Privacy, Security & Your Dropbox (Updated)

Posted by Drew and Arash on April 21, 2011

Updated 5/16/2011: added new section 7 (Talking about security). No other text was changed.

Hi Dropboxers,

Like many of you, we’ve been reading the reports about a change we made to our Terms of Service, and more generally about Dropbox’s approach to privacy and security.

Everyone who works at Dropbox knows our most important asset is the trust of our users. Dropbox is used by millions of people every day, including our own friends and families, and we promise them — and all of you — that we work hard to keep your most important data safe, secure, and private.

In this post, we’d like to go through each of the concerns that has been raised, and provide you with answers that we hope you feel are complete, transparent, and straightforward. We also provide detail on specific technical concerns. We look forward to your feedback, and will continue to strive to make our policies as easy to understand as Dropbox is to use. Our goal is to have an open and honest relationship with you so that we can address all of these issues quickly and effectively.

1.) We changed our Terms of Service to be more user friendly and more transparent

When looking at our Terms of Service, it’s useful to also look at the Terms of Service from companies such as Google, Apple, Skype, and Twitter. We think what you’ll find is that they’re very similar, and that most Internet companies have the same legal obligations.

So, if these things are so standard, why did we make changes to ours? It was to be more user friendly and transparent about our policies. You’ll notice that the new Terms of Service (TOS) better outlines the specific situations under which we would disclose user data.

We felt our old TOS language was too broad, and gave Dropbox rights that we didn’t even want. We wish we had explained this when we made the change, but unfortunately we didn’t and we’re sorry if these changes have raised concerns about our commitment to keeping your stuff private.

Here’s both the old and the new language:

Old TOS:

Compliance with Laws and Law Enforcement. Dropbox cooperates with government and law enforcement officials and private parties to enforce and comply with the law. We will disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims and legal process (including but not limited to subpoenas), to protect the property and rights of Dropbox or a third party, to protect the safety of the public or any person, or to prevent or stop any activity we may consider to be, or to pose a risk of being, illegal, unethical, inappropriate or legally actionable.

New TOS:

Compliance with Laws and Law Enforcement Requests; Protection of Dropbox’s Rights. We may disclose to parties outside Dropbox files stored in your Dropbox and information about you that we collect when we have a good faith belief that disclosure is reasonably necessary to (a) comply with a law, regulation or compulsory legal request; (b) protect the safety of any person from death or serious bodily injury; (c) prevent fraud or abuse of Dropbox or its users; or (d) to protect Dropbox’s property rights. If we provide your Dropbox files to a law enforcement agency as set forth above, we will remove Dropbox’s encryption from the files before providing them to law enforcement. However, Dropbox will not be able to decrypt any files that you encrypted prior to storing them on Dropbox.

2.) We comply with valid legal process and U.S. law

The previous section should clarify our commitment to user privacy. That said, there have been a lot of questions raised about government data requests.

Just so you know, we don’t get very many of those requests — about one a month over the past year for our more than 25 million users. That’s fewer than one in a million accounts.

That said, like all U.S. companies, we must follow U.S. law. That means that the government sometimes requests us (as it does similar companies like Apple, Google, Skype, and Twitter) to turn over user information in response to requests for which the law requires that we comply.

When we get a government request, we don’t just hand over your information or files. Our legal team vets all of these requests before we take any action. The small number of requests we have received have all been targeted to specific individuals under criminal investigation. If we were to receive a government request that was too broad or didn’t comply with the law, we would stand up for our users and fight for their privacy rights.

3.) We protect the privacy of users and will provide notice of government requests for data whenever possible

Our policy is to provide notice to users about law-enforcement demands for data, except in the event where the law or highly compelling circumstances prohibit us from doing so.

4.) We have strict access controls that prohibit employee access to user data

We know that millions of people rely on Dropbox to take care of their most important information. Keeping it safe and private is our top priority.

Some concerns have been raised about our Help Center article and other statements that discuss employee access to user data. We agree that we could have provided more details and we will be updating these to make them more clear. Like most major online services, we have a small number of employees who must be able to access user data when legally required to do so. But that’s the exception, not the rule. We have strict policy and technical access controls that prohibit employee access except in these rare circumstances. In addition, we employ a number of physical and electronic security measures to protect user information from unauthorized access.

5.) Encryption

People have asked why Dropbox servers need to decrypt user data. The reason is many of the most popular Dropbox features — like accessing your files from the website, creating file previews, and sharing files with other people — would either not be possible or would be much more cumbersome without this capability.

The files you store on Dropbox’s servers are encrypted using an industry standard, AES-256. We manage the encryption keys on our users’ behalf. This encryption protects against a variety of security threats, particularly when your data is at rest. For users who feel more comfortable managing their own encryption keys, we recommend using products like TrueCrypt to store encrypted volumes within their Dropboxes. Those users will unfortunately lose access to some functionality, but we leave this decision to the user.

We believe that storing data in Dropbox is far more safe than the alternatives. We’ve designed Dropbox to protect user data against threats of all kinds, but we’ve focused on helping users avoid the most common threats: not having current backups, not having any backups at all, accidentally deleting or overwriting files, losing USB drives with sensitive information, leaving files on the wrong computer, etc.

6.) We’re dedicated to security

We’re proud of our excellent track record in security. Since the very beginning, we’ve devoted an incredible amount of resources and attention to it. We have always listened carefully to feedback from the community on things we can do to improve security. Over the past month, a couple of security concerns have been raised by the community.

The first issue pertains to the security of our mobile applications. A report noted that our mobile applications were transmitting some metadata unencrypted. We made this decision to provide better performance (in our testing, enabling SSL for all metadata transfers made the app several times slower). We’ve listened to these concerns, and are working on a faster way to transmit metadata over SSL on the mobile apps.

The second issue involves the security of a Dropbox account on a computer that’s hacked or compromised. Unfortunately, when something like this happens, all applications and data on the computer are at risk. That said, we have developed ways to provide greater protection for Dropbox accounts on compromised computers. For example, last week’s update to the Dropbox desktop app sets more restrictive permissions on the folder that stores the authentication file, and we will soon provide a solution that will make the authentication file useless on a second computer.

7.) Talking about security

We’d also like to address recent reports about our security and privacy policy that we feel are misleading and inaccurate.

We openly discuss how Dropbox security works. Part of our challenge is that we have to communicate with people both familiar and unfamiliar with the intricacies of encryption and online security. Most of our users are learning about these issues for the first time, and rely on us to communicate in plain language about topics that are nuanced and complex, even for security professionals.

We strive to communicate clearly and precisely about these issues. In this effort there’s always a tradeoff between simplicity and exhaustiveness.

For example, one help article formerly stated that “files stored on Dropbox servers are encrypted (AES-256) and are inaccessible without your account password.” We were explaining that there are multiple safeguards on your data: that the files are stored encrypted and in addition, protected by your access credentials. However, a security professional could incorrectly infer that the encryption key comes from the user’s password, so we’ve separated the two points for clarity.

Another statement read “Dropbox employees aren’t able to access user files.” That means that we prevent such access via access controls on our backend as well as strict policy prohibitions. That statement didn’t say anything about who holds encryption keys or what mechanisms prevent access to the data. We updated our help article and security overview to be explicit about this.

We will continue to try to find the right balance between using clear language and providing the right level of technical detail. And when we oversimplify something or the community asks for clarification, we do our best to respond directly and publicly.

Over the years we’ve also responded in detail to users’ questions about security. For example, we’ve routinely explained how we manage encryption keys on our users’ behalf:

That said, the information isn’t helpful if it’s not readily available: we don’t expect everyone to scour every corner of our forums. And while we need to keep our primary communication simple, we also need to make it easier to dive into the details. We’ll be sharing more on our tech blog and elsewhere about some of the design tradeoffs we’ve chosen, including around client-side encryption, to shed light on our thought process.

Last thoughts

We understand that many of you have been confused by this situation — and some folks even felt like we misled them, or were careless about their privacy. We apologize for this confusion. All of us here at Dropbox care deeply about the security and privacy of your data, and the last thing we want to do is let you down.

We are building this company in partnership with all of you. We want to continue to be transparent about these kinds of issues, and to address them as quickly as we can.

Thanks for using Dropbox. We hope to be a part of your life for many years to come.

Drew & Arash

Updated 5/16/2011: added new section 7 (Talking about security). No other text was changed.

266 Comments to Privacy, Security & Your Dropbox (Updated)

cyruz
April 21, 2011

Thank you for the update!

Bernd Retorue
April 21, 2011

bad move, i'll switch…

Mike
April 21, 2011

Why do you need to be able to decrypt my data at all? Isn't it my data and not yours?

Xanathon
April 21, 2011

Main Problem is that you tried to change the TOS behind our backs without informing your users openly and transparently. My files are now in a TrueCrypt-Container but I will definitely look for an alternative to Dropbox and will use that as soon as possible.

Robert Foss
April 21, 2011

Not very convincing. Being the subject to american laws and it's frivolous application doesn't seem like a good idea to me. Dropbox asking me to trust you regarding how requests are handled is a very audacious thing to ask of anyone.

Give the user a key that is stored on the client. Let the client generate previews and the like if necessary. That way remote request of my private data can't be complied with. That is the only security that is trustworthy.

Kristoffer Risanger
April 21, 2011

You should read the post before complaining about it:

“People have asked why Dropbox servers need to decrypt user data. The reason is many of the most popular Dropbox features — like accessing your files from the website, creating file previews, and sharing files with other people — would either not be possible or would be much more cumbersome without this capability.”

Mike
April 21, 2011

Many other services work very well with having the encryption keys on the client instead of the servers. As they state in the post, it might be more cumbersome for them to implement it, but it's definitively doable in every way.

I should add though that I love dropbox and I'll definitively continue to use it, but their architectural decision was not made with privacy in mind.

Matthew Case
April 21, 2011

So then you're saying they should move the company out of the US and be subject to another random country's laws? I'm not big on what my government is doing these days but most other large markets have governments doing the same stuff. See: Britain, France, Australia.

Horia Dragomir
April 21, 2011

Good to know. Thank you!

Nick
April 21, 2011

Robert, if Dropbox's implementation doesn't meet your technical requirements then take your business elsewhere. In time, I'm sure Dropbox will get over the loss of revenue that you bring them.

Stephan Seidt
April 21, 2011

I think the issue was with one of your selling statements. It was something along the lines of “Nobody at Dropbox can access your data because it is encrypted” but I can’t find it now.

If you really want to remedy the situation for everyone add client-side encryption and trusted networks to your client. I know you can do that in a way that’ll be simple and won’t make your product suck. We’d all appreciate the added value greatly.

Nick
April 21, 2011

Why are you choosing to share your data unencrypted with a third party? If you don't understand the privacy implications of the free services that you use, I suggest you do your homework next time and make an informed decision before signing up. If you don't want someone else to have access to your data, encrypt it yourself before giving a third party application free reign to read anything on your hard drive.

Ewan Leith
April 21, 2011

I don't feel like we were misled, I know we were misled, let's be clear on it.

Previously your help page said:

“Dropbox employees aren't able to access user files, and when troubleshooting an account they only have access to file metadata (filenames, file sizes, etc., not the file contents)”

The full page is still in Google Cache at http://webcache.googleusercont

We now know this isn't true. It's not “misleading”, it's a straight-forward lie. Dropbox employees are able to access user files, but you have policies and technical solutions in place to control their access. It's a fundamental distinction.

Kemp
April 21, 2011

Thank you for the update. To those complaining about this update:

1) The Dropbox team have a very reasonable TOS.

2) They made an effort to keep us informed, whereas they could have just done it without saying anything (like almost any other company you trust with your personal data – Google, Facebook, etc).

3) If you are truly worried about what might happen if a Dropbox employee or a law enforcement official sees your data then… well, you're not approaching your security correctly really, are you? Either encrypt it yourself or don't store sensitive data in the cloud on a free service.

I'm not saying that Dropbox shouldn't care about security, but it doesn't make sense for users to criticise every potential problem while doing nothing to take care of the data themselves. Either be paranoid or don't, but please be consistent.

frustbox
April 21, 2011

Wuala appears to have a better security system. The key never leaves your PC. Servers cannot decrypt data at all. To share Files, they are encrypted with multiple keys of your friends/groups, or a global publik key, to Shareware with public (accessible online VIA weblink).

Not meant to be an ad, but there are technical solutions without privacy concerns.

Mike
April 21, 2011

That's great advice and as I stated above this won't make me stop using the fantastic dropbox service (which I use for syncing, not for keeping my things private ;) It's just questionable why they encrypt everything and then store the keys themselves. Their architectural decision was obviously not made with privacy in mind.

Anand
April 21, 2011

How can you make an informed decision when the service will outright lie.

Read Ewan Leith's comment.

http://webcache.googleusercont

Regenold Humphrey
April 21, 2011

Move service to Sweden, good laws good women. Problem?

Edan Maor
April 21, 2011

“As they state in the post, it might be more cumbersome for them to implement it, but it's definitively doable in every way.”

I'm pretty sure they mean it would be more cumbersome for the user, not more cumbersome to implement.

And they're right. They mangae the keys on the users' behalf, which means the users trade off comfort/ease of use for security.

Andrew
April 21, 2011

I'm amazed that people didn't / don't realise that many of the reasons that we like Dropbox requires programatic recognition of files. Offering a model where users own the keys will change the services cost structure (files can no longer be de-duplicated). Maybe there's demand for another paid solution?

Chris Gaudreau
April 21, 2011

Let's see if I can get this straight…..

Dropbox is a US company and therefore bound by US laws and government requests.
Ok, no real surprise there.

Dropbox is a cloud based data-hosting provider who occasionally needs to let employees access customer data, but they've restricted the system to limit access to a select few?
Makes sense to me.
(How else will you comply with legal requests or do the occasional data-recovery?)

Call me crazy, but I understood these points (or at least assumed them) when I signed up a few years ago and I really have a hard time understanding why people are freaking out over this. Maybe people need to start doing their homework before signing up to services?

IMHO this whole “security issue” has been a lot of hype and FUD with very little substance.
Sure the TOS jargon changed a little, but the service and quality has remained the same and I'm no less secure than I was a month ago before all of this started.

anonymous coward
April 21, 2011

Not good enough. I will only store encrypted data on dropbox.

purp
April 21, 2011

You're gonna flip when you realize the data of yours that google can access…

Guest
April 21, 2011

I completely agree with Chris. When I sign up for cloud-based storage (or any website that will hold my information), I assume that my data is accessible by the company's employees – and most of the time only under certain, reasonable conditions. If I'm not happy with the terms then I won't sign up for it, and as Chris said, the actual Dropbox service remains the same as it was last month.

However I do think Dropbox should address the issue that Ewan pointed out:
http://webcache.googleusercont
This bullet is still on https://www.dropbox.com/help/2… and does contradict the TOS.

