Dropbox Terms

When in the course of network events rumors start flying about Dropbox a decent respect for the concerns of 1Password users compels me to blog about it.

1Password users certainly enjoy the convenience of syncing their data across Mac, Windows, iPhone, iPad, iPod Touch, Android and Windows 7 Phone. This is managed using Dropbox, and so it is fit and proper for 1Password users to be attuned to news regarding Dropbox security and privacy.

1Password in DropboxYesterday (July 1) Dropbox provided an update of their terms of service. Since then the net has been a-twitter with very frightening accusations about what Dropbox may do with your data. Those accusations are incorrect, and the Dropbox terms of service do not give them any rights to your data that you wouldn’t expect. And as always the main thing to keep in mind is that your 1Password data are well encrypted before ever being sent to Dropbox (or even written to your own disk).

Read the policy, not the tweets

It appears some misleading (at best) and downright incorrect claims about the Dropbox Terms of Service are spreading via Twitter and blogs. So don’t trust what the bloggers say (I guess that includes me) and go read the Dropbox Terms for yourself.

Permission to share what you ask them to share

The portion that seems to be behind the panic is in this paragraph:

We sometimes need your permission to do what you ask us to do with your stuff (for example, hosting, making public, or sharing your files). By submitting your stuff to the Services, you grant us (and those we work with to provide the Services) worldwide, non-exclusive, royalty-free, sublicenseable rights to use, copy, distribute, prepare derivative works (such as translations or format conversions) of, perform, or publicly display that stuff to the extent reasonably necessary for the Service. This license is solely to enable us to technically administer, display, and operate the Services. You must ensure you have the rights you need to grant us that permission. [Emphasis added]

Dropbox can be used for more than just syncing your own private data. It can be used to share information with selected others or with the world. When you put something in your Public folder on Dropbox to share, you are asking Dropbox to re-publish that data. Dropbox actually needs your permission to do so, and this paragraph is the bit of their Terms of Service which allows them to share the material you ask them to share.

The bottom line is that there is nothing in these Dropbox Terms of Service that gives them the right to do anything with your data that you don’t ask them to do. (The one exception is in the paragraph of the Dropbox privacy policy which states that they will comply with law enforcement requests for data stored on Dropbox.)

New Security Document

I have complained in the past that Dropbox had been unclear about their security policy with respect to everyone’s data. I am very pleased that they have produced a new security document now and that they took the time to do it right. It contains no surprises. Also with this announcement, they have updated their applications and APIs for mobile devices to address an earlier concern about encrypted filenames and such.

Why Dropbox and where are the alternatives?

Dropbox seems to have shifted from an Internet darling to a boogyman in less than six months. The silly accusations regarding re-publishing permissions in their newly stated Terms of Service illustrates that any allegation about them will gain traction even when completely unfounded. But even though this current hysteria can be dismissed it doesn’t mean that we can brush off all concerns about Dropbox or any cloud syncing solution.

I will try to briefly address some of the questions that come up in any discussion of Dropbox and 1Password. These are “Why Dropbox?” and “Have you considered X as an alternative sync solution?”

Dropbox does two things that no other system (yet) does. It provides the necessary programming tools (APIs) for all of the platforms that we support: OS X, Windows, iOS, Android, and Windows 7 Phone; and it provides syncing to truly native filesystems on the Mac and PC.

The short answer to “Have you considered X as an alternative sync solution” is “Yes” for every value of X that people have asked about. We have considered them, and have had to reject them for various technical reasons.

Getting more technical

Each item in your 1Password data is stored in its own, separate, file. This is great for syncing in that it means that only the changes need to sync and this can be done by file and folder syncing. This not only makes syncing faster and cheaper, it also makes it much more reliable and robust against potential data corruption. But this also means that 1Password needs to read lots of different files quickly as it runs. Dropbox does fast syncing while storing the local files on the native local file systems, allowing it to function properly.

As an illustration, an alternative such as WebDAV (which we worked on extensively but had to abandon before we moved to Dropbox) provides a file system abstraction layer that is just too slow for 1Password. It can hang when we try to access some file that it hasn’t cached properly. Also WebDAV isn’t designed for updating many files is quick succession. It’s not that WebDAV is bad, but it isn’t suitable for how we would use it.

