you have to enter your username and password with each commit? It’s been a while since I’ve used SVN remotely though, so perhaps there’s some way around this I’ve forgotten.
-
It seems like you don’t have access to the underlying repository, should you want to move it elsewhere?
Ultimately Dropbox’s more elegant interface appeals to me – easier to setup and use and yet more general. What I really want is something that combines this ease of use with the better security available elsewhere.
Dropbox is great, so very seamless. I have several people with shared folders who just update their files on projects we’re working on and the instant hands-off sync is great. I particularly like the fact that I can get even computer illiterates to set this up in a snap. I haven’t had any problems in about a year of using it. But no, I wouldn’t put anything really sensitive on there that’s unencrypted. That seems like common sense, no?
Sounds like the free plan won’t work for you. You wouldn’t need to type in your credentials every time, your info should be in your local .svn files and your svn client will use those automatically. Unfuddle is the only free one I’ve used.
Yeah, that makes sense. I was vaguely recalling that it’d cache it somewhere locally.
I can definitely see Unfuddle being useful for a small company, as not having to hassle with setting up and maintaining a SVN server is probably worth the cost. The free plan is clearly meant more as a trial for the paid subscription, rather than a free service.
Kalle
40
sounds pretty awful but since all I’m using it for is as an imagehost it doesn’t really affect me. Won’t put anything private up there in the future though.