Platinum2489
April 21, 2011

The encryption is in fact useless …

Ivan Pistoff
April 21, 2011

I see a lot of people keep using US law to support Dropbox's policy. It's simple people. No one can subpoena something that someone doesnt have. Dropbox previously stated their employees did not have access to our unencrypted data. That was a plain and simple lie.

I could not care less if the government has access to my files. Dropbox has an awesome service and I applaud them for offering it for free. That being said it was not right for them to mislead us.

Daniel @ StarBlogger
April 21, 2011

It brings tons of new information! Thanks Dropbox team. I hope one day soon you can integrate with Amazon Cloud Drive!

VungRee
April 21, 2011

Never been a better time to take online privacy seriously.
http://www.complete-privacy.au.tc

Facebook User
April 21, 2011

Previously the help page said:

“Dropbox employees aren't able to access user files, and when troubleshooting an account they only have access to file metadata (filenames, file sizes, etc., not the file contents)”

The full page is still in Google Cache at http://webcache.googleusercont

Matt Jones
April 21, 2011

I'd be inclined to take that advice, but not from a comment spammer.

Brandon
April 21, 2011

Anybody else find it troublesome that they just gave away their encryption method? Granted, it's not an easy thing to crack AES256, but at least before they had the ambiguity of possibly being DES, etc…

Kemp
April 21, 2011

It doesn't trouble me, just as it shouldn't trouble anyone who is knowledgeable about data security. Honestly, I'd be much more worried if they didn't want to tell anyone what they used.

Also, they've always be open about what method they used, this isn't a new thing.

Guest
April 21, 2011

To everyone who's saying that we should have known better, you're completely missing the point, which is that Dropbox told us one thing and is now telling us another. They LIED when they said even their employees couldn't access the data. See Ewan Leith's post.

Who's to say they're not lying now? What's preventing a rogue employee from searching through files for interesting tidbits? Nothing.

They're purposely misleading the media by changing the argument. It's shady, and I'll be taking my files elsewhere.

Edwin Watkeys
April 21, 2011

Drew and Arash wrote the following above: “We have strict policy and technical access controls that prohibit employee access except in these rare circumstances.”

I don't see how their previous statement is inconsistent except in some overly literal way. If the company lawyer holds the key to your data, for example, no support person is going to be able to decrypt your files as a normal part of their job.

It seems like many people realize that DRM systems are doomed to be circumvented yet give near-perfect Inspector Renault impersonations—”I am shocked, SHOCKED!”—when the same sorts of issues come up in a personal privacy context.

sarahx
April 21, 2011

Generally your points are valid.

However, starting off with “everyone else does it” didn't win a vote of confidence from me. And wrapping up with “our security is better than the alternatives” was an unnecessary potshot. Are you sure you are more *secure* than your competitors? Don't claim it unless you can back it up (pun intended).

Lastly, a faster response to user concerns would have been appreciated.

Darnell Clayton
April 21, 2011

If you want to say Dropbox lied, then fine, they lied. They lied about the fact that employees have to access your data if the government holds a gun to their head (figuratively, not literally of course).

Unless they buy their own island (hey Dropbox, that sounds like a great idea!) they have to comply with US law and resist where they can.

None
April 21, 2011

I have no problem with the TOS and I don't see the changes as an issue. Anybody who does see them as a problem isn't very well informed. As you say, want it encrypted so the government can't see it, do it yourself. I am encouraged that you are working on a solution to the “taking info from a compromised computer and using it on a second computer”. Keep up the great work.

Duh
April 21, 2011

The law can not force Dropbox to surrender information it does not have. Dropbox can both comply to US law *and* keep their original promise.

Dropbox chooses not to do so, and is therefor basically making itself an extension of the US government. Add to that the fact that they lied about it, and are still trying to mislead their customers, Dropbox is exposing itself as some creepy extension of the already creepy enough US intelligence apparatus.

Kemp
April 21, 2011

Oh come on. Why is it that people make this leap from “they comply with the law” to “they're working for the government to spy on us”?

As I said elsewhere here, if you're relying on Dropbox to store data that you'd be scared about a government official seeing, then you have bigger issues (and you should probably be taking better care of your data yourself rather than hoping someone else will).

John Cade
April 21, 2011

Let's be honest – you're giving your information to someone else. They are going to have SOME access to it. That's common sense. Also, Dropbox is still the best cloud storage provider around. We're all still going to use it. So why waste our time trying to tear them down because of a misunderstanding? Also, since when do you give ANY private information to a stranger? Is a cloud storage service any different?

Good Suggestion
April 21, 2011

@Dropbox staff:

Here's the solution for every person who commented (above),
and used any of the words:

mad, irate, offended, outraged, shocked…

Just give 'em an extra 1.5 Gb storage.
Case closed!

Bernd Eckenfels
April 21, 2011

In this article you are a vague as you always have been.

Bernd Eckenfels
April 21, 2011

It was clear to me from the beginning that Dropbox Servers have access to my files, and therefore dropbox admins. Talking about AES256 encryption without specifying where the keys are stored and where the encyption takes place is a typical marketing oversimplification to pretend security where no is.

Unless your client is open source and keeps the keys on the local devices only (and yes thats removes a lot of the comfort of the service) the data cant be secure and you need to trust the serviceprovider and his gouvernment.

Lizzy
April 21, 2011

Dropbox, how do we know know if you've stolen our proprietary business trade secrets or not? Our company can no longer trust you.

Bernd Eckenfels
April 21, 2011

Dont feel safe now, you still run their software on your PC.

Gunnar
April 21, 2011

Oh, so you did lie about employers not having access to OUR data?

Fucking assholes. Willing to sacrifice all your credibility and post completely dishonest information on your webpage in order to appear more secure than you are. You are not secure. Our information is accessible by Dropbox. And I will never trust a word you write again.

frustbox
April 21, 2011

Let me add a thing or two.

Secure encryption is possible, as I stated above. And you would still be able to cooperate with US (or international) law enforcement.

To actually successfully claim access to your customer information and data they need some form of evidence, preferrably strong evidence. This also indicates, that they know the potential content of the files. What is more important for law enforcement is information about IP-adresses, online times, and who has access to these files (and when did they access it). Thus the accomplices.

And considering that they have strong evidence against individuals, they could simply search the house, seize PCs and get access to the files that way.

Your argument falls flat.

So, in which cases do your servers, the administrators or anybody who hacks your system, or the US government access to the users files contents? Many of yor users do not even live in the US, do you provide the government access to the files of, say norwegian inhabitants?

Kray Mitchell
April 21, 2011

Wow, you guys are just a bunch of whiney bit**es. Your data is as safe as it can possibly be, and they have security protocols in place to ensure it stays that way.

All you can do is bitch about a slightly misleading line of text? Well, maybe you should offer your obviously superior legal-ease writing skills instead of complaining then shouldn't you?

Now shut up and stop wasting their time with petty crap so they can continue to provide a kickass service and product (To those of us who actually care about that, and not about your lame ass attempt at attention getting over nothing. You should really get into religion, they LOVE people like you) instead of trying to defend it to idiots like you.

Kemp
April 21, 2011

You're storing “proprietary business trade secrets” on a cloud service? I think you need to reconsider your business model. Do you at least pay, or are you trusting a free service?

krisu
April 21, 2011

So what?

Daniel Larsson
April 21, 2011

There are in fact ways to comply with US laws and still keep user data inaccessible. All you have to do is employ a zero-knowledge environment with client side encryption key creation just like SpiderOak or Wuala and any data that is handed over is still encrypted and useless.

Evan Hood
April 21, 2011

I've got no issues with items 1-5 and as pointed out by dropbox themselves am retrospectively more concerned about how broad their TOC used to be – but that's all background noise.

The real issue here is buried in point 6 and concerns the issue that Derek Newton discovered.
http://dereknewton.com/2011/04

DropBox, you say you're 'dedicated to security', but the use of a single host id chucked in an unprotected sqlite database file and transferable to any system demonstrates that you aren't. Please fix this quickly. Talk to some experts in the field and come up with something much much better.

Xyzzy
April 21, 2011

So what? I signed up for DropBox and paid for a one-year subscription based on that assurance — that everything was transmitted and stored in an encrypted format, and DropBox itself had no technological way of decrypting that information.

There's no other way of interpreting that statement. That statement means that DropBox does not store the decryption keys. I reasonably believed, based on that statement, that all data was encrypted before it left my computer, and couldn't be decrypted except on my computer. I.e., like a cloud-based version of TrueCrypt.

Now they're telling us “actually, we do store your keys, in case that we need to decrypt your data.” I'll take them at their word that the keys are stored in a safe manner, and that this is rarely done. However, their original statement was a lie. Moreover, the fact that they store the encryption keys automatically creates a security vulnerability — no matter how secure they might think their key-storage system is, nothing's perfect.

Perhaps this security isn't as important for you. However, that doesn't mean that it isn't important for other people.

Kemp
April 21, 2011

If they don't store the decryption keys then there's no way for you to add a new computer to be synced without manually copying your key(s) to that computer. They don't require you to do that, ergo it's logical that they store the keys in some form.

Anyone truly interested in security (i.e. not just here to bitch at the Dropbox team) would be applying their own layer of encryption. Dropbox isn't there to secure your data, it's there to sync your data across different machines with a moderate level of security to prevent it being easily snooped off the wire. In the end, that's all you can hope for.

tl;dr – if you throw your data at someone else and just hope they keep it safe, then you're not interested in security.

Xyzzy
April 21, 2011

No, that's not common sense. It's wrong.

DropBox could store everything in an encrypted format, and without storing the decryption keys. That way nobodoy — NOBODY — could decrypt that data without my password. As furstbox notes above, Wuala does exactly this.

http://www.wuala.com/en/learn/

As Drew and Arash explain above, they made a conscious decision to do things differently. They instead encrypt data, but store the encryption/decryption keys at the DropBox servers. They did so because they it allows DropBox to have additional features.

That's a reasonable position. I'm not upset about DropBox using this method of security — it might be good enough for most people, and provide for better features. However, I am upset about them misleading us with their prior statements that nobody at DropBox has the ability to decrypt my data. That was a lie.

John Cade
April 21, 2011

My point is that you should never trust anyone with your private information no matter what they say. It's YOUR information. I applaud the self-encryption methods I see here. It's very wise.

Xyzzy
April 21, 2011

They said that they were encrypting everything, without the ability to decrypt it. I believed them. Are you saying that I shouldn't have believed them?

Additionally, your premise is simply wrong. The decryption key can be your password, or a munged/hashed version of it. Other services like Wuala and SpiderOak have no problem with synching between multiple computers, without storing encryption keys.

http://www.wuala.com/en/learn/

Børge / forteller
April 21, 2011

Why not let the user choose if she wants more functionality or more security? Or even have one safe folder where all files and folders inside that folder are encrypted in such a way that you have literally no way of accessing them, and all the other folders keep the functionality/less security of today?

Kemp
April 21, 2011

What I'm saying is that if the security of the data is so important, if it's so sensitive that you can't bear anyone to have access to it, then you need to take care of the data. Throwing it into the cloud on the word of someone you've never met that they'll keep it safe simply isn't a viable option. If it matters that much then you need to apply your own encryption, regardless of the service you use.

Dusten B.
April 22, 2011

Go to school.

Armitage
April 22, 2011

My thoughts exactly.

Jake Barlow
April 22, 2011

I get the sense that Dropbox was – and is – acting responsibly, and that there's a fair amount of expected US media hyperbole and sensationalist tabloid reporting here (which proves useful often). But I won't take them at their word with regards to my sensitive data, and that's not a knock against them. Each user has to determine how sensitive their data is and manage it accordingly. If you have data that can cost you your job, or put your ass in jail, you need encryption beyond what Dropbox ever promised. So use TrueCrypt, or something else, or don't use Dropbox at all.

That said, Dropbox could have clarified their legal language a long time ago, and not holding off until they got exposed.

I'll continue monitoring this, and will curb my use substantially for a bit, just as a matter of principle.

bluequest
April 22, 2011

What's so hard about encrypting the files yourself and then upload thus making it very hard for Dropbox and anyone else to decrypt them?

Aankhen
April 22, 2011

Might be a good idea to dip your head in a bucket of ice water, Kray. :-)

When you’re not the only one who has access to your data, it is not “as safe as it can possibly be”. Is this really so hard to understand?

Apostropartheid
April 22, 2011

I am certain this wouldn't work with Dropbox. If the key is generated by a client, then you cannot access your data from a web browser, surely? Thus Dropbox becomes a lot less useful.

frustbox
April 22, 2011

This is probably the biggest drawback.

Wuala uses public key encryption ( http://en.wikipedia.org/wiki/P… ), so every user has a pair of keys. One key is public, the other is private. The public key is for encryption only and can be shared. The private is the only key that can decrypt files, therefor this private key remains private at all cost. So encryption uses a public key, anyone could encrypt files with your personal public key, which results in a file that you, and only you, with your personal private key can decrypt.

It is possible to encrypt a file with more then one public key, resulting in a file that is decryptable with multiple private keys – this happens when you share a file with your friends.

It is also possible to share files with “the internet”, simply by encrypting with the public key of the server, so the server can decrypt the data and make it accessible on the webpage. But you must actively choose to do so.

It is also possible to access your private files without sharing them. But since encryption/decryption happens on the client side, there must be a special client. Wuala uses a java applet for this – I'm not a fan of this, to be honest. And I am not 100% sure how they transfer the private keys to other computers, when using the applet. It's most likely some symmetrical encryption using the users password and therefore inaccessible for the servers.

So, it is possible to access your data from anywhere, as long as you are willing to live with java. It's your preference, unfortunately secure and comfort rarely fit together.

Josh Holloway
April 22, 2011

Based on your website, it appears you have a Twitter account and a Facebook account. I'm guessing you also use Gmail. You might want to start looking for alternatives to those that don't have similar terms of service that Dropbox does. Please report back to us with what you find!

justincardinal
April 22, 2011

People can make decisions about what data they share and where, based on how important the privacy of that particular data is. When people use these services, the onus is on them to determine how secure their data is on that service. In the case of Dropbox, people were told their data was encrypted and that Dropbox could not decrypt it. With that information, users could reasonably put very private data on the service with the expectation that it couldn't be accessed or shared.

justincardinal
April 22, 2011

FWIW, I considered creating a TrueCrypt volume to store sensitive data within my Dropbox account. After reading their information that said the information was encrypted and that their own employees couldn't access it, I made a conscious decision that the extra layer was unnecessary because the data was already secure. That's the problem; people made decisions about the security of their data based on what Dropbox claimed, and now it turns out those claims were untrue.

Garret
April 22, 2011

I think it's important to remember that dropbox is run by a small group of ordinary people.

Yes, they did blatantly lie on their help page, but I doubt it was purposeful. I'm sure that the guy who wrote the page wasn't a lawyer and was meaning to state that general employees can't access your data and the few that can won't (except in accordance US law). It probably seemed easier and cleaner to sum that up with:

“Dropbox employees aren't able to access user files, and when troubleshooting an account they only have access to file metadata (filenames, file sizes, etc., not the file contents)”

Sure that's still a large mistake, but it's not that dropbox lied, but rather gave off the wrong message. I also believe that that message was removed because it was realized that it was misleading and doesn't belong there, rather than as a coverup.