Everything else we’ve looked at (and we have looked at many things) suffers not only from the same problems we saw with WebDAV, but they also lack usable APIs for all the platforms we need to support. It may be possible, for example, to sync data to an Android or iOS device using SugarSync or Wuala, but it isn’t possible to sync that data in a way that would make it available to 1Password on those devices.

What’s gone before

I’ve written about a number of things related to the security of your 1Password data in the cloud and on Dropbox in particular. Instead of repeating those, I will list some of those here.

Dropbox Security Questions and Dropbox security revisited: Plus ça change
Both discuss the Dropbox security issues that arose earlier this year. As an update, over the course of the past few months, Dropbox have successfully addressed each of those concerns.
Defending against crackers: Peanut Butter Keeps Dogs Friendly, Too.
What we do to defend your master password against automated crackers if your data should fall into the wrong hands.
Toward Better Master Passwords
What you can do to defend your master password against automated crackers if your data should fall into the wrong hands.
Looking ahead in security
Some hints about what we are working on to make your data even more secure in the cloud.

In Conclusion

Thinking about security (and privacy) is hard. It is important to look at the facts behind the headlines and the tweets before jumping to conclusions.

Update: An expert weighs in

Simon Bradshaw who blogs about intellectual property and technology on his LawClanger blog has posted an analysis, coming to pretty much the same conclusions presented above. [Updated, July 5]

Update 2: Dropbox rewrites

On July 6, Dropbox posted about a rewrite of their Terms of Service. In my reading of it, it makes no changes of substances, but it goes above and beyond the standard language that we see elsewhere in allaying fears.

By using our Services you provide us with information, files, and folders that you submit to Dropbox (together, “your stuff”). You retain full ownership to your stuff. We don’t claim any ownership to any of it. These Terms do not grant us any rights to your stuff or intellectual property except for the limited rights that are needed to run the Services, as explained below. [...]

Now that things have calmed down a bit, I would like to reflect on (and rant about) how we got here.

My overall point remains. A few people who were unfamiliar with reading ToSes delved into the earlier ToS and misinterpreted something and posted their misinterpretations. Those misinterpretations spread like wildfire because others were willing to believe the worst instead of investigating for themselves. I am not criticizing typical users for doing so, but my frustration is directed at portions of the technology press who did not do their job.

People are correct to be concerned about what is buried in Terms of Service and Privacy agreements. As a whole, we don’t pay enough attention to these, and it is good news that people are paying more attention. But it also takes some time to learn how to read them. If something seems fishy, ask for an explanation before jumping to the conclusion that something is evil. If you are part of the technology press your job is to do your homework instead of just regurgitating hot stories for clicks. The press’ job is to investigate, analyze and explain. [Updated July 8]

61 replies
  1. Leon
    Leon says:

    With all the hacks coming up in the press recently, it should be obvious to everybody that no website is secure. The same is true for Dropbox. By talking about the various ways that Dropbox may share your data, the article misses the point somewhat I think: It doesn’t matter!

    1Password files are encrypted. You can upload them anywhere, give them to whoever you want, have them stolen – the passwords will be safe because only the master password can decrypt them.

    If you don’t trust the 1Password encryption, the you probably shouldn’t even be using 1Password.

    • Jeff
      Jeff says:

      Thanks Leon!

      That really is my overall point. We designed your 1Password data to remain secure even if it should fall into the wrong hands. That doesn’t mean that we shouldn’t care about keeping your data out of the hands of the bad guys, but it does mean that we don’t have to sweat excessively.

      Cheers,

      -j

      • Bart Bartholomay
        Bart Bartholomay says:

        Jeez, I thought your overall point was that nothing was going to be made available where it shouldn’t be. Don’t recall where you talked about the 1Password security feature set being designed to preclude hacking in the wrong hands.

        • Jeff
          Jeff says:

          “Don’t recall where you talked about the 1Password security feature set being designed to preclude hacking in the wrong hands.”

          Hi Bart,

          This is discussed in some of the other posts that I linked to, but briefly when we designed the 1Password data format years ago, we assumed that some people would have their computers stolen. So we designed the format to withstand sophisticated in such a case. Those same design principles worked out well for us as people move more data to the cloud, where there are other opportunities for data theft. So please check out some of the other links at the bottom of the blog post.

          Cheers,

          -j

          • Bart Bartholomay
            Bart Bartholomay says:

            I did, Jeff. Thanks.

