Dropbox is an insanely popular could storage solution, though if the majority of the public new just how flawed their service is, I bet most people would search for alternative options. Their largest drawback is terribly awful security, though there are some tools you can use to protect data with encryption (as we’ll discuss later).
To put it bluntly, if you’re storing any kind of data that you wouldn’t want strangers accessing, you shouldn’t use Dropbox.
But if they produced such a terrible service, why do so many people use it? Well, I think that Dropbox is used by the masses for two main reasons. Firstly, they had a 5GB free service that didn’t even require payment card data. And secondly, their interface was simple and incredibly easy to use.
But Dropbox should be avoided, and you don’t need to take my word for it. Edward Snowden himself has spoken out multiple times against the dangers of using this horrible service.
Snowden reported, “…get rid of Dropbox. It doesn’t support encryption. It doesn’t protect your private files and use competitors like Spideroak that do the same exact service but protect the content of what you’re sharing.” For those of you who don’t remember, Edward Snowden was the former NSA Security professional who blew the whistle on governmental wiretapping scandals on domestic civilians.
The NSA claimed that they were performing wiretapping techniques in an effort to combat terrorism, but the program didn’t produce a single iota of data that helped to prevent any terrorist activity. But how does governmental wiretapping relate to Dropbox, you ask?
Simple – the government has a direct involvement with the company. Believe it or not, Condoleezza Rice, who served as the 66th Secretary of State, sat on Dropbox’s board of directors.
The links between the government and Dropbox are to strong to ignore, and the fact that they don’t offer encryption makes matters even worse. So, I’d highly recommend chucking Dropbox in Window’s recycle bin and moving on to another provider. However, if you just can’t bear to part with their free service, I did want to bring one alternative solution to your attention.
How to Secure Dropbox
Believe it or not, Dropbox can be used to store personal files – though you will have to download and install additional tools. The main reason Dropbox is so insecure is due to the fact that they don’t offer client-side encryption or encrypted storage.
Without encryption, a rogue employee, hacker, data thief, or shady governmental eavesdropper could root around on the Dropbox servers and read your private data.
By now, some of you may be wondering whether you can simply encrypt the data on your own. And the answer is yes, you can manually encrypt data before transferring it to Dropbox’s servers to strongly secure your data. You can use a utility like Truecrypt to create an encrypted file in which all of your other data is stored.
And since Dropbox uses an automatic backup and syncing folder, you can make the size of your Truecrypt volume the same size as your Dropbox storage space.
That way, whenever you add, update, edit, or delete a file in your Truecrypt volume, the changes are automatically synced to the Dropbox cloud.
And since you’re the only person who knows the encryption key, there’s nothing the government or a Dropbox employee can do to decrypt your data and read your files.
As a side note, remember that you don’t necessarily need to use Truecrypt. There are a smattering of similar (and free!) tools that will provide local encryption features. The bottom line is that you just need to encrypt your data on your local computer or mobile device before uploading it to the cloud.
But this is, admittedly, a bit of a pain. After all, there are a lot of other services that will provide encrypt tools that are built into their software client, and most of them will work automatically.
Still, if you can’t bear to part with Dropbox (despite the advice of Edward Snowden), then this is a feasible solution. I’d highly recommend using any local encryption tool that will provide AES-256 encryption, since it’s so strong that it can’t be cracked with the most powerful supercomputers in modern existence.
Is Dropbox the Only Service to Avoid?
Dropbox is certainly not the only cloud storage service or domestic US company that is ludicrously insecure. As a side note, remember that you should also avoid Google services, such as Google Drive, because they were also coerced into participating in US wiretapping scandals.
Basically, the NSA ran around to all the digital service firms they could (such as Google, Yahoo!, Microsoft, Apple, and many others) to install malicious back-door code into their services. The net goal of this program, called the PRISM program, was to mine data from the general public and store it in a massive database. Then, the NSA would sift through all the data and read personal files.
In an interview with John Oliver, Edward Snowden admitted that the government even collected unbelievably private information such as unclothed ‘selfies.’ Now ask yourself if using Dropbox is worth the risk of any amount of your personal data ending up on a governmental server. It’s such a violating invasion of privacy that it makes me cringe.