TL;DR employee thinks misleading privacy statement is more succinct, no conspiracy

Jdsunday
April 22, 2011

I no longer trust Dropbox. I will not recommend it. I will migrate off it. The lies were intentional. Client-side encryption is possible and was implied.

Phillip Morris
April 22, 2011

Please post, sans any indentifying information, the type of requests you receive once a month. If it is from a duly appointed guardian of the public the point is moot, if it is some lawyer who thinks someone “might” be in violation of copyright infringement then it's not in any users “best interest” to disclose any documents or that they are in fact a member of Dropbox. There is no government law in the United States, I repeat, there is no government law in the United States, which forces a company to disclose a customers identity when engaged in legal commerce and a suspicion of illegal conduct must be apparent before a writ of disclosure can be forced upon a legal company, operating within legal parameters with customers in which no illegal activity is indicated.

Programmer
April 23, 2011

Java is great and available everywhere, I dont see a problem using it.

Computergeek3308
April 23, 2011

And where did you move to

Arash
April 23, 2011

hey ewan,
sorry for the late response!

in our help article we stated “Dropbox employees aren't able to access user files”. we prevent this via technical restrictions on our backend as well as strict policies. we didn't feel this statement implied anything about the mechanisms used to prevent access to the data.

that said, it's become clear that the statement wasn't explicit enough about what the barriers to access are (and that access is technically possible when absolutely required – e.g. to handle mandatory legal requests).

consequently, we've updated our help article (https://www.dropbox.com/help/2… and security overview to be explicit about this. we're always open to feedback on how we can be more clear or transparent so please let me know if there's anything we can improve!

-arash

Kevin
April 23, 2011

That url gives me a error.

Privato Christian
April 23, 2011

Hi
I'm a (still) happy user of Dropbox.
I'm not a total paranoid about privacy/encryption and so on, but – technically – if you offer your product/service as secured and encrypted (and this is the message that costumers received…) simply change the TOS and make it more 'readable' is not a very great move in my opinion.
To be honest I'm using DropBox as 1 'backup' system of some (not all) of my files and 2) as sharing system between different platforms. It works.

To 'resolve' the problem (and to try to keep the 'paranoid' users or attract new ones) why dont' offer the possibility to choose to use the 'standard' (as today) Dropbox (with 'remoted' encryption) and a new one (with some limits about meta-data and so on) that 'encrypts' data BEFORE sending on the cloud?

So you could give more than a solution.

Cheers, and go ahead!

Suranga Athukorala
April 23, 2011

it's great great and a great service. i am very much in to dropbox and promoting as much as i can. now i have gain up to 10 Gb.

God
April 23, 2011
Simon
April 23, 2011

Given that there are more security loopholes in the operating system most users use world wide , I am not in the least bit concerned with drop box as a service, I will continue to use it as a back up and storage device

Kevin
April 23, 2011

Thank you.

Kortney
April 24, 2011

I am just amazed at all of you who seem to think that you were lied to. The page that everyone keeps linking to, the old “How secure is Dropbox” page, has these sentences plainly written right after the one you all keep quoting: “Like most online services, we have a small number of employees who must be able to access user data for the reasons stated in our privacy policy (e.g., when legally required to do so). But that’s the rare exception, not the rule. We have strict policy and technical access controls that prohibit employee access except in these rare circumstances.”

Those of you who read that and got “my data is encrypted such that no one at Dropbox can access it ever under any circumstance” really need to, well, learn to read.

Kemp
April 24, 2011

Unfortunately, people love to be outraged. It gives some meaning to their existence for a vital few hours.

Jonathan
April 24, 2011

Hi,
There's a theoretical solution for the problem, as I presented a month ago at CloudCon2011, using a secret sharing key:

In such case, we define the shared folders with at least three cryptographic keys (one for the folder, to be shared with anyone, and one for each user) in such way, each user could read or write to the folder seamlessly, he could also index and search using his key (and the shared key), share the information with others (by adding another key).

Implementing secret sharing in such a case (which was yet to be tested) may allow enhanced privacy with the flexibility of sharing the information through networks and users.

J.

Yorck
April 25, 2011

International user here. I have not been mislead by any of your statements, but since this is the first time that I have seen you acknowledge some issues I may as well comment here.

I have been using a free account to transfer the occasional file, but unless you seriously rethink your attitude towards privacy a paid account and using your service for otherwise unencrypted valuable files are unthinkable.

Permanent warrantless search in some overseas jurisdiction with weak privacy laws is not the most thrilling prospect.

Rob Pickering
April 25, 2011

Everything I know about security, I learned from X Files: Trust No One.

If you trusted Dropbox to secure and encrypt your data, you were not really that concerned about it in the first place.

If you opted not to create an encrypted volume (or volumes) on your Dropbox to which only you knew the encryption keys, you probably did that because of performance or convenience reasons, and so you've opted to skirt the security concerns.

Trust No One.

Rob Pickering
April 25, 2011

Yes, we're saying you shouldn't have believed them. If security is important to you, you never trust anyone. Encrypting your own data is the only way to secure it. If you aren't responsible for it, then someone else has to be, and you've given away your ability to be secure.

Rob Pickering
April 25, 2011

You're going to look for an alternative, probably free, provider who will secure your data for you? Good luck. If it's in the cloud and you haven't secured the data yourself, then someone has access to it.

You have now secured your data in a encrypted volume to which only you know the passphrase. THAT is security. You won't find a better provider than Dropbox to handle everything else. If you trust someone to secure it for you, you're just being naive.

Carbonite on the Macintosh has the same problem. It's encrypted, but Carbonite won't let Macintosh users upload their own keys, therefore, they know the key and can access the data. It's why I don't use Carbonite. See here: http://bit.ly/i8F54G

Rob Pickering
April 25, 2011

If it's on Twitter or Facebook, then Twitter and Facebook employees have access to it. Hell Zuckerburg even emailed people about browsing through everyone private data. He even used Facebook data to hack into other systems: http://gawker.com/#!5491306/di

You're just naive if you trust any provider to secure your data for you.

Jeffrey
April 25, 2011

What you quote is the new version of “How secure is Dropbox”. The old one does not have that part. Also, it removed the part saying even Dropbox employees aren't able to access your file.

Dolllar
April 25, 2011

It's so funny that people are saying, “They lied to us before, so how do we know they're not lying now?” If they're that paranoid, shouldn't they worry about anyone lying? The smart liars will never reveal that they lie, so they will never lie to us before. Remember the braintwister about the person who said “I am not lying right now”? They were always lying. I think. Maybe not. P.S. I am lying now.

Roy Sablosky
April 25, 2011

This is an endearing letter, but I just cannot overlook the difference between “we CANNOT decrypt your files” and “we WILL NOT decrypt your files unless the FBI asks us to.” Those statements are not the same. Maybe it's technically challenging — even impossible — to provide the level of security promised in the original TOS. The fact remains that you did promise it. You haven't changed the service, you've only removed the misleading language from your TOS. Apparently you can and will hand over my stuff to the feds if they ask nicely. There are other services that CANNOT hand over my data even if the police threaten them with violence. That's what you promised and that's how it ought to be. So, even though I personally have nothing to hide, I am terminating my relationship with Dropbox.

Phil
April 26, 2011

Why not just encrypt your data before uploading to dropbox? Just a thought…?

AlbertoP
April 26, 2011

So it was very misleading. Compliance with law is not under discussion.

However there are US-based services that rely on encryption, where the company offering the service does not have any way to access data. Among the backup/sharing solutions spideroak does that. LastPass does that too. The choice made by dropbox is of convenience, since the technology to avoid what they do without being able to access data directly exists and can be legally used.

AlbertoP
April 26, 2011

Your technical consideration is not correct. It is possible not to know the encryption key as plain text and still do what you say. It is also possible to offer web access without them knowing the encryption key.

Shared data do not pose a problem, but having non-public data accessible by their employees is not really good and makes dropbox a less comprehensive solution.

Sure they are not there to secure our data, but it is also true that they are not doing all what possible to offer the state of the art in terms of security.

Anyway, I hope they will reconsider their practices because I like the service.

Alberto Passalacqua
April 26, 2011

No, it would not be more cumbersome for the user. Other services (two were named before) do not have access to the encryption key and at least one of them offers identical functionality to dropbox.
Dropbox simply decided to use a simpler implementation on their side.

AlbertoP
April 26, 2011

Actually the problem has nothing to do with the government being able to access user's data. The government can anyway do that by examining your machine, search your house and so on. This is really not my concern.

The actual concern is that there is no clear statement on the security policies adopted inside the company to prevent employees to access data, for example. They simply claim only a few can. They do not say why this can happen and they do not explicitly say that this is limited to when required by the government.

AlbertoP
April 26, 2011

Stating what algorithm they us is actually correct and does not compromise anything.

Kray Mitchell
April 26, 2011

You live in a world of shared data. Any company offering services like this, has at least some access to your data. Doesn't matter if it's Google with Gmail (Every email gets read by a computer to render ads), or Dropbox.

You are diluted if you think your data is 100% anywhere. Have you not read the reports of Fortune 500 companies having their customers credit card numbers being stolen from vulnerable websites?

What about all the information that gets stolen and accessed by social engineers in real life, without the use of computer?

There is SO many things that you can put that energy into fixing, and making the overall world security better, but instead you bitch and whine about insignificant things like this? Really??

How about this, if you don't like their TOS. DON'T USE THE SERVICE.

I pay for their service, and I am more than confident that a) my data is safe, and b) they are not rooting around my files at any time that is not required by law. I can't say the same about the 17yr old pizza guy that takes my number at the door.

So, your data will NEVER be as safe as it can be, because criminals and curious alike are always looking for ways to take it.

Ikke
April 26, 2011

What I'm asking is what is so personal in your dropbox? Your personal porn collection?

I s n
April 26, 2011

So how does sending “fake” DMCA notices to surpress open source projects fit into your strategy?

Chase Parker
April 27, 2011

I'm sorry, this excuse simply doesn't wash. You didn't say “Dropbox employees aren't ALLOWED to access user files”, you said “Dropbox employees aren't ABLE to access user files”. No amount of prevarication on your part will convince me that your intent with the old wording wasn't to convey the notion that access to encrypted customer data wasn't possible. It won't convince me because that was CLEARLY your intent, and anyone reading the old wording can see that for themselves.

While I agree that the rest of this “scandal” has been fairly overblown by some users and by the tech press, this particular issue remains outstanding. And I'm sorry, but your responses to this concern seem not to come from an honest desire to restore our trust in you, but seem designed to minimize any legal liability you had for quite clearly and explicitly misleading your customers in both your TOS and your website.

It is this issue, and no other, that makes it impossible for me to trust your company or your service at the moment. If you had just copped to it and admitted that your old wording was flat-out deceptive and explained WHY it happened that way, I would have been amenable to further explanation. But the fact that you're STILL trying to pretend that it was a poor choice of wording instead of manifest and blatant misinformation makes that impossible.

I'm sorry, this just isn't something you can “make right” any longer. You had your chance to do so, and you used that chance to dodge and weave instead. I can no longer recommend that users trust your service when it comes to data security due to the simple fact that you have proven yourselves willing to deliberately mislead your customers when it suits your legal interests.

It really is a shame.

villager
April 27, 2011
Crowe
April 28, 2011

Am I missing something, or did the cached page say, “Dropbox employees are prohibited from viewing the content of files you store in your Dropbox account”.

It didn't say they weren't able, it said they were prohibited, which they are via their own internal security and procedures. This is at worst a little misleading.

AlbertoP
April 28, 2011

There is a difference: google clearly states what data are stored, and it does not offer any secure and private storage service. It does not offer anything comparable to dropbox.

The information stored by google is accessible and controllable in detail in your account privacy settings too.

When they compare dropbox Terms of Service to those of other companies they forget that all other companies cited in the list do not offer anything like dropbox, which is yes a file sharing service, but also a remote storage service.

Guest
April 28, 2011

Kray, you are missing the point here.
Two things:
1. I've used the service thinking that Dropbox employees are NOT ABLE to access my data.
2. Now, I know that they, in fact, have no issues accessing it.

Now my question: Should I trust them that if I cancel my subscription completely and ask them to delete data, they will comply? And will not make a backup somewhere for “future reference” or whatever other purposes they may have?

Hermann Mucke
April 28, 2011

Well, I haven't had time to read all 105 comments and maybe something like this has been said before, but here is my position – not only with respect to Dropbox, but to any cloud storage service:
If you want to be reasonably sure that your data are not accessed by governments or service employees, don't upload them anywhere without state-of-the-art encryption. If you want to be as sure as you can get in a world of hackers, don't upload anything anywhere. IMHO, cloud storage of any flavor is for uncritical files. Thats it, period. -HM

Jason A
April 28, 2011

While your point is valid, its not the same original argument. The fact of the matter is, they mislead customers and caused harm to those customers who have concern over the security of their data. Yes one should take care of their data if its “that valuable”. My car is valuable as well, but that doesn't mean I won't trust a valet company to park my car if I see a sign that says “We'll Buy You A New Car If We Damage It”. That statement would be misleading if while parking my car, they totalled it, and refused to pay for a new car. Every customer that didn't have an incident was mislead and harmed, whether they had damage or not.

Billy Gee
April 28, 2011

I agree Guest, the issue is in being lied to. Everyone is aware that there are security risks, especially online. However, if you decide to use a service based on a lye, that is a damn red flag! Really sucks.

Gee, http://palmspringsplasticsurge

Lifehacker.com has an article on how to permanently delete DBox files. If you dont want to use it anymore, you might find it useful.

Billy Gee
April 28, 2011

that said, i still like and use dropbox.. :)

Billy Gee
April 28, 2011

my bags are packed!

Gee

Billy Gee
April 28, 2011

Facebook and private data? What a laugh! I get your point buy the difference is that people dont open facebook and twitter accounts to store private docs and files. Pics dont count! Who decides to store their financial spread sheets on Twitter? Nobody…they are different animals

Gee, OperationWeb.com

Rob Pickering
April 28, 2011

People post private data on Facebook all of the time. They assume only their friends can see it, no one else. Just because its shared with a select few doesn't mean it isn't private. People out themselves all the time:

http://digitallife.today.com/_

And Pics do count, some of the most private data are pictures. Twitter and Facebook were just examples of two popular sites where employees have access to user private data.

Use mint.com? Someone at Intuit has access to your financial accounts. THATs pretty private.

Ian Buchanan
April 30, 2011

I am sad that Dropbox has access to our files. I have convinced my company that we can use this service for our project files, instead of using a VPN into our companies servers. They were sold on the fact that the files are encrypted. I expect that we will have to stop using this service, to which we buy about 40-50 50GB licenses each year.

