As you may have heard Dropbox suffered a major security breach this weekend, for almost 4 hours ALL dropbox accounts (including data) was accessible to ANYONE without password (or rather you were asked for a password, but it would accept anything)..
The major problem here is that ANYTHING in your Dropbox is unencrypted, and thus anyone that gets access to your Dropbox has access to your data…
This is, besides a major concern for Dropbox users, a wakeup call for users of cloud solutions – I totally have to agree with Steve Gibson (www.grc.com/securitynow) that we need PIE – Pre Internet Encryption, everything we store in the colud really NEED to be encrypted before it leave our servers/lan.
Obviously this Dropbox breach was not good 🙁 but never fear there is a solution, still in Beta but still very promising.. The solution is called SecureSync, it creates an encrypted folder in your dropbox and anything stored here is encrypted (you HAVE to access the folder via the “SecureSync” shortcut in MyDocuments though, if you look directly in the encrypted folder you will only get encrypted data – this however is quite clever as you can still syncronize with machines that do not have SecureSync installed, for Dropbox the encrypted data is merely data and is thus synchronized just as other data – however once you instal SecureSync on the target machine you can suddenly read the encrypted data via the “SecureSync Shortcut”.
SecureSync is free (at the moment at least) and still in Beta, but it seem to work fine although especially the install routine obviously will be improved.
Get it here;