Announcement

Collapse
No announcement yet.

Reunion 11, Dropbox and security

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
    #1

    Reunion 11, Dropbox and security

    Looking forward to upgrading tonight!

    One question I have is about the security of Dropbox. I use Dropbox with 1Password, but then I trust the encryption within 1Password in conjunction with the encryption of Dropbox. With my family file on Dropbox (i.e. with just their encryption) is it safe?

    Am I worrying too much?
    Tags: None
    #2
    Re: Reunion 11, Dropbox and security

    You will get the same level of encryption using Reunion 11/ReunionTouch with Dropbox as you do with 1Password and Dropbox.

    In both cases your data is stored on Dropbox's servers using 256-bit AES encryption, and transferred between the servers and your devices using SSL/TSL and 128-bit AES encryption or higher (depending on what is supported by the client operating system). In the case of iOS/OS X, it should use 256-bit AES encryption when transferring your data.

    If the above seems like gobbledygook, consider that the U.S. Government uses the same 256-bit AES encryption for data classified "top secret".

    HTH
    Mark Harrison
    Leister Productions, Inc.

    Comment

      #3
      Re: Reunion 11, Dropbox and security

      OK, thanks Mark.

      So as long as i have a good strong Dropbox password (as generated by 1Password!) it's as safe as is humanly possible.

      Comment

        #4
        Re: Reunion 11, Dropbox and security

        Originally posted by Mark View Post
        You will get the same level of encryption using Reunion 11/ReunionTouch with Dropbox as you do with 1Password and Dropbox.

        In both cases your data is stored on Dropbox's servers using 256-bit AES encryption, and transferred between the servers and your devices using SSL/TSL and 128-bit AES encryption or higher (depending on what is supported by the client operating system). In the case of iOS/OS X, it should use 256-bit AES encryption when transferring your data.

        If the above seems like gobbledygook, consider that the U.S. Government uses the same 256-bit AES encryption for data classified "top secret".

        HTH
        I think you're oversimplifying things a little, Mark. Dropbox does keep content protected by 256-bit AES encryption but crucially only Dropbox holds the key used to decrypt the files. In other words your data is readable by Dropbox and whoever they choose to give access to it. Or whoever breaches Dropbox's security and steals their keys.

        1Password uses a cryptographically well designed encrypted file format, so its files are significantly safer. There's no feasible way for Dropbox or anyone else to read 1Password's data on Dropbox. Dropbox say that other third party applications also use encrypted file formats.
        Last edited by cjr; 22 April 2015, 02:22 AM.

        Comment

          #5
          Re: Reunion 11, Dropbox and security

          Originally posted by cjr View Post
          1Password uses a cryptographically well designed encrypted file format, so its files are significantly safer.
          1Password encrypts your data using the same AES 256-bit encryption as Dropbox uses.

          ...Dropbox holds the key used to decrypt the files.
          In order for Dropbox to do what it does, this is a (perhaps unfortunate, depending on your opinion) necessity.

          For what it's worth, I spent 5 years working for the U.S. Department of Defense developing, implementing, and testing computer security standards at a variety of Department of Defense facilities, and I feel pretty secure storing my data on Dropbox. I do, however, recognize that no matter where you store your data or how it's encrypted it's not possible for it to be 100% secure.
          Mark Harrison
          Leister Productions, Inc.

          Comment

            #6
            Re: Reunion 11, Dropbox and security

            Originally posted by Mark View Post
            1Password encrypts your data using the same AES 256-bit encryption as Dropbox uses.
            Except - and this is important - the encryption is entirely local to the 1Password application. The key is not sent to Dropbox. Dropbox is asked to store already encrypted data.

            and I feel pretty secure storing my data on Dropbox. I do, however, recognize that no matter where you store your data or how it's encrypted it's not possible for it to be 100% secure.
            I think Dropbox is reasonably secure too. I just want to correct the comparison between 1Password (an encrypted file) and Reunion (an unencrypted file) on the Dropbox servers.

            Comment

              #7
              Re: Reunion 11, Dropbox and security

              Originally posted by cjr View Post
              Except - and this is important - the encryption is entirely local to the 1Password application. The key is not sent to Dropbox. Dropbox is asked to store already encrypted data.
              Right - I misunderstood the point you were making. Thanks for clarifying
              Mark Harrison
              Leister Productions, Inc.

              Comment

              Previous template Next
              Working...
              X