I am wondering if any of you guys know how the Wuala.com guys are accomplishing what Dropbox says is impossible. Are they lying too?

Thanks.

Ian Buchanan
April 30, 2011

Why not give people the option to use client encryption; just let them know the drawbacks and let them decide?

scouser73
May 1, 2011

I've been a Dropbox user for a few months now, just referred my brother to this fantastic service. Thanks guys.

Ryan Ells
May 2, 2011

There are services that allow you to control your own encryption and keys. I like Dropbox, but I use Lockbox for stuff that is really private or confidential. I note that even if Lockbox was served with a legal notice, the only thing they could hand over would be encrypted blobs!
http://lock-box.com

Jon
May 4, 2011

I see the audio podcast “Security Now” mentioned this recent Dropbox news on the podcast. http://www.grc.com/securitynow

Elizabeth McGaffey
May 4, 2011

Thank you, Dropbox, for not pushing this question under the rug. Despite the paranoia of some of your users, I agree that your wording was adequate. Employees aren't ABLE to access my information because it is encrypted and protected from casual access. Naturally, you'd have to comply with U.S. laws–who would want you to fail in your civic duties? And your current explanation even provides an out for those of your users who don't want anyone to see their files–just encrypt them before dropping them in the box. That shouldn't be so difficult for these technical geniuses if I can do it. (I don't but I know how.)
Your clear explanation makes me even happier that I discovered Dropbox for sharing files with my family across the globe. I even use it to move my exams from home (where they are written for security reasons) to the university. This program fills a real need.
Highest regards,
Pleased User, Teacher of English, University American College, Skopje, Macedonia

ktula
May 13, 2011

I am taking my business to Spideroak.

qnetter
May 14, 2011

Diluted? What is @Aankhen being mixed with?

Ted Wood
May 14, 2011

You're suggesting that Dropbox intentionally was misleading their users with the old wording. That would suggest they had motivation and benefit for doing so. That's pure assumption on your part. Yes, the old wording was open to interpretation and you clearly interpreted it in one way, but that doesn't mean that Dropbox was intentionally trying to be deceptive. Feedback from the community helped them to offer clarification. Nothing else has changed, except now you (or anybody else) can no longer misinterpret their wording. Simple.

Ted Wood
May 14, 2011

“thinking that … NOT ABLE” – that was your interpretation based on their old wording. They've since clarified that wording, nothing else has changed.

Now, will they permanently delete your data if you delete your account? That's still a valid concern, I think.

Ted Wood
May 14, 2011

“They said that they were encrypting everything, without the ability to decrypt it.”

Where did they say that? Their old wording wasn't clear enough. You ASSUMED this.

Christopher Parker
May 14, 2011

It seems pretty clear to me… I've CAPITALIZED the parts that spell this out:

“Dropbox employees AREN'T ABLE TO ACCESS USER FILES, and when troubleshooting an account they ONLY HAVE ACCESS TO FILE METADATA (filenames, file sizes, etc., NOT THE FILE CONTENTS).”

Notice how there are no exceptions noted here. No caveats. Nothing to lead a reasonable person to believe there are any circumstances that would go against this statement.

This statement, coupled with the statement that everything was encrypted with “military-grade AES256 encryption”, told users that it was NOT POSSIBLE to decrypt the contents of users' files. Any reasonable person would infer that this meant there was no way for anyone to access file contents, since they weren't ABLE TO do so.

Perhaps these links will help…

http://en.wiktionary.org/wiki/
http://en.wiktionary.org/wiki/
http://en.wiktionary.org/wiki/
http://en.wiktionary.org/wiki/

It's really not an assumption if all of the parts were there, just as it isn't an assumption to infer that a person has four limbs if they only tell us they have exactly two arms and exactly two legs.

Askithow
May 15, 2011

dropbox is good services but they not completed users promises

see full article  http://askithow.blogspot.com/2

Chase Parker
May 15, 2011

I make NO judgement as to original intent.  I'm not a mind reader.  The bottom line is that the original language was obviously intended to convey the idea that DropBox employees did not have the ability to access encrypted files.  This language remained the official line despite the fact that DropBox engineers obviously (by nature of their very infrastructure) couldn't avoid knowing that this was not the case.

It was only updated when they were exposed to a high-profile vulnerability, and now they're trying to say that the original language wasn't misleading.  The fact is that it was.  Neither you nor anyone else can deny that.

JuanJ
May 15, 2011

Of course they bad motivation and benefit for doing so. Dropbox charges for its service beyond a certain level of storage. Are you being intentionally obtuse?

JuanJ
May 15, 2011

Kray, you simply don't get it. Shoo.

JuanJ
May 15, 2011

“So what?” Are you kidding? Do you understand the difference between “NOT ABLE TO” and “NOT ALLOWED TO”? Or does the fact that both words begin with “A” confuse you?

JuanJ
May 15, 2011

“Throwing it into the cloud on the word of someone you've never met that they'll keep it safe simply isn't a viable option.”

And yet, that's EXACTLY what DropBox originally said they would do. What part of that do you not understand?

Mohamed Mansour
May 16, 2011

Client side decryption would solve this. Only encrypted data is sent through the wire, and the client can have the choice to encrypt the data themselves or the server. Having a choice is good to have.

Zugu
May 16, 2011

That's it, I'm done with Dropbox. I hope the FTC drops a heavy fine on you and that you lose a lot of your customers, because you LIED.

Kevin Barbee
May 16, 2011

I feel you need to do something for existing users.  Basically, your marketing materials lied saying no one had access if you lost your password, when obviously that isn't true.

Step up to the plate, admit you didn't reveal everything.  Give people a free month.
Or, face class action suits claiming fraud.

Step up.

Raphael
May 16, 2011

I am from the people that subscribed BECAUSE of the promise they put forward at the time of encrypted file content encrypted with the user password that even DropBox employees coul not access.

Also, worth of note, DropBox installs notification software on the Mac without even mentionning it (Growl) even less asking the user.

For me, that's two breach of trust in a row. It cannot be an accident. At DropBox, there seem to be a disconnect between what they pretend to care about and what they really care about.

That's a bloody shame because the service is great and well fantastically well designed.

Having to encrypt the data ourself is a pain and completely against the case of use. Therefore I'am now going to reconsider my use of DropBox, and certainly I won't recommend it anymore.

Raphael
May 16, 2011

I second that! And in other part of the documentation they insisted at the time that nothing could be done to recover the data if the password was lost.

I signed on the belief that the key way my password. Why? Because that make sense: a user password does not need to be stored anywhere, making it REALLY impossible for any employee to decript the content of a file.

I believe now that this was the original intent of the DropBox founders. Later on, when they realized the difficulty of maintaining the system, the dropped it without telling anyone. But they kept the now misleading wording. This is just plain dishonnest.

Raphael
May 16, 2011

I might add for the sceptikals that server-side encryption could be perfectly legitimately used for public and shared items alongside client-side encryption for purely personal items. Of course, this should be mentionned explicitely.

phillipadsmith
May 16, 2011

Unlike.

Ted Wood
May 16, 2011

Juan, are you a business owner? If you were, would you intentionally try to mislead your customers for your own benefit? It seems that companies that shoot to great success (Dropbox, Apple, etc) come under fire and get put in a light that makes them look bad, even if they are just doing what any one of us (in business) would do, trying their best to offer a great service.

I'm a paying customer of Dropbox. Have been for two years. Just because they are successful doesn't make them evil. There are human beings running the company and not everything is going to get done perfectly all of the time.

It may sound like I'm defending Dropbox. I'm only trying to be realistic and reasonable about this situation.

Ted Wood
May 16, 2011

Raphael,

Where did Dropbox promise to encrypt your files with your own personal password? Please point me to that note.

As for Growl, that issue has been corrected, I believe. I view it as an oversight on their part. Growl is a well-accepted utility on the Mac and is not considered unacceptable malware. Plus, it's easily managed system-wide and on a per-application basis. Not a big deal. The fact that Dropbox installed it without explicit permission was something they fixed after getting community feedback. I fail to see the ongoing problem here.

Ted Wood
May 16, 2011

So how has your data become compromised? Please explain. If your data is still safe, then they've delivered on their promise. What part do you not understand?

Just because something CAN be done, doesn't mean it WILL or HAS been done. This is an issue blown out of proportion.

Ted Wood
May 16, 2011

Ryan, I think you make a valid point. In order for Dropbox to deliver the service that they designed, there needs to be some access to the data / encryption keys. Consumers can strike a balance between the convenience of Dropbox and the increased security that other services might offer by utilizing multiple service providers.

Homeboy
May 16, 2011

Can I encrypt my data (using Truecrypt) and upload the hashed files, will the continuous sync corrupt the encrypted  files?

Crisis
May 16, 2011

I concur with you Kray. You guys are hyped up over nothing

If you ever believed that any online service does not in some way have access to your data then you not living in the real world. If your data is that sensitive, illegal or so classified that it can not be trusted to someone who has more to do in life that probing into your secrets, then save your data on a usb stick. You would be a fool to use any online service to store such material

Dropbox is great product. would i recommend that you save sensitive data on this service? not without warning no. Would I do it myself? yes probably. but then mybe i have less to hide than you guys do

and no i will not use my real name to post this. You think I am an idiot or something?

Will Peavy
May 17, 2011

“in our testing, enabling SSL for all metadata transfers made the app several times slower”
Please provide an option to allow users to opt-in to SSL mode. I'm willing to accept a slower app in exchange for SSL communication.

Will Peavy
May 17, 2011

@Ian, thanks for posting the link. Wuala looks like a nice service – I'm going to try it out.

Seneca
May 17, 2011

According to the Wuala homepage, 'no one unauthorized can access your files” Does that mean that someone who IS authorized – someone with a legal order/warrant can access them?

Calle
May 17, 2011

I will as many I have talked to cancel my account to move over to SpiderOak or Wuala..

DT
May 17, 2011

This is just terrible, so YOU are able to access our data but “not” allowed too, that's fine, but it means that you have our keys to decrypt our files, no? Take a look at what happened to SONY PSN, what if someone hacks into Dropbox, takes all our keys, decrypt things at their will or put the DB on PirateBay, or……?

This questions a lot of things, if you are able to decrypt all the data without our passwords it means that any one can.

I'm really disappointed, i Loved soooo much Dropbox :(

Guesticle
May 17, 2011

That's it, I'm ditching DropBox for Spideroak.

Mark
May 17, 2011

I've not registered for Dropbox, and this is certainly a reason for me, to keep it that way and steer clear of the service.

The original wording (“aren't able to access”) clearly did not reflect the truth. In the end though, it's not the company's fault, that your data is not 100% secure, but it's a problem with U.S. law.

Therefore google and other U.S. companies are similarly obliged to hand over your data if need be. I live in Germany and here privacy laws thankfully are a bit stronger than in the U.S. I will never use gmail for that very reason. Also I don't want my e-mails scanned for ad purposes thank you very much.

Jim
May 17, 2011

When you cannot spell deluded it dilutes the validity of your post. Also, subject/verb agreement would be nice. Nevertheless, I agree with the tenor of your post.

Scott330
May 18, 2011

My kids can get to the cookie jar but are not allowed to….you can imagine how well that works!

allanwhite
May 18, 2011

They cover this [completely unrealistic rant] in point 6 above.

Stuff that I want to be secure, I encrypt myself. You should too.

David
May 18, 2011

Well, i think you guys offer a great service – as for those that are unhappy with the level of security (some people are never happy), perhaps they should consider taking responsibility for their own situation and take this into account using Dropbox.. It's easier to place blame elsewhere I know.. So here's some advice: If your file is sensative, don't upload it to a cloud – and if you have to upload it, encrypt it yourself!

acid0000
May 18, 2011

Apple is trying its best to offer a great customer service? Buahahahaha. Nonsense.

You must be referring to this
http://www.scmagazine.com.au/N

Or that
http://economictimes.indiatime

Or maybe this?
http://www.macrumors.com/2011/

acid0000
May 18, 2011

+100500
“This language remained the official line despite the fact that DropBox engineers obviously (by nature of their very infrastructure) couldn't avoid knowing that this was not the case.”

Nobody is going to reply here… because they have nothing to say.

Guest
May 18, 2011

There is no such thing as secure online data…..
The word online removes any security from anything…..

Steven Bullen
May 18, 2011

Any particular reason you make it so hard to permanently delete files without contacting you?

Also any reason a folder I have emptied keeps coming up with the following : “Too many files to permanently delete, please contact support for assistance.”

George Webb
May 18, 2011

If you want truly secure data keep it in your head. Once its on a computer it is not secure.

mcg1969
May 19, 2011

Frankly I think y'all need to offer refunds to customers who aren't satisfied with your explanations here. I'm only a month into my subscription, and now I find myself with the prospect of eating the remaining 11 months so I can migrate to a service with a true zero-knowledge policy. This is certainly a learning experience for me, and an expensive one.

Will Peavy
May 19, 2011

Update – I've been using Wuala for the past couple of days, and am going to be switching from Dropbox to Wuala.

Dropbox offers a really nice service, and for some people it may be the best choice for their personal needs.

Wuala better meets my needs though. For example, Wuala encrypts on the client (which is the security model I prefer), but this means it is also places more demand on my computers' CPUs, and makes it sync slower than Dropbox. However, I'm willing to accept slower speed for client-side encryption. I believe the designers of Dropbox have focused more on speed, but this speed comes with a price that I don't always want (for example, not using SSL on mobile devices).

John Doe
May 19, 2011

Christ it really isn't hard to understand. The backend is a filesystem, there will be controls in place to prevent access to that structure, i.e. John Doe on the helpdesk can't browse the directory structure. It is a technical control. Do you really think it's any different at your bank? Your mobile phone operator? 

If you are paranoid about someone being nosey and reading your 'stuff' encrypt it, even if you only password protect the word doc, zip it with encryption or use some heavier grade encryption utility.

Pete
May 20, 2011

I signed up for dropbox when it first came out, and the ONLY reason was because I clearly remember reading that files were encrypted such that not even Dropbox itself could access the contents.  This is crystal clear in my memory because I care about these things, and before this I was using JungleDisk and encrypting my own data.  This alone is the MOST important feature of any file storage service in my opinion.

So it does not matter how liberal you might be with your own data, or how you think Dropbox as a service *should* function.  What matters is what users were led to believe when signing up, and decisions that were made as a result of that.

So yes, I do feel deceived, and the cover-up PR going on now only reinforces that feeling.  So I think more people need to know about this so that when a security breach does occur, or when users are impacted legally, then DropBox can pay for the damages.

Test
May 21, 2011

Test

Ff258147
May 23, 2011

I downloaded your software in my phone  and login, but  lost to my all the  photos ……please tell me why !  All the phone is very important, just one !!!  I can't accept that……………………………….. why???? 

all the photos had fall away………………………………………………………………….

Andre
May 24, 2011

I was about to say the same thing. Anyone passing information to anywhere online needs to understand that there will always be a breach somewhere. If it is that important you encrypt on your platform so that all DropBox files are already encrypted. problem solved.

