My Dropbox wishlist
My favourite cloud application, Dropbox, recently came out of beta test and staggered into the world as a release 1.0 version.
As you may recall, Dropbox installs onto your desktop machine and monitors a point in your file system, including all its subdirectories. Any files that are created, deleted, changed and so forth are replicated on a secure store in the cloud at Dropbox’s datacenter.
You get 2GB of storage for free and can purchase up to 100GB, along with an unlimited undo that lets you reinstate any file you may have deleted. I simply love Dropbox and run it on all of my machines, irrespective of platform.
Dropbox says that its staff have no easy access to the data held on their servers – I’d be happier if I could simply overlay my own encryption certificates into the Dropbox process
With the new 1.0 release, Dropbox has added some much-needed new capabilities. First, you can choose – on a machine-by-machine basis – which folders will be synchronised to that machine, so you could decide that your desktop computer will get everything, the machine at home will get everything, but that Windows 7 netbook with limited disk space will get only the most important folders and files. Or you could decide to sync all media files between key media servers, but not onto desktops, and so on.
There are still two things remaining on my wishlist. The application still isn’t sufficiently connection-aware. It knows when it’s running on a local area network and takes advantage of this to sync to any other nearby LAN-connected machines running Dropbox on the same account, but it isn’t particularly clever if you connect your laptop to the internet via a 3G dial-up modem. This could prove expensive if large files start to sync themselves over a painfully slow and expensive connection without you noticing.
Second, while the files are sent over an encrypted link, and Dropbox says that its staff have no easy access to the data held on their servers, I’d be happier if I could simply overlay my own encryption certificates into the Dropbox process, thus ensuring that everything that left my machine was encrypted using a key-pair that Dropbox couldn’t decrypt however hard it tried.
Of course, I’d have to take full responsibility for looking after my own keys, but I’m sure I can do a better job of this than any third party. How about using the encryption keys generated for encrypted NTFS, or other keys that can be stored in Active Directory?
Yes, this would mean that an admirably cross-platform solution such as Dropbox would require key management facilities on non-Windows platforms, but it would certainly ease the minds of those of us who are understandably paranoid about our data being copied into the cloud – especially data that’s important to us and potentially sensitive.
Yes, I could encrypt everything locally and then send these files to the Dropbox local tree and have them synced to the cloud, but that’s too much hard work. While it would actually be easy to do on Mac OS X, because of its event-triggered filesystem capabilities, it would be somewhat harder to do under Windows, even on Windows 7.