            I thought everyone might be interested in what a colleague and friend, John Stubbs, has to say about the issue. He is also an attorney ans was Chief of Internet Management and Media ( I think that was his title) with SONY, so he indeed has the experience that i respect in the industry. He is also, as an aside, a Naval Aviator who flew A-6 Intruders in Nam on the same ship and air wing as did I flying F-4’s, CAG5 on the USS Midway. I think you’ll appreciate his views.

            “I am an attorney, and as such will offer another perspective that hasn’t been addressed in this thread. (sic)

            Content, or in DropBox’s terminology “stuff,” is stored by DropBox somewhere. Presumably on a server in California, but who knows. At any rate, this stuff is potential (probably) exposed to subpoena by adversaries in a law suit. DropBox explicitly says they may disclose your stuff to law enforcement, and that would probably apply to a properly served subpoena in a civil action. So if stuff stored on a DropBox server is your client’s confidential information and they are involved in a lawsuit, you may find yourself the inadvertent agent who gave your client’s adversary the keys to the kingdom. And DropBox is careful to point out that you are acting as your client’s agent when you put that information up on their servers – so its your fault, not theirs. Its easy to imagine scenarios where a client’s FMP database would contain all sorts of confidential information (I.e., medical applications) and when you send it via DropBox, there is exposure. Accordingly, I’d strongly suggest getting informed consent from the client where this could even remotely be an issue.

            Its not clear whether DropBox would be under any obligation to assist in decrypting the content or otherwise assisting the adversary in the face of a subpoena. But the broad language of “we may disclose information about your account or your stuff…” suggests that the stuff and encryption keys would be forthcoming.

            Another issue. Where is the Stuff being stored? Is it offshore? The answer to that may influence the ease of access via judicial process for adversary paries or law enforcement.

            BTW – these issues aren’t unique to DropBox. The issues are with any cloud storage and probably apply to most email (stored at the ISP or wherever). I never cease to be amazed about how caviler people are about storing sensitive information in the “cloud.” When and if a pissing match begins, any competent attorney will issue discovery motions to every cloud in the sky hoping to find the silver bullet.

            Bottom line – make sure your client understands the risks inherent in modern Internet based communications and obtain their explicit permission to send confidential information using that conveyance. Also be careful for third party liability where the confidential information may not be owned by your client, but rather by their client (e.g., medical history contained in a doctor’s database).”

          • Jeff
            Jeff says:

            Thanks Bart. That’s great. It does give me to opportunity to talk a bit about one thing that I merely alluded to when I wrote:

            The one exception [where they might give out data you don't want them to] is in the paragraph of the Dropbox privacy policy which states that they will comply with law enforcement requests for data stored on Dropbox.

            This, of course, is not the issue that people have been going on about with respect to license to republish, but this is something else all together. Your friend’s excellent analysis also highlights that I was sloppy when I wrote “law enforcement requests”) as this would also apply to subpoenas in civil cases. So I should have added “court order”, but my excuse was that this wasn’t the issue behind the whole panic.

            One thing to keep in mind is that if a court allows discovery of data you store in the cloud, they are probably also going to include data that you store at home, so I’m not sure that there is a huge difference here other than the ability for them to get at backed up data which you may have deleted elsewhere. In some cases even good encryption may not help as there are some jurisdictions (I believe that in criminal cases in the UK for example) a person can be compelled to reveal their decryption keys. I’m not familiar with case law on this in the US.

            But these are separate issues, interesting as they are, are separate from the “hot” issue of the Dropbox ToS. And in this respect, Dropbox is absolutely no different than anyone else based in the US.

            PS: When I lived in Riverside, California, I would regularly hang out with a group of retired USAF officers. I don’t think that any Navy pilots were in the crowd, but there were a few sailors. I can’t remember if any were on the Midway. If you are ever near Plano, Texas, get in touch with me. I’d love meet up and learn more about your experience.

            Cheers,

            -j

  2. Aleks Ivic
    Aleks Ivic says:

    They know they are under pressure here from the start of this fiasco and even introduced more conflicting language.

    I’m no security expert by any means but can’t they can introduce another encryption layer which only requires your password (in addition to the user account pw) for specific ‘dropbox’ folders which you can turn on/off. Therefore no Dropbox employee could supply decrypted information to anybody.