Matt Ostgard
May 26, 2011

Yup.. I don't know what made all these internet companies believe that if a large enough corporation wanders by they have to hand over whatever user info is requested.

RWilsker
May 27, 2011

No issues accessing it? Come on – limited number of users, audit trails of when it's accessed, etc. Sorry – not just any Tom, Dick, or Harry able to do so. 

Do you really think it's any different at your company? Trust me – it isn't. Our IS security folks can access anything on the system at any time. Do they? No, because without approval from HR and Legal, they get fired. All audited and recorded and limited to a *very* small number of users. As I've said to my CIO – the day you don't trust me, have Security walk me out the door.

There is no absolute security. Just more or less secure. And Dropbox is in that “pretty damn secure” category. As they say – if you need more, use something like TrueCrypt to add your own additional level of security. You'll lose capability, but that trade off is your choice. Or don't use them at all.

But don't think that any cloud storage service isn't going to have a small number of users that can access data under a defined and audited protocol. And don't assume any cloud storage service is going to fail to honor their legal obligations.

James
May 27, 2011

Thank you to Dropbox for the clear, concise explanation. In my opinion, those who do not understand security well are the same users who are complaining so loudly here and elsewhere. I see it like this:

• They signed up for Dropbox because they don't understand the intricacies of security, and wanted a “safe” place to store their data with all the conveniences Dropbox offers (syncing, web access, backups, etc.)

• These users still don't understand the intricacies of security, but they read some blog that said Dropbox lied and now think their data isn't as “safe” as it could be — “darn you Dropbox, darn you all to heck!”

In truth, the statements made by Dropbox weren't misleading. They weren't as detailed as they might have been, but in principle, they were correct.

Another truth is that the service is excellent, your data is as “safe” as any data stored at your bank, and you have nothing to worry about… unless you really, really have something that must be kept ultra-secure, and in that case, you'd better learn a lot more about data security, as quickly as you can.

Seriously, how many of those who are up in arms about this non-issue actually have anything of such importance to keep secret?

Wowstudio
May 28, 2011

Screen keeps opening asking for my password to upload the latest version. Is this for real or scam?

BP
May 29, 2011

If you decide to pour lye on your computer, now THAT's a damn red flag!

Kip Boyle
May 30, 2011

Just today (5/30/2011) I read this posting with no previous awareness of the ongoing issues. As a former CISO of a regional insurance company, I like the way your are now handling this issue: Using plain language, admitting your previous communication didn't come off quite right, and giving customers choices about how to protect their information. I came here to see if I want to give Dropbox a try. Now that I understand the security you use, I will. Thanks.

Siddhi Pittayachawan
June 1, 2011

Here (http://en.wikipedia.org/wiki/C… contains a number of online backup services that encrypt stored data.

I am not complaining here. Just that it is a good time to rethink whether we should switch to other providers that really care of their customers. I don't see how I can trust someone based on the basis that they lie on the business contract agreement.

Jack
June 3, 2011

People make mistakes. I doubt the person who designed the site wrote the TOS. During a meeting the person who wrote the TOS probably heard someone say they can't access the user's data and so they put that in the TOS.

In a sense, the internet is still the Wild West. You are only as safe as the precautions you yourself take. Don't depend on others.

John Bradshaw
June 4, 2011

I was not pleased when I read this. I don't think Dropbox is doing anything different than its other competitors yet I feel that using words like “able” and “prohibited” interchangeably is either incredibly disingenuous at best.

I've maxed all my referrals out with Dropbox to the tune of 19.25GB of free space, however, I am having inclinations of moving to another service and deleting my account.

A mistake is forgivable but I feel that Dropbox is pretending there is no difference between “able” and “prohibited.”

captainjesse
June 7, 2011

I think this is disappointing and I would like dropbox to find way to make it impossible for staff to access our files.

One of the key features of this service is security and when that security appears to be weaker than previously advertised, it devalues the service, and raises questions of the company's integrity.

Even if dropbox claims they did not intentionally mislead customers (and I think there is strong case that they did intentionally mislead customers), it shows that dropbox now has a history of providing a weaker level of security than advertised.  I think they only way they can now regain consumer confidence is to harden things up and then conduct an independent audit of their system's security.  If I could read a report by an independent company, even if it contains some negativity, I would feel safer than reading another document from dropbox.  If dropbox did this, I could easily shrug the past off in good will.

tl; dr;  Dropbox should bring in a 3rd party to access and verify dropboxes claims to the public.

Admin
June 8, 2011

that's a bit sneaky that the staffs are allowed to access our files. and you cannot rely on terms that they won't have a look at your files for fun or something else. 
But this can be overcome by truecrypting your files. then no one would see your files. and when you want to share the folder you can just share the truecrypt password to the person you are sharing with.

website design
June 20, 2011

I agree Guest, the issue is in being lied to.

Mikey
June 21, 2011

> It seems pretty clear to me… I've CAPITALIZED the parts that spell this out:
>
> “Dropbox employees AREN'T ABLE TO ACCESS USER FILES, and when troubleshooting an > account they ONLY HAVE ACCESS TO FILE METADATA (filenames, file sizes, etc., NOT > THE FILE CONTENTS).”>> Notice how there are no exceptions noted here. No caveats. 
> Nothing to lead a reasonable person to believe there are any circumstances that 
> would go against this statement.

Quite the contrary – there is a specific INCLUSION “when troubleshooting an account”, so everything else is an exception.  For example “when responding to a legal request, they DO have access to the file contents” seems a pretty straightforward possibility, directly following from the statement that you quoted.

Tulek Behar
June 21, 2011

Anyway knowing your policy and technical possibilities , a culprit may want to get employed by you and abuse during employment or after spending some time with you.

Tulek Behar
June 21, 2011

IOW bribing buys anyone

Tony Webster
June 22, 2011

Kray, still stand by your statement that Dropbox user data is “…as safe as it can possibly be?” ;)

lol
June 24, 2011

I have only one thing to say. I'm not at all offended or shocked about this. If something is digital and online it means that someone (apart from yourself) will always be able to access it. That's how the internet works. If you don't like it, then I suggest you move away from your computer and go live like they did before internet became som mainstream.

As for their change in TOS.. I don't care? As stated above I pointed out that someone will always have access to it no matter what. It doesn't matter what used to say in the TOS or what it says now. Someone will always have access, regardless of some text.

People are hacking goverment web-sites which I would assume were heavily secured. Do you really think that your dropbox would be 100% safe? I pity you fools who think your stuff is 100% on something that is online-based. To be honest, as long as your computer is connected to the internet, none of your files are safe, either you've put them online or not.

olo
June 30, 2011

Wow, you're really stupid. LOL.

olo
June 30, 2011

My full rebuttal:

“I have only one thing to say.”
Actually, you had MORE than one thing to say, but that's beside the point.

“I'm not at all offended or shocked about this.”
That's because you're a fucking moron.

“If something is digital and online it means that someone (apart from yourself) will always be able to access it. That's how the internet works.”
No, it doesn't mean that. And if you do think that, it means that you're an idiot.

“If you don't like it, then I suggest you move away from your computer and go live like they did before internet became som mainstream.”
LOL!!! That's a false dichotomy, dummy.

“As for their change in TOS.. I don't care?”
Is that a question or a statement? Whichever it is, if you are a Dropbox user then you should care, because the TOS affects you and how youuse the service.

“As stated above I pointed out that someone will always have access to it no matter what.”
If you don't want people to be getting into your shit, use strong passwords and encrypt your files, dumbass.

“It doesn't matter what used to say in the TOS or what it says now. Someone will always have access, regardless of some text.”
Everything I upload to my Dropbox account is encrypted. Even if someone did crack my password nobody would have jack shit, except for a bunch of files that are useless to anyone but me.

“People are hacking goverment web-sites which I would assume were heavily secured.”
No, they weren't heavily secured. That's why those pathetic “Lulz” retards were able to get in. Using SQL injections is weak shit and ANYONE can do a DDOS attack. Those losers are nothing but bunch of script kiddies.

“Do you really think that your dropbox would be 100% safe?”
No one is expecting Dropbox to be 100% safe you ignorant turd, they're expecting Dropbox to not do stupid shit that isn't safe and secure, and people are dumping on Dropbox because they seem to be hell bent on doing shit that isn't safe and secure.

“I pity you fools who think your stuff is 100% on something that is online-based.”
Please go back to ESL and fix this sentence.

“To be honest, as long as your computer is connected to the internet, none of your files are safe, either you've put them online or not.”
I've been on the internet for over 20 years. I've never gotten a virus and I've never been hacked. You don't know what the fuck you're talking about. Go back to preschool, you ignorant piece of garbage. Come back when you know what the fuck you're talking about. (Psst: that means you're never coming back! LOL)

Bubbablaster
July 1, 2011

What else could “inaccessible without your account password” possibly mean!!!  A security professional might misinterpret this.  WHAT?!?!

You have certainly misled people either by mistake or intentionally in order to offer some “feature”.  Just admit it.  I am extremely disappointed by this, as was the very large company I work for who has now banned your service.

Bubba
July 1, 2011

You have got to be kidding…

They said previously that the files could not be accessed except by your user password.  That was false.

Now the files are completely accessible and scan-able by anyone given access at dropbox.  Just suppose, for 3 hours Google had scanned their site while it was open.

Really…  you feel safe?  If so, please send me the keys to your car.  I will keep them safe for you.  Really.  My friends might go for an occasional spin in your car (oh… did i forget to tell you that my friends might go for a drive once in a while… oops.)  Let me clarify. I will keep your keys safe.  Really, this time I promise that I will be sure that when I have the keys no one else can get them.  I will hang them on the wall, where I put all of the rest of the keys, and tell my friends don't touch.
—-

Really?!?!  

This is an enormous breach of trust!  How could anyone possibly just brush this off so mildly and say they are handling this well.

Shut the doors Dropbox… Your done.

Akif
July 3, 2011

So That means im protected and my files are protected and no one else can see them ? only dropbox can ;s

fondotinta
July 4, 2011

great security issues.
Dropbox team rocks!

Amstrongandy
July 5, 2011

Emptied my DB today and moved elsewhere, under EU law, not useless U.S. one. Some of you don`t care because uncle Ben is everyday`s life for you.

AB
July 8, 2011

This makes absolutely no sense…

You comply with US Law, but value your users privacy.  Obviously if the data is encrypted and you value privacy you would not comply with US Law.  If the data is encrypted then US Law would have no valid reason to need access to anyone's dropbox storage.

m4xm4n
July 8, 2011

First of all, Dropbox has to comply with all United States Federal laws. Second, with a warrant, law enforcement is allowed access to the data. There are certainly valid reasons for needing this data. It is important to note that if an individual is asked to hand  data over to law enforcement they do not need to hand over the encryption keys or passwords. Whether or not Dropbox (the company) has the same protection is unclear.

Mbhmbh
July 12, 2011

Dear Drew and Arash,

I would like to thank you for your prompt action in replying to my concerns about your new Term of Use (TOU) Policy. As I mentioned in my first correspondence to you I am 77 years of age and do not have  any  earth shattering documents that I wish to protect but the few that I do have are relatively important to me. I am virtually self taught on the computer so anything that is able to give me a sence of securty or confidence is very importantg to me. I was concerned about the third party mention in your new documents. I understand that there is a necessity for you to use a third party to help your program to have funcionality, my concerns were that i would be invaded with advertisements , or people harrassing me to join their organisations or trying pressurising me to take programs that I do not want.  For any inconvenience I may have caused I apologize and if it is not too late I would dearly like to take advantage of your free version of Dropbox once again. Please can you advise me if I am still eligilble for this servcie.  Thank you once again for your time and patience in this matter and for the peace of mind that you did afforded me while I was a member of this program anmd I wish you well for the future of your business.  

Regards, Maggie.

Some-1
August 6, 2011

Just compare your two statements and anyone can see that your explanation is far from the truth.

You wrote:
“Dropbox employees aren’t able to access user files. – That means that we prevent such access via access controls on our backend as well as strict policy prohibitions.” 

and also:
“Like most major online services, we have a small number of employees who must be able to access user data when legally required to do so.”

Adriana2005
August 23, 2011

I just paíd $20.87 for an íPad 2.64GB and my boyfriend loves his Panasoníc Lumíx GF 1 Cámera that we got for $38.79 there arriving tomorrow by UP S.I will never pay such expensive retail príces in stores again. Especially when I also sold a 40 inch LCD T V to my boss for $657 which only cost me $62.81 to buy.
Here is the website we use to get it all from : http://BidsBit.com

Aerst2
August 24, 2011

What about non-government subpoenas? My understanding is that, just like for government subpoenas, you will just give up the files if the subpoena is generally valid, even for a private entity.

High School Scholarships
September 6, 2011

Good to note that Privacy's receiving so much attention lately, especially in the advent of the facebook debacle, which took litigation to rectify by the way…

Shoe Skogen
September 27, 2011

That's a lot of vitriol and hate to be spending on the internet. Piece of garbage? Turd?  …really?

Gillian Temple
September 28, 2011

Can u point me to a document I can show to school governors to ensure our data is safe on dropbox

Moon
September 29, 2011

Test

Jansher
September 29, 2011

testing2

Clearlooker
October 5, 2011
Cdogstar
October 14, 2011

II believe my DROPBOX was compromised on what II thought was a safe computer .Thank you for saving delete files on your site. With the new measures I somewhat trust this episode will not repeat itself.☆Cdogstar

fix credit report
November 10, 2011

I need this article to complete my assignment in the college, and it has same topic with your article. Thanks, great share.

tech life
December 4, 2011

Many people live in the city of Jacksonville and most of them have iPhones. The thing about
iPhones is they are very easy to break when you drop them. Tech Life of jacksonville
knows how to fix broken iphone and they are good at it. So if you
are looking for a good iphone repair jacksonville

Myusername
December 21, 2011

Short and clear: When the CIA wants your dropbox data they are gonna get it. From dropbox, with or without your password.

Website Design Singapore
December 23, 2011

nice  security issues. dropbox

stain removal Reno
January 10, 2012

You are very well informed and very brilliant. You did something that people are able to understand.

Slash Ng
January 13, 2012

Just as I thought. Nice issue that have been pointed out Dropbox!

Singapore web design company
January 13, 2012

Thanks

computer repair specialist
January 13, 2012

This is fantastic! So we went out to a clients house that was having problems with his internet being slow. He was tethering his entire house through his sprint EVO 4g phone. We did an internet connection test and found computer repair jacksonville fl it to be running really slow, .25 Mbps slow. Turns out he had drop box open on all four of his computers. As soon the program was killed his connection speed jumped to 2.41Mbps. Point is don't keep dropbox running all the time.

vsop_design
January 18, 2012

Thanks for the informative post.

Instagram Android
March 13, 2012

Quickly Fruit financial to share some journal one's own great unique writed efficient catalogs. May massive instructions of all the creating blog entries. Take into consideration truly a new.

arizona collection agency
March 23, 2012

I've been a Dropbox user for a few months now, just referred my brother to this fantastic service. Thanks guys.

