The cloud computing is the technology of the moment: businesses, governments and simple users are increasingly becoming aware of its benefits and the fact that in the near future, will revolutionize the IT world as we know it.
At the same time, even as everyone talks about the benefits of cloud computing, is growing awareness of the critical nature of this technology, mainly due to loss of control over the data (with obvious implications in terms of the contract but also security and privacy). This awareness is also accelerated by a series of problems that, in recent weeks, involving some of the largest providers of cloud services like Amazon , Microsoft , Aruba , and Sony .
These days at the center of the cyclone is Dropbox , one of the most popular services for sharing and saving files, accused in a display presented to the Federal Trade Commission , having lied about data security of its users.
The author is dell'esposto Christopher Soghoian , a Ph.D. student at Indiana University, who argues that - contrary to the assertions by Dropbox - would not be true that the files are stored encrypted and only accessible by the user, since that employees Dropbox could play at any time . The company, with a post on his blog, has rejected the accusations but - in fact - recently have changed the conditions of use of the service, in particular, whereas before it was expected that:
All files stored on Dropbox servers are encrypted (AES - 256) and are inaccessible without the password of your account.
Now it is written simply
All files stored on Dropbox servers are encrypted (AES - 256).
But there's more! While up to 13 April 2011 provided that the conditions of use
Dropbox employees are not able to access the user files
now predict that
Dropbox employees are forbidden to display the contents of files stored in user accounts
It 'obvious that it is not only an ethical question: If Dropbox really lied, could be held responsible not only for its own users (for example, those who bought a pro account may demand the return of monies paid) but also towards other cloud service providers - those actually providing security guarantees (including encryption) - have been victims of unfair competition: as is known, the security costs and the implementation of safeguards would have declared them were prevented to adopt pricing policies, competitive with those of Dropbox.
While waiting for the FTC to rule on complaints and hope that Dropbox has not betrayed the trust of its users, I can not help but point out that - actually - the change in conditions is at least unfortunate in terms of its formulation. In a time when people, organizations and businesses need to rely on the reliability of cloud providers, they must pay particular attention to the content of the terms of service, writing - with clarity - only what they are capable of guaranteeing and informing users - seamlessly - when changing the initial conditions.
Hello,
I have developed a small alternative to DropBox that allows me to do more or less the same things as DropBox on a self-managed servers.
The program I wrote is called OurBox and is released under GPL and runs on GNU / Linux and requires an SSH server / rsync.
Here is more info and links to the project:
http://anticameradelcestino.wordpress.com/2011/05/13/ourbox-alternativa-libera-a-dropbox/
Hello,
Max-B
[...] These days, as reported in Law 2.0, the team DropBox has suddenly changed the conditions of use of the service. According to [...]
[...] Quite a stir "the affair Dropbox" (admirably summarized by Ernesto in this post). Assuming that store in the cloud (the much discussed "Cloud") files [...]