    Instead they just go say… “Just use Truecrypt if you must…..”

    • Jeff
      Jeff says:

      Hi Aleks,

      I can’t speak to what they can or can’t do. But if data stored on Dropbox is to also be available to you through a web interface, then decryption can’t all be client side.

      It should be noted that all of the cloud storage schemes that provide client-side encryption (such as Wuela or SpiderOak) don’t use the operating systems’ native file systems. Whether things have to be that way is not something I can say for certain. But we really need to have the files really sitting on a local disk without undue file system layers.

      Cheers,

      -j

  3. Phil
    Phil says:

    While I agree that the “original mods” to the TOS didn’t mean they’d be republishing everything and anything, it was not sufficiently specific to PREVENT them doing so – legally. That’s the key point here – we might “trust” them with our stuff, but an overly broad TOS does nothing to maintain that “trust”. Their updates to the TOS later today are a step in the right direction. However, but coupled with the other discoveries about their security and privacy practices, and their lack of transparency dealing with those situations, leads my level of “trust” in their company and service to a very difficult to measure small number.

    While I still do not trust DB for anything important because of their ridiculous and unnecessary encryption practices and the “whoops nobody needs a password for a few hours” flub, the extra layer of encryption from 1P makes the pairing a viable solution.

    • Jeff
      Jeff says:

      Thanks Phil!

      It is exactly because we know that your 1Password data can be captured, whether in the cloud or from theft from your own computers, that we take great care in encrypting it.

      I certainly was not trying to say that Dropbox hasn’t made substantial security mistakes. We all know that they have. But the latest hullabaloo about their ToS is not something that I see as evidence of their practices, instead it is more a reflection of how people are now jumping on every indication (whether valid or not) to condemn them. It’s like the old joke, if they were now observed to walk on water, people would criticize them for not being able to swim.

      Please note that my defense of them in this particular instance doesn’t mean that I will lessen my own scrutiny of them. I see it as part of my job to anticipate any threats to the security of our products or how they are used. So I and everyone here will continue to keep a close eye on Dropbox.

      Cheers,

      -j

  4. Enk
    Enk says:

    Regardless of the claims of Jeff (who, last I heard, was not an attorney, and therefore his qualifications to comment, are, at the most, legally amateurish (as are mine, of course), on TOS verbiage), Dropbox is dead, and not only to me… I encourage Agile to move to another provider, lest they suffer the fallout of the blatant stupidity displayed by the Dropbox buffoons. Fundamentally, if you cannot trust the site, do not use the product. Use something like Spideroak, or Wuala, that encrypts prior to sending the data up, as it were. As far as my beloved 1Password, it’s abck to WIFI synch for me.

    • Jeff
      Jeff says:

      Enk, you are absolutely correct that I am not an attorney. But I would like to ask you to consider whether any of the people who have made claims about “Dropbox owning your data” are attorneys themselves.

      Ultimately every individual must judge for themselves. I disagree with your judgement, but you must ultimately make the choices regarding your own data.

      It would be silly of us to not consider alternatives to Dropbox. Even if they were absolutely perfect, we wouldn’t want to tie so much of what we do to a third party not in our control. But we don’t like to announce what we are working on or looking at until things are delivered. One of the rare cases when we did promise a feature before it was delivered was when we promised WebDAV support. That didn’t work out very well for us.

      Wuala and SpiderOak are not technically feasible for the reasons described in the post. Otherwise we would already be supporting them as alternatives.

      Cheers,

      -j

  5. SHG
    SHG says:

    “You must ensure you have the rights you need to grant us that permission.”

    So you’re in breach of terms if you store anything in a Dropbox which isn’t your intellectual property. Purchased stock imagery, legit mp3s, anything licensed under the GPL – store that stuff in a Dropbox and you’re breaching the ToS.

    • Jeff
      Jeff says:

      Hi SHG,

      My reading of that clause is that if you wish to put something in your Dropbox Public folder or otherwise share it with the world via Dropbox then you are responsible making sure you have the right to share that with the world.

      Every web host provider will have a similar clause, as does YouTube, Flickr and the like. If you are not sharing the stuff with others than this isn’t a concern.

      But as others have pointed out, I am not a lawyer. Still that is how I read their Terms of Service.