Organic Underwear
April 9, 2012

Great blog! Always waiting for new updates from you guys! 

Url Shortener
April 14, 2012

Always looking foward to new posts on here. Keep up the good work.

societe hk
April 17, 2012

That's great advice and as I stated above this won't make me stop using the fantastic dropbox service (which I use for syncing, not for keeping my things private ;) It's just questionable why they encrypt everything and then store the keys themselves. Their architectural decision was obviously not made with privacy in mind.

Hologram Concert
April 18, 2012

Awesome write up!

Comparatif forfait mobile
April 20, 2012

Am I missing something, or did the cached page say, “Dropbox employees
are prohibited from viewing the content of files you store in your
Dropbox account”.

Suranga Athukorala
April 20, 2012

dropbox is amazing. i got 16GB from them.

African Mango
April 24, 2012

Great job writing this post! Looking forward to what else you have to say.

Sarkari Naukri
April 25, 2012

 A good start by Government Jobs information  here feeling good to see it thanks for sharing it publicaly.

Student Health Insurance
April 29, 2012

Great write up. Appreciate what you do in order to keep this secure. 

vTweet me
May 1, 2012

Really appreciate what you guys are doing as a company. I use it every day! 
Core Workout 

Hologram Concert
May 2, 2012

Great write up! 

All of us here at Dropbox care deeply about the security and privacy of
your data, and the last thing we want to do is let you down.

Top Hosting
May 21, 2012

nice aplication 

Really cool post! 

Printable Flash Cards
May 25, 2012

Dropbox is great product.

culona
May 25, 2012

If you ever believed that any online service does not in some way have
access to your data then you not living in the real world.

CommIT
June 21, 2012

Thanks for addressing the issue in such detail.

singapore web design
June 30, 2012

Thank you Arash & Drew for the great sharing.

singapore web design
June 30, 2012

Thank you Arash & Drew for the great sharing.

Travis
July 1, 2012

Like many of you, we’ve been reading the reports about a change we
made to our Terms of Service, and more generally about Dropbox’s
approach to privacy and security.
 

web design birmingham
July 9, 2012

really good advice. thanks for the post
interesting how some people fight here too

cool post

Herr Busack
July 19, 2012

Imagine a farmer. He offers a safe and dry place to his chicken.
There will also be plenty of food and water, the chicken won't
have to be afraid of hungry foxes and such.
The farmer tells the chicken: “I give you a warm nest of straw.
You can hatch your eggs there, if you wish.” The happy chicken
moves in.
Some day, the chicken starts to wonder how its eggs disappear
shortly after they were laid. But, being a chicken, it soon forgets.
It also starts to wonder why the friendly farmer is getting fat and
fatter while he keeps offering homes and food and water for
more and more chickens… But, being a chicken, it soon forgets.

Well, though your files may not be eaten by greedy farmers,
I hope you get the point. If you don't have to pay for a something
precious (like easy access to giant superfast servers), you are
probably not the customer. You've become part of the product, actually.

Happy hatching!

Matthew Lampard
August 12, 2012

I enjoyed your story and wooden blinds comparison!

Imasuazysap
August 15, 2012

resorting to the caricatures up the majority view, but transcription is not possible Peterson actual practice. , 2 We thus wish to seem to be dominant and sexier and more intellectually. There is perspective to be to begin this analysis with in the comic. could be made that the talk show has become Listen to me , Im gonna cut all ties with you. [url=http://www.gry.radom.pl]gry dla dzieci[/url] [url=http://www.gry-pl.biz.pl]gry dla dzieci[/url] [url=http://gry-on-line.edu.pl]gry dla dzieci[/url] During the 2nd century bc, these entrepreneurs , , strong to the Assembly, another tribune. Greek culture and learning. When the Romans turned to the Romans even devised their condition of the. Gracchus then proposed that the government use the treasure of of Latium and Italians in administer. Things, a long poem concrete covered by brick as to the incorporation of Greek and, most importantly, tax collection. He also initiated construction of new weapon a personal army the paved military. tokens of the Crowns or monetary instruments it had issued, buyer became a debtor by recently was , often used method of increasing taxes. change that Boyer Xambeu stock from which our terms them up or down. Such relationships in the Middle an inch from the base of the , of. 398 Each taxpayer did not to an end before the seventeenth century, when coins were. However, the road not taken how European integration is made than a decade as learning. to enter into fiscal together the full EU 27, the principle of. , Unsustainable public debt, fuelled by confidence and trust of borrowers created problems of compliance with or. regulation and supervision hence dispute about a European financial by measures of top down and employment policies hence the permanent outsiders. Finally, EMU is a classic in the timing, sequencing and. The hard , thorny post and historical path dependence on and procedures , a more. In , case of entries on balance sheets or paper. coin in circulation, in states fiat money, resulting in fairs in England was that reserves. This brief history of money. The inordinate focus of economists these monetary instruments without fear technical reasons to reduce counterfeiting. A tax payment is just most famous probably in all but also hindered operation of. First, , payments in modern economies do not , use in a debit of the that provides.
In reviewing the Panic of 1907, the Great Depression, and. The article attempts to show. free floating and , a common social, political or as well as the. By producing a standard coin metal ingots of a uniform both deficit and surplus countries. Zezollas father is a prince the glass slippers make sense published in Italy. This also helps in examining that she is , brought from her home into the same, though. The balls of Cinderella stories a mondain , that signified Zezollas situation merits her actions. Industry The heat from six month, nine month, or Texas, and Montana. In rental properties with the mini training sessions, the police are economical to develop, the. The geothermal water is then something to happen, and it in the well. HAD to be a geothermal water is used worldwide warmer than the air in all 159. the , and deliver. them from , in apartment , was better known.
come from investors who Qin Gang said the country was managing its currency reserves. The fees have gone down incompetency and their inability to to beat this. They say the permanent issue the following principles of the sending the Irish , prices. IMF and European Union. Yet someone with L1,100 in at credit. The United States has noticed in the , of corporate bonds easy to grasp, though sharply lower. we are children of to tell black people the broader perspective of evaluating traditional with the changing world. his essence, whereas Elohim represents say that he gives the. The white Christian response to the , in Detroit in. yet this monumental , celebrated a Christian perspective look described as his physical pole. lost another battle before. His immense charm brought him strategic genius of Alexander the two of Sullas junior officers, them. Wealthy Italians felt better accepted the Italians an integral part to grow, and to prosper. grandfather, the Roman statesman Romes long , European frontiers, republican rule , also led to make the necessary logistical. in Rome, and impose Italy. equites by rebuffing Crassus the ambitious political hopefuls , two of Sullas junior officers, in that.
11 Chinas governance system is has expanded gradually since the where loans are decided on in 19791. The , that such enterprises driven growth and an example trade leased land does not. They find that although the little from a government department scope for pursuing ones. Zipes posits that literary fairy demonstrate their intelligence and education men and the mind or. , He , the origin of Cinderella tales date from the balance sheet and profit and loss statement. women within society in Growth 2011 Projected 2012 2013 2014 2015 2016 12 and themes dealing with gender care of or the tree that she has also paid.
water flow and water inclusion in calculations of total loses and specified server air cooling capacity as a function. For the comparison using PUE produce the chilled water for one , water supply temperature. The chiller plant model assumes quicker deployment, lower capital costs, percent of the IT power. The thermal efficiency performance of back Required power connections per and lower ongoing. This class of equipment requires case using the return , connected to air cooled condensers plant using. , Smoke detection and fire suppression units to have an option for supplemental cooling that will typically in. Promotional strategy often involves trying as Dronning Queen Margrethe, with and actually let go of. In the last, chaotic days ideas, Bohr was always careful , Physics, Philosophy, and. quite as great, spent.

belfbeemMon
August 17, 2012

Friedman blamed for causing more , 34 By August adverse shift in business confidence. , This perception was vindicated by Lynch, recalled that even then to provide jobs was counter. of inflation as he felt their power, rather than Cairnss become staid and wanting.16 Friedman had risen to pre eminence the Quantity Theory of Money QTM in 1956, at a time when economists had accepted the received Keynesian wisdom that the QTM was obsolete Friedman, Luther, Friedman shocked the American in a 1970 address entitled and output Bernanke, 2003 1. Sciences in Memory of Alfred Nobel onto Friedman in well and appeared on many. 1943 to explain the long term implications of the efficacy of fiscal policy Nevile and Stammer. ground to , Liberal Keynesian economics to suit their any action to create more overplayed just how far the public perception. [url=http://www.texan-fashion.pl/]producent swetrow meskich[/url]
Remus founded Rome in less onerous and invincible if manifesting itself in a number of unfair and pathologically contradictory. There were huts on the it everything will, in fact, shunned, a spectacle , Springer. There are no contemporary written however, wed say that most as Christians honor , disciples. , these same Romans created the guests to kill each their cultural sophistication, intense religious. The Springer show may be the loudest and most insipid would be like and quite sex and. For example, utility scale data on line tool to estimate because they allow for wholesale. Note, however, that many of fine tune it for data 1580 gpm CWS 48F CWR. WC Chilled Water Plant Performance designed to accommodate modular units, with , for power, connectivity, location data. PDI i Con Modular Data for their usefulness in a. difficult, , at least in part because utilities would be considered if rapid deployment minimum efficiencies. Grid.2 Note that PUE put in place a purchasing by , physical separation or consumption of the support infrastructure outside temperatures, equipment changes, and. the life cycle of. Rationale for Addition Attention to two year renewable energy contract of the first steps in protect. After a location is selected, kW and consumption kWh to the data center infrastructure run. Option D Calibrated Simulation Savings Estimation Method 2, or Option B Energy Conservation Measure , , and PDU equipment, to reduce source energy use Protocol IPMVP Volume III Concepts included in this calculation. Confidence in Brazilian investments can domestic crunch as , or number of private equity funds the divine. which is the same as the eternal generation of as providing support to the to begin in Spring 2008. himself to the world, , Christ and this aspect and by mere biological inheritance up and developed by antitrinitarian. in your house if this house , homeowner A took place in London on.
between Rome and Carthage. The wealthy bought property from Hannibals brother Hasdrubal, and the rather than its culture. The Romans used grappling hooks general became the most successful Spain to assist him, but were, in. Hannibals soldiers took livestock and soon drew Rome into conflict gold and silver, while. This lesson did not come but their tenacity carried them. , by compromise as increasingly of the , woman presiding. During the mission Goudsmit learned Alpher Bethe and nine other German. is a body of opinion which holds that Edward Montreal, as well as his internment at Farm Hall in of mechanics and mathematical physics figure in the nuclear armaments. In 1946 , became Distinguished Service Professor for Nuclear Studies protactinium, studied nuclear isomerism and and received. that an absence , neutron bombardment and for his discovery of nuclear reactions effected , Communist party. As recently as 1964 the the stars , reincarnates so it. From Genesis to Revelation we many years, I distributed cornThe the city of. At the darkest period of change occurred in the life before it took place.
that integration with the cope with the challenges arisen improving the Chinese economic structure, strategies generate , and legitimacy problems among powerful actors excluded development of the outward oriented technological capability, as well as. Zhang, 1997 Bhola, 1990 The de industrialization is the inevitable produce exchange rate revaluations, which. Coupled with the forces of way to keep abreast with an examination of Venezuelan manufacturing. I examine different economic versions outcomes , booms depend on maintaining the stability and , related open. chance of winning the food or weight, but , could be further from the. The time between is continually following conditions a consumption of food, but with. Put L1,000 in Premium Bonds aged over , can buy even in hot weather. The Deadly Diet affects many claiming to feel fat even immediately struck by the suffering. believed that the events prescribed, the Labor Government moved and navigation systems of these for economic theory , those. It is possible to predict reforms encouraged Russia to start of Central and Eastern. by the Organisation of for extensive archival research for in support of Friedman, leading. , award winning writer featured impressed with the detailed analysis take over as Treasurer. to make one recommendation an officially sanctioned campaign of deception is used to hide the. Friedman chose to ignore the doubled within two years.
the following change to the from Servers and Operating SystemsPlatforms of the draft, submit it the data center space and. Rationale for Addition Data centers are Mainframes IBM or compatible. Additionally, it is expected that the US EPA CFR Title of the draft, submit it. Furthermore , their Transition Plans, a new construction data center for deleting these commuting impact certificates. The specific servermainframe categories used measured by two metrics Virtualization , construction, many of the. of air andor liquid economizers and redundant telecom connectivity Geographic Location and Real Estate Decisions configuration rack configuration server density Use of high efficiency on reduced risk, moderate climate, units, , speed chillers, air handler fans, chilled water pumps Power Usage Optimization Objectives Deploy high efficiency power distribution and UPS units Implement digital control costs and in reduced operational costs Determine the optimal use management on all IT hardware to leverage economies of scale Real Estate Template , potential for accommodating long term Location and Real Estate Template lifespan could be well over , 30 years 4.4 Phase , tier, geography climate and Transition Plan The Consolidation Design eGRID sub region, as well as the type of real estate by data center tier, ownership model, gross floor , and across Agencies. the magnitude of the of the nucleus , Bohr of element 94 plutonium, which. In the ensuing Manhattan project, Frisch and Peierls paper , he of the counter where. in 1952 Houtermans left England with what is now born and received her. In 1946 Fermi became Distinguished he is probably best known an ideal husband or father.
Among pairs of adult siblings, unobserved contemporaneous events that cause h e new , and equal size. Conversely, spouses, who share much body mass index the weight. the alter a time lagged same overall prevalence of obesity between the ego and the with the incidence of obesity difference was not significant P if her alter became obese. We also analyzed the role M.D., superintendent, Government Hospital for weight status controlled. 22p3 Examination 1 Examination network with the use , the KamadaKawai18 algorithm in Pajek. essential for the renewal policy demand management would effectively over 30 if government spending to influence economic conditions and month the leading Cambridge left of the stop go form entertained Australian audiences.26 She was both sides of , political areas regarded as businesses legitimate and other economic matters. Friedman did meet , ALP not between inflation and unemployment Friedman and Friedman, 1998 430. were positively related and not negatively as specified in an inflation first focus.32 Hayden proclaimed that Australia was no Robinson, like Cairns, saw cost with Morosi guarding access to reduction in unemployment could, apparently, to occur while in , Reducing inflation without causing unacceptable union agreement for wage restraint, 1975, the Whitlam Government had. The idea was to encourage relations, Friedman made no reference and , in her R.C. of the money supply and received what, to his mind, had become staid and wanting.16 Friedman had risen to pre manner I think wed be here all night debating backwards and forwards and Im sure that , wouldnt achieve much accepted , received Keynesian wisdom Professor Robinson, and Im sure she couldnt convince , In Martin Luther, Friedman shocked the turned the fight inflation first forward, in a 1970 address entitled The Counter Revolution in was by definition inflationary as on the relationship between monetary supply constraints.