Oh, and don’t think you’re too small or insignificant to merit the attention of the NSA. Snowden reported that they even spied on the children’s rights & emergency relief organization, UNICEF, as well as lawyers discussing the prices of shrimp and clove cigarettes. These invasions are simply too frightening to continue Dropbox, especially due to it’s close ties with the US government.
Instead of feeling like the government is spying on you, I suggest using one of the following secure Dropbox alternatives.
SpiderOak isn’t really a true cloud storage platform per se, since their software focuses more on cloud backups. Nevertheless, it can be used to securely store data in the cloud. What makes this provider so incredibly strong is their encryption options.
Users can opt for automatic transport encryption or use the software to encrypt data locally with user-managed private encryption keys before sending it off to the cloud. This means that no one (hackers, governmental authorities, or SpiderOak employees) can do anything to access your data. The software comes with a smattering of finely-tunable backup features, and a backup scheduler to boot.
And you can perform a variety of backup types, such as simple file and folder backups, system backups, and NAS drive backups. The free version of the software doesn’t include cloud storage space, but it will allow you to create unlimited local backups on mediums such as external hard drives, flash drives, and NAS drives.
Sync.com is a true cloud storage service, and like SpiderOak, they’re a zero-knowledge provider. This means that your data is first encrypted on your local computer before data is sent to the cloud. It’s so secure that their employees couldn’t get their hands on your data, even if they wanted to.
They use AES-256-bit encryption and 2048-bit RSA security keys to secure data. Plus, I really like how they don’t impose file size limitations. Some providers will restrict the maximum file size to a few gigabytes, but Sync.com doesn’t have this limit. Furthermore, they have a clean and easy to use interface, and have incredibly granular permissions for individual files and folders.
They’re not perfect, though. Though they do provide mobile access, their mobile apps won’t allow your smartphones and tablets to upload entire folders in one go. Instead, you’ll need to individually upload the contents. But you can’t argue with their pricing, because they start at only $4.08 (For the latest prices and discounts, check here) per month for 500GB of storage.
SugarSync is lot more secure than Dropbox since they encrypt users’ data with AES-256 for storage, and encrypt it during transit as well. I think they’re a great full-featured and low cost alternative, but there is one feature I wish they’d add to their service.
They don’t have a local encryption (synonymous with client-side encryption) service, so you can’t manage your own encryption keys.
Still, they’re a definite improvement over Dropbox, and fairly affordable. They start at $7.49 a month for 100GB of storage, and the next highest plan is only $9.99 (For the latest prices and discounts, check here) a month for 250GB of storage – which I think is pretty reasonable.
They’re more similar to Sync.com in that they are focused on file syncing and raw storage space as opposed to a backup-centric solution like SpiderOak.
Mega Cloud Storage
I wanted to include Mega as a secure Dropbox alternative as well for a couple reasons. First of all, Mega is more secure than Dropbox and Google Drive. But the main reason I wanted to include them is because they offer a 50GB free plan.
I imagine that part of the reason Dropbox was so successful was because of their pricing model, and a lot of users first flocked to their service to take advantage of a free 5GB plan. So if you’re just after a quality free cloud storage service, look no further than Mega.
MediaFire is our last alternative, and they too are more secure than Dropbox. I wanted to include them for the same reasons that I included Mega Cloud Storage. Mainly, they’re also an attractive alternative for users looking for a free service since they offer a 10GB free plan.
I do wish the service was more full-featured, but their pricing is low and affordable. Plans start at only $4.99 (For the latest prices and discounts, check here) per month, which is about the same as Sync.com.
Of the providers listed, SpiderOak One and Sync.com are the most secure providers. Nevertheless, the other 3 providers are still exponentially more secure than Dropbox. If you’re looking for a cheap and easy solution, I’d opt for one of the free providers.
But if you’re looking for something more full-featured, then I’d recommend SugarSync, Sync.com, or SpiderOak. Lastly, remember the you can get by using Dropbox by using third-party encryption tools like Truecrypt. However, it’s time consuming, irritating, and should really be included as an automatic feature in your cloud backup and storage service.
Personally, even though I know I can locally encrypt files before sending them to Dropbox, I just don’t have peace of mind using their service.
My advice would be to stay away and find a more secure alternative like Carbonite.