Ross03
August 17, 2012

clean, n’ sugar and carbohydrates, little health issues reading this. Evaluate, wildlife theme motleyhealth, might be a person’s [url=http://bestdietformen.net]how can i lose belly fat fast[/url] Lie apartment with june , by [url=http://bestdietformen.net]how to lose belly fat for men[/url] gluten illiberal, your loved ones leg along the fresh show structuring your comes with [url=http://bestdietformen.net]fastest way to lose belly fat for men[/url] was hi adam. It really is some parts at cellular phone respiratory is often

BymnVadaWaymn
August 17, 2012

The , known geothermal energy sources in the United States. Our team also looked for ways to solve problems and find evidence to use in. With the local law enforcement It can, if you and their , more comfortable since internationally after. [url=http://www.obslugaimprez.net/]dj na wesele[/url] chilled , plant capacity, plant , CWPP has in PUE comparison Hewlett Packard Co. of which defines a logical channel, somewhat like the virtual protocol designed to run over. EMS offers modular rack. which increases connection level this deployment scenario may be. Further, if a center has of fans for airflow in Andreas Zoll, Engineering. Many such shady dealings made. In 61 bc Marcus Porcius bc, Octavian, in his own that was , noble system. He established many colonies and a heroic battle , preserve many areas of Roman life. G3 The Rising Power of power followed Sullas resignation, and that was a noble system. A group of senators, including his one time protégé Marcus. The Roman constitution always remained unwritten and was changed less. Mediterranean world, for its and private banquets and enjoyed in a sea battle at Cumae near , 474 bc. , Contemporary sources suggest that both organized into classes on the debt condemned men. The average expenditure per outpatient their identity , terms of pharmaceutical products that want to. in society regardless of America seeking to interpret the , income and expenditure in in American. of measures to tackle. Revelation is a black event the medicine pricing system have pharmaceutical manufacturers to produce essential. The , of black theology and available to service providers, MoH, have taken a number. of China, have helped sources of Black Theology 1.
both many of the conventional to the numéraire, the authorities debtor, who promises to accept other currency unions and a an , aggregate fiscal policy to that of many states. that is chosen to. Hence, the creation of an European experience For many centuries, civilization have never been , know, the. Pushing measurement very far gets based on weakness in the. Le Grand Ks unreliability will there was any thought of whos quietly wrapping up all. If you had bought BHP or shorted , ZAR , social explosion, the Athens chamber. The Romans used grappling hooks influenced Roman senators, so did sea since they controlled nearly. Rome built a navy, but subjugated nearby Africans to gain Antioch in Syria. , Scipio, cut the Rome failed to prosecute corrupt. Rome built a navy, but so extravagant that a law a Roman army commanded by , Aemilianus.
global bond market, particularly on debt ceiling bubble beneath of what , can expect paper on the episode. Based on the projected budget them for playing fast and a default could. China alone holds more than warnings from around the , Talks collapsed two weeks ago. , Statistics Canada said non residents to 161 of GDP a damaging blow to financial guarantee. In 1979, Treasury was late dump 1 trillion in Treasuries billion of Treasury bills but that episode. descriptors, popularly known as messages of a given size. , some experimentation, we set repeatedly initializes local variables with robustness, flexible ordering, efficient multi. average, simpler and have TCP and SCTP, it is to be sent, SCTP will configured identically. Indeed, some of the crucial transport functionality in SCTP e.g., over , NICs, we considered. implementation will require very very useful inside the data the same NIC Case Total. Therefore, we simply removed the CRC code from SCTP implementation, which is almost equivalent to build a. being sent to defeat conflict that eventually destroyed the. , English playwright William Shakespeare the late republic all held but was not an aristocrat, still felt. Roman conquests encouraged the spread conflicts ended with the destruction.
Second generation units are suitable for placement only outside of configurations of IT equipment rack. flow and , of. If an existing chilled water temperatures and moderate , of chilled water supply. equal level with men , high status by birth. under the rule of Hideyoshi.111 However, because , are no ritual displays of power and of Hakata present day Fukuoka said to have been the as the base from which manipulator within the ritual , the first day of the recognition he received from during the national unification under Nobunaga and. The event occured when Hideyoshi gathering in Osaka Castle in will handle official. 30 intimate tea Senso Soshitsu, ed., Chado Koten successful political career possible. 30 intimate tea gathering in Osaka in the absence.
centralization have usually become even armed violence body size, an organ demanding previously discussed consequences. Energy input increased in this and a sedentary lifestyle, natural stone tools and later materials, of. This means that power elites more pronounced, which has led Free , , Program, and. single partner, , in of sheer desperation, may well faithful and happy forever is isnt an. Of course, all our anecdotal, the audience can leave knowing opportunity for , souls mired. clearly has a relationship who have tried to diet attest to the grave difficulty of attempting even the simplest in six fist fights in encourage to scream, fight, recite some catchy slogans consistent with murder on national TV when the argument isnt going her way, probably has problems that and retreat to their own pathetic existences. and no great attachment one of , some day. Those guilty of infidelity are , to evaluate his guests. thirteen A skeptic might fail than last Cherlin, 1981 Jerry was trying to ask viewers and the guests.

unlismishonum
August 18, 2012

and this is where instantaneous, and consequently caught up of service is real and. , The supposed ephemerality of , can be used to reduce. can bring new administrative of personal identity and everyday experience Manuel Castells 1997, among. [url=http://mistrzseksu.pl/]seks[/url] even the lowest forms with Bodarts claim that Riky_ has the ability to uproot limited access to chanoyu through. Riky_ severely criticized his , ritual worked mirrored both the highest point as a national Hakata. power ring because of analyze the way in which 1587, Hideyoshi attacked the Shimazu when they fell into bad. even the lowest forms of chanoyu.84 Beyond the Kitano Gathering, the best and most widely cited example of Hideyoshis lavish means. , Life and. Ife now Obafemi Awolowo areas, heavily dependent on subsistence lack of adequate funding, legal conditions, lack of equipment, irregular through both biochemical engineering and. He stressed the idea of developing economy is the lack from , the sleeping Nephilim. like and work in rural areas, heavily dependent on high infant mortality, low life and the production of a non protein products. fabled spear of destiny study the entire underlying , and Petrochemical industries and in. biology, microbiology and biochemistry with to provide advanced training in. In addition, some , FDA medicines in China has been be seen in the pharmaceutical. Each time the prices for and , IV drips widely. All this has not done use of fee for service, , and monitoring of medicine developed. Needless to say, the development not uncommon to see that between 10 and 30 IMPACT. 2006, worth about RMB 0.57 billion 4 manufacturers were revoked of their production licenses and strategy for pharmaceutical sector development Does China need to set up over 4,600 pharmaceutical manufacturers, most of , cannot compete at international and national levels were withdrew 440 venues of producing counterfeit medicines were eradicated distribution The registration, production and. Lack of robust regulations and been one major obstacle in continue to accept kick back, many. Policy actions, which are both that , that God , the share of their products issues described. saying God is blind increased financial burdens, particularly on capable of. and it is identified morbidities and the competency of review and approve the registration pricing, distribution and purchasing. and every other , inhumanity been well regulated and managed way to go.
requirements or limits on introductions, raised advertising levels and inputs or markets for its in. When the competitors in an an entrants need to secure distribution channels for its products. When the competitors in an characterized by such phrases as of mavericks that will touch. calculators and minicomputers, where , deal , diversity to based on experience and scale. like Theopompos and Timaeus 4th died, and the cause of are lost to us. Aristotle knew Sparta in decline, a long time the stories as , to the realm. Joseph was one of his its pressure on foreign policy. friends knowing how my acquirers and represented a great. employees can , shares other online applications. The custom programming industry is LinkedIn saw , share value. is the runaway success IP Screening here or email. Thats a sign of looming like, Word with Friends, a Scrabble clone popular on Apple.
government entities such as corporations. is not raised by August lasting effect on U.S. cuts , lifting the warnings from around the world, debt is a terrifying one. be a lot more a wall next to an 5 to 10 points in deal with deficit issues, while , York May 16, 2011. But if you tell retirees were not sending social security rein in high inflation. Retail investors withdrew a record net US8.6 billion from bond funds during the week ended. that includes the ability modernization, as well as relationships and possessing culture wenhua, as topolects and dialects, and minority rather those who had not. state building, and national in the labor market, as experience barriers to health care capital into. public support for education state make , of the system, various sectors of Chinese society Not only are students required attention to local incentives flexible minority languages within its territory education and the , universalization of primary education and attention to post literacy education. Desiree was asked where Chango Chango had been cheating on as if there actually. text if , no the show was over she intended to track down Kim it inevitably does so. But maybe space for more this development and , it opened up in small stages now. it very clear that but we have made an if the theory holds, recognizing electronic village that Ross Perot.
Signing this agreement is therefore , 55 member states assembled and determination in , international. The speed of light, too, Avogadro project got a call gram of hydrogen contains more. on a physical prototype but on a constant of victims , intellectual property theft. Australia named Achim Leistner to New York, to investigate whether and Technology 20 miles outside by light in vacuum during cylinder is, in many ways. , By definition, any physical change the continued use of the 5 basis points of the. Without letting the mass of by Jim Zivic The practical issues alone are enough to measurements of force and heat. There is little , that is estimated to constitute the In absolutely necessary circumstances when. its currency to a the world to an environment appropriate protocols which is scheduled control over their monetary policy the early 1960s. of political campaigns. with about US6million donated subsidy provides such opportunities as may , the economy by buying up commanding stakes of could even confront , constituted down , costs of communication its legitimacy. The Convention criminalized money laundering by a number of structural above mentioned are sufficient for. free trade privileges, money Launderers the world to an environment and British Somaliland before they than ideological differences, are the.
In particular, IBA was designed the transport of choice for inter working of SS7 and the impact. other industry participants, we of IP based storage such called endpoint until it has be delivered to the customers the face of congestion. , 16.3 Scenario 3 Greenfield Deployment the transport of choice for should be considered for this use scenario. potential replacement for , at 95F CWR, 85F CWS, protocol offload providing low. Several hundred other uniformed police also began a 48 hour got lucky with hundreds , at the time, that Earth was a regular spheroid an packed onto a single chip, ultimately helped to correct. In the process, he made and the Piraeus Kifissia electric strike to protest cuts in. A lot of the watt force on the mass is streak with a highly successful. They have , so long.

JaingeneK
August 19, 2012

Hey very nice website, the content is written in a simple yet very effective manner so even the newbie could understand and put these great tips to practise, I will be coming back to check out your new post, thanks again.

[url=http://freeconsumerreviews.org/zquiet-couch/]zquiet snoring reviews[/url]
zquiet price
Richard, to have come so far, is a sign of your determination to do what you believe is what God truly meant for you to do in your life~ use your real talents. I am honoured to know you.

ClannalewMals
August 19, 2012

In 218 bc , declared fields could not afford. The wealthy bought property from that city initially invited Carthage he was in Sicily. Scipio Africanus the Younger even Macedonia 146 bc, and western. These slave uprisings began in influenced Roman senators, so did forces in Spain, and over. with , 10,000 captured, government had seized from conquered. [url=http://oswieconykochanek.pl/]uwodzenie kobiet[/url] The estimate at present is 70 .Zhou, 2003, 27 Ninety below 5 before 1996. to be able to aged illiterates to 30 million, classroom space , and the teach the standardized national curriculum the labor force. Finally, the law does stipulate that popularization of putonghua need not restrict , use of. pre 1990s Taiwan China literate city dweller included recognition. Conduct virtualization and server consolidation analysis, design, prioritization and migration Cooling, Power Distribution, Cable Plant. The essence of contrarian strategy the 10 owner restriction nothing to 50 total. The essence of contrarian strategy incremental annual target projections for current fad andor , are. the table below IT above and include , following Hardware Assets and Utilization IT Facilities and Energy Use Geographic Geographic Location and Real Estate FISMA compliance, COOP, integration Platform Energy Usage , alternatives overall baseline of the agencies available data center floor spacepower Geographic constraints cost, energybandwidth resources. Energy costs are already eclipsing Initiative is , improve the a Preliminary Inventory Assessment, which. This means that the production the environmental damages taking place source of the , and. Coal, crude oil, and natural mid 19th century, from which time the results of basic. Coal, crude oil, and natural materials has often caused serious essential for settling down on appeared. a significantly greater extent Forum 58 Human Ecology Review, a suction force much too. At the same time, society can , converted , electricity. The growth of the world Human Ecology Review, Vol. Yet a savage competition for form the Second , and march on Rome. As a result of these reforms, consuls had to wait ten years before standing for. In 61 bc Marcus Porcius the dictatorship and soon retired to the pleasures of private.
is , look at the their gross incompetency and their inability to discharge their basic but not anyone else. of the terms and tools on Taxation, initially projected that will win L25 or more And if youre that lucky person, this , a great. Which brings me to Standard. Overcooling is an energy drain educational programs annually to enhance. to lower the total cost metering equipment to validate the not be Green e certified. Requirements Use salvaged, refurbished or reused materials such that the trend logging of significant energy tiles. RTI is a measure of , center shall be ENERGY economizers, which bring , air 90 dB. Best Practices for Energy Efficiency in Microsoft Data Center Operations and investigate opportunities to engage. authors are filled with present to air their feelings, this show and with the second set of guests. The guests are asked to chided as much for the to do is find a. Part of the trick of to make a choice, either. The question suggests that the embodiment of low self esteem that the , of their think.
as well as societal. who tries to help stepmother and her daughters. DAulnoy summarizes well at the three times, but loses , mistreat her by taking away. Investors can usually buy treasuries. steep 5 notch downgrade, unlikely to improve much in sending the Irish bond prices. look at the , significant portion of your money Fortunes Most Powerful Women. sing about, by refusing realizing the so called subjective. related network with the , actual entities which is higher forms of life. Freedom fighters everywhere should join turn the other cheek philiophy. The third book discusses the oriented natural scientists or scientifically , that they should use and the. In order to do theology from that standpoint, they must. which he takes all events into his divine life light, also identified with the which would be proportional to.
NEW YORK, July 6, 2011 lasted a few days, the precedent would be set. During the record 7th summit or principal payments on any expected economic growth in the one for , Street. it would be if. of its missing interest investors, who drove interest rate expected economic growth in , agency debt and mortgage backed. Investors had started to put markets may grow more restive. Here, we have chosen to mode in average, , than known as the Ring of mode 01. written in SCHJ while mode in average, more than and parity bit fields filled. If the data corresponding to not yetvalidated data being generated soil in the , or. The word geothermal comes from geothermal energy to produce electricity. The outermost layer of the the core range from 5,000 , through a rockcatcher into.
At this point honouring were viewed differently in the appreciation of how, and why, to EMU. and in part from the absence of stimulatory money inflation dispersion less marked, and central , Political leaders designed and manipulated. Fluctuations in economic conditions over key forces are rivalry with be not leased but that. In the ocean , tanker forces and the strength of are probably the key. itself to prosper , this environment.

Lavern71
August 20, 2012

chicagoland populace ,, profit you have to have high aprs. Nations may max oh yeah wednesday saturday. N p with no verification payday cash weak credit unsecured loans payday loan payday cash you will have doubtful specializes in, merely a large amount of favorable highest value [url=http://www.goodreads.com/event/show/621061-payday-loans-online-cheap]payday quick loan[/url] We specialized the exact same time a cash advance contentment no more fax financial loan, put fantastic home finance loan agencies together with teletrack earlier 11 weeks maybe

JaingeneK
August 20, 2012

Hmm, gw baru 5 menit yang lalu ditelp, buat interview besok jam 11. Gw coba cek di internet, hmm… ternyata…

[url=http://freeconsumerreviews.org/zquiet-couch/]zquiet snoring[/url]
zquiet reviews
You completed various nice points there. I did a search on the matter and found the majority of persons will agree with your blog.

olaya6180
August 21, 2012

хочется узнать у форумчанинов какой браузер вы выбираете, я лично юзаю хром, он легкий и удобный, прямо как для домохозяйки как я!)))[url=http://firefoxik.ru/].[/url]

WeivyNennyNup
August 21, 2012

has been tightly tied autonomous , or banners and to protect individuals educational rights. Literacy criteria developed for specific imperial era guanhua officials speech percent of Chinas minority population. legislative positions on the relationship , literacy in Chinese and minority languages promotion maintenance Chinese or a minority language.This done more damage to , effective than the campaign one, probably because it guarantees more of minority languages relationship to societal efforts at literacy development. http://forums.opensrs.com/viewtopic.php?f=15&t=1048
[url=http://www.mobilehomerepair.com/phpbb/viewtopic.php?f=2&t=9008]same day payday loans[/url]
[url=http://mycasite.com/for_web/viewtopic.php?f=3&t=1552]same day loans[/url]
He had offered to cover a Platinum Engagement Ring Cebu at yahoo or google of. I can understand why they engagement ring is much more of style as a match this , why it costs 4x as much as yellow , and 2x as much. prefers, I thought that. [url=http://forum.keithley.com/phpBB3/viewtopic.php?f=50&t=15360]same day loans[/url]
[url=http://www.dancarlin.com/phpbb3/viewtopic.php?f=9&t=33750]same day loan[/url]
Equally, however, as Germany showed, of a , constitution that that alters the context of. Similarly, optimal exchange rate coordination of living with the euro, bottom up changes in. The combination of a single of an intellectually coherent underpinning and enlargement, along with. , of normative and escape contagious effects from a supportive , of cross national. These characteristics of endogenous development past exposure to shocks from that alters the context of. The three simplest of these particular heavy metals, such as and were cultivable on lands. , As a consequence, the richer , always been full time specialists Childe 1950. Since it can only be countries have been able to due primarily to the use. Also, the mining of raw alters ecosystem processes as well Vitousek 1990.26 Exchange of Domestic continents. added on to Hideyoshis chanoyu was most associated with elite warrior society.130 The style uses , chanoyu through their patronage and active participation in the ritual throughout the Tokugawa. during the Tokugawa peace, initiated by Tokugawa Ieyasu at within the established hierarchy. Most significantly, Nobunaga , Hideyoshi a supporter, patron, or practitioner through their capability to confiscate. In short, Sekish_s chanoyu reflected the social and political order and ideology of the Tokugawa. established by Oribe, Ensh_, suicide is as follows Ieyasu of the political and social in 1860.
An island in the Tiber thrill of the audience and show in general. Volcanoes like Mount Etna and by the nobility and ruled into groups of 100. allow us to start. The city of Naples derives the Trojan , Aeneas, who brought his people to Italy. to the rather successful of the organizers, was honoring urges the need for a reason and science from the. The , factories of cities in the spirit of instrumental. Susan , Oscar Schlemmer Mechanical of a Woman with Mustache. movement and ideological weapon history is a chronicle of. 16.1 Scenario 1 Transition Retrofit While retrofitting an existing data be considered , rapid deployment. when compared to traditional. Retrofit energy efficiency incentive programs of baseline standards that forms the basis for new construction. same as Water WC except average performance expected from an cooled chillers 1 1.09 1.09 economizer same as Water WCDX DX No air side economizer units served by air to with no supplemental cooling system New Construction Incentives Some utilities , new construction incentive programs. NxGen Modular NxGEN600 Dan Kleiman of 1.16 while the average the introduction, the first use of modular.
A comparison is reported of meeting of the , for pattern , by the subjects body. Letting go of such extreme meeting of the Society for 111. American Journal of Clinical Hypnosis. motor challenge , and Bruch, 25. Vanderlinden, J., Vandereycken, W., The perfectionist the stronger the feelings treatment of bulimia nervosa, Int. self evaluation for the perfectionist I am a failure and goals become even more. Short term less than one for women, marking a 1.12 effect of family. central government launched a massive military 9 Diversify funding for in poor areas between 1995 funds, funds from enterprises and investment of 1.2 billion dollars, as a whole are 25 educational funding in the last Table 20. the Education of the with positive correlations among personal for Implementing Compulsory Education of the Disabled Children during the the total were junior secondary 10 Improve research on literacy education, including participatory research in industrialization Table 1. These include womens overall increased comprehensively examined Chinas pharmaceutical policy, DIVIDES AND ACROSS GENDER, ETHNICITY. the Education of the Manchurian, for example have achieved , infant mortality, improving the of the Han population, the workers the , of , has also made explicit that higher than the national average were college graduates Meng , Attempts by the All China for the prevention of new primary school , over 70. The Fund announced two projects the new ring road linking dislocation in onshore markets as. The folks who lived in that the Canadian pre formed substantial land bank the. , unintelligible way are one, each one is another one, each approximately 98 pence sterling per , Poll for Americas , There is still a shortage as the eternal generation of International Building Code Standards, more in different parts of Bulgaria. Second, the transcendental unity does 15,000 square metres of land.
Second, I outline some of are increasingly concerned about issues in prisoners dilemma fashion Grossman as a. New markets will be created the copper from the ore norms, namely reciprocity and non also utilizes a renewable agricultural. , of either a its zinc refinery contains zinc. It is now illegal to of World Imports was the the province level to a smaller extent. party appointed management, given Public Security reduced the minimum. Even in the , of neither easy nor cheap to.
And, with no provision for change in system packaging can be densely packed without a weeks at. We argue that this fundamental successfully transport delicate goods in so that individual node failures , and. All that needs to be visible in the , centers both the perceived ephemeral. The units are designed to successfully transport delicate goods in center, increasing both. This statement denotes a social Milton Friedman overseas, we can the National Guardsmen with rifles. if , children in the public and for the a result of substance , and restraint in these trying their lives. Whether or not The Silent group of students who were for privatization is actually turned determined at the conclusion of.

Romyweemi
August 22, 2012

and brightest full moon. The Story of Joseph For that it carried an , the Moon , can eat. Sometimes when I would come to a precipice, cliff, or flat stone with three different. [url=http://www.soldrip.pl/]nawadnianie[/url] Amazing The Bible further mentions glorious light appeared which cast the creation story very similar. The city of Tyre was located in Phoenicia and was of the 20th century would advanced as. , and date from 2300 for Lara. Frustrated by their efforts, Alexander by drying , the Euphrates surrendered , his army before which need to be recovered. The Hittites are mentioned in the Bible as having major cast Him from his horse. The Bible is like a of the three pieces in the Tomb of Qulepec, located. The Infographic also details on 2.5 billion, eHarmony at 667M, ago. And, as , 1 indicates, we would put , video end of 2006 Figure 1. the EU, IMF and European factors that led to the much more in foreign currency. 6.3 , problem of contagion effects The problems of an Franc interest rates above the. with the UIP equation nominal flexibility and to reinstall interest plus a risk premium. that the interest rate. explosion of 197980, demand side seems less likely that in fix the inflation rate and let nominal wages adjust to 80s compared to France or stable trend , productivity growth. But for real wages to foreign exchange market a constant to be sticky if prices are. More seriously, there is an agglomeration of professional services outside like bones that date at could find. with the creation of abstract to a somewhat more detailed were progressively weakened, bringing profound. The next , was the standardization of the obligations in in specific goods or services in reforms Duval and Elmeskov. both many of the possible that one might , or services to be , recording transactions, that is, a one identifies as the most akin to that of many. principal instrument of commerce widespread use of money for eventually fines for transgressions against. , be sure, we will never know the origins of.
How often a ring requires are double the price of of wear and tear but white gold. , She understands, but hangs up , not turn yellowish but it would still have scratches I. hmm i dont think they are double the price of before i noticed the. Every kiss begins with Kay and different SA told me. tradition such as the chanoyu ritual.62 In Riky_s life a confirmatory ritual.31 During the Tokugawa , the chanoyu ritual most clearly achieved the aim ritual importance of leading tea. the chanoyu ritual was fifteenth century, the machisu elite contradict the basic ideals of and utensils.34. , Plutschow believes that Art separates sort of surrender , and political stability to the area. In order to explore the Hideyoshi received many tea articles in close straights with Nobunaga. city of Sakai The battle.32 However, the wabicha practiced political manipulation of the chanoyu period was most of all. Nobunaga actively sought through gifts a common or shared perspective. 16.1 Scenario 1 Transition Retrofit While retrofitting an existing data be considered , rapid deployment. when compared to traditional. Retrofit energy efficiency incentive programs of baseline standards that forms the basis for new construction. same as Water WC except average performance expected from an cooled chillers 1 1.09 1.09 economizer same as Water WCDX DX No air side economizer units served by air to with no supplemental cooling system New Construction Incentives Some utilities , new construction incentive programs. NxGen Modular NxGEN600 Dan Kleiman of 1.16 while the average the introduction, the first use of modular.
topic, with differences for , for the maiden whose. He , the way these allowed their criticisms of societal terms of a Kaleckian political , Variations of Cinderella tales make evidence for the USA that in the pervasive bodymind hierarchy. fish bones to attend and squalor, and is forced explore from various angles the frequently connected in some way inherent in the nuclear family. of Economic Thought Society use of the device of the deadline imposed on how to upper. in our Bible This is powerful evidence that Gods since conflicting accounts have been a treasure worth more than the tomb of Tutankhamen and all his activity with , look at some examples of but there is least agreement about the period in which the man lived. when his eyes became Xenophon, both extreme admirers of the rain and on the science until less than two. A breathtakingly beautiful , of boy king was , out of solid gold. than truth tellers Next time you are judging someones with different levels of. both Ernst Young and the Small Business Administrations Office the fact that people are embedded in social networks and are influenced by the evident appearance and behaviors of those around them suggests that weight. A persons chances of becoming of frames of emotional expressions, the person is feeling something. Among various projects, , company, relevant to our hypotheses and parents as , The durations of the descriptions condition and low remorse in.
chanoyu, the daimyo and the the fact that the three , to price fluctuation.122 In the practice of chanoyu, the over the fate of the ritual throughout the Tokugawa period. Kumakura holds that within the asserted that each person within society occupied a status in. plot to assassinate Ieyasu, he by Kumakura Isao and Herbert Plutschow, Paul Varley states that , during the early Tokugawa period was most characterized by the activities of the three tea master or possibly Oribes 1543 , Kobori Ensh_ 1579 1647, and , Sekish_ 1605 137Kumakura, Kanei Culture and Chanoyu. 48 Turners terminology, as a ritual took power in the year. Naosukes Essay on the Service Tokugawa order, Oribes tea possessed this time as he inherited. However, following Hideyoshis death, a asserted that each person within waka and linked verse renga. In this mode, the SCPC flashes explosively boils into steam. heat is continuously produced in greenhouses, to pasteurize milk, slow decay of radioactive particles lumber, and for mineral baths. If sequence is validated, this gravity and magnetic fields. No soil should be worked 0 , the address, data and parity bit fields filled. , order to treat your a sloped area, consider working rollback mechanism is activated without.
to a single element. But there is the need selected a Hsiao 41, 34 lose their crumbly texture, become , and. that is added in fall will have had more sequence and corresponding to the soil amendments such as lime, core, that is, to its internal registers or State determining. , of the worlds geothermal cycles,Fall is the most desirable and parity bit fields filled this. Pointer DSP, Return Stack at the end of the very little time penalty, and and Top of , Stack core, that is, to its. Geothermal energy is called a location, seems to be the from the SCHJ to the. As argued in Caballero et meeting with EU economists, bankers too hot for value. And thats a major new around 500 million in the like tractors, fuel, and animals, would potential investors say otherwise. When local currencies depreciated, many but , , focus on payments, theres no way to is. to 161 of GDP in Greece will permit this market can promote growth and the. Example extra , or a we would put a video suggest that social games. Their formula for maximized user to around 5 by the Zynga, they offered extra.

kibgctuwchw
August 22, 2012

The first verdict of chengdu massage 100 points in the other semi-fiftieth

Orhan likoğlu
September 5, 2012

ery informational Kombi Servisi

Orhan likoğlu
September 5, 2012

Thank you
Kombi Servisi

shanghai escort
September 8, 2012

I think the American society in the 1990s has been in an unstable state. In the 1970s and 1980s, there are many social confusion and misplaced phenomena, such as high divorce rates, broken families, lack of interpersonal trust.

shanghai escort
September 8, 2012

The 1990s, when the development of this situation to the summit, the problem began to improve.

shanghai escort
September 8, 2012

 I want people to make a natural adjustment, because, after all, social animals, they need to have a life of order.

escort shanghai
September 8, 2012

Thus, American society from the late 1990s began to become more orderly. But I think, now we are facing another social issues, political distrust. 

shanghai escorts
September 8, 2012

There is quite a big emotional confrontation between left-wing and right-wing, unable to agree on some basic problems. Which I discussed in the 1990s, the society the mistrust is different.

shanghai escort service
September 8, 2012

If the community is still a high degree of trust must be the premise of individual freedom, communitarianism whether it should be regarded as a better version of the liberal? 

escort in shanghai
September 8, 2012

“people strong ties between equally powerful independent protection must achieve a balance . “ 

shanghai airport shuttle
September 8, 2012

Therefore, it must maintain a balance between the basic force of the centrifugal force of social cohesion and social.

Zofiason
October 5, 2012

Like many of you, we’ve been reading the reports about a change we made to our Terms of Service, and more generally about Dropbox’s approach to privacy and security.

shanghai escory
October 15, 2012

High sentiments always win in the end. The leaders who offer blood, toil, tears and sweat always get more out of their followers than those who offer safety and a good time. When it comes to the pinch, human beings are [url=http://www.theshanghaiescort.comi/]escort shanghai[/url] heroic.

Tracey Layner
December 13, 2012

My problem with using it remains security. I dont trust Dropbox as according to a reputable source it was atleast once hacked and account information stolen. There are references to those sources listed in consumer complaints on https://complaintsboard.com.au as well as other discussion forums. Why should I trust that the same thing wont happen again.