      Cheers,

      -j

  6. Ben Atkin
    Ben Atkin says:

    Well here’s the original version that the first wave of people were tweeting about:

    The offending language By submitting your stuff to the Services, you grant us (and those we work with to provide the Services) worldwide, non-exclusive, royalty-free, sublicenseable rights to use, copy, distribute, prepare derivative works (such as translations or format conversions) of, perform, or publicly display that stuff to the extent we think it [sic] necessary for the Service. You must ensure you have the rights you need to grant us that permission.

    So it went from we think it necessary to reasonably necessary. I actually take issue with the grammar error. It shows sloppy PR.

    This original version is different enough from the Google terms that they use in the defense of their policy, that it’s not hard to understand the outrage.

    • Jeff
      Jeff says:

      Thanks Ben!

      It looks like I may have been too harsh on the critics as they may have had more reason than I first suspected to misunderstand the ToS.

      Still I think it is important to go to what Dropbox actually says instead of relying on tweets and blogs (and that includes this one).

      Cheers,

      -j

  7. James Taylor
    James Taylor says:

    I think if everyone remembers the cloud isn’t a panacea and take reasonable steps (as AgileBits has done with the 1Password data), you won’t be left in the cold with Dropbox. I use it to share files that I wouldn’t care if anyone had (like my .bashrc, or my .vimrc, documents and postings, etc.) and the stuff I would normally keep secret stay on my home machines behind encryption. (TrueCrypt, Concealer, etc.)

    I understand that people are dismayed by the way Dropbox handles the keys and such, but if you look at it in terms of where your data is, storing super-secret confidential items isn’t a good idea, even on some of the other cloud-based storage services.

    I will continue to use Dropbox… and I am not so paranoid that I am afraid Dropbox is sending my 1Password data to the government or the Russian Mafia… Trust but verify is good to live by. :)

  8. Darwin
    Darwin says:

    So Agiles interpretation Dropbox’s terms are something we are supposed to be comfortable with? I’d rather hear it from Dropbox.
    The reason(s) people aren’t too happy with them is we have found out their security i greatly lacking in multiple ways and incidents and they have done a very poor job communicating to their users about these issues and incidents.
    So I don’t particularly appreciate Agile acting like people are whining or have no reason to be concerned.

    • Jeff
      Jeff says:

      Darwin, I can only offer my take on those ToS. You should read them and decide for yourself.

      I can’t really suger coat the fact that I see the concern over their ToS as misguided. I’m sorry if this comes across badly, but I felt that it would be best for me to be up front about this.

      Of course their past security lapses are legitimate cause for real concern. I’ve never said otherwise and have tried to address those when we became aware of them.

      What I’m trying to say is that we need to distinguish between the real issues and the non-issues. There have been some Dropbox security issues that that truly are not relevant for 1Password (such as the exposure of file names when syncing from mobile devices). But there have been others that show a substantial increased risk that people’s encrypted 1Password data could be captured. With these issues, we have looked at how well protected you are if your data are captured and what we can do to improve matters.

      It is true that I never directly addressed the four hours of open access issue, although I explicitly addressed others. My response to the four hour passwordless access incident was to rush to finish my post on the importance of a good master password. I’d been working on it for a while, but quickly finished it off and posted it as our best answer to Dropbox security problems.

      I don’t know if you will find this answer satisfying. My goal when discussing security matters is to be as open and direct as I can be, even when what I have to say may not make everyone happy.

      Cheers,

      -j

  9. Curbed
    Curbed says:

    Jeff (and the Agile gang),

    I read your post with interest, and I appreciate you guys providing ongoing comments on the ‘Dropbox issues’. One question; have you ever thought about providing your own sync service? I mean, surely a server wouldn’t be that much hassle – Amazon S3 is cost-effective, and Roboform do it for their own product? Just a thought and suggestion. Sometimes you gotta tread your own path ;) Regards, Curbed.

    • Jeff
      Jeff says:

      Hi Curbed.

      We’ve thought about lots of things. I certainly won’t rule anything out, but we also wish to focus on what we do best. If we were to run our own sync service, it would be a “high value” target for attackers, and so would take a great deal of energy to defend.

      Still, we like to remain Agile, so I’m not saying “no” to this, only that I’d want to know that I could get a good night sleep when such a thing is up and running. I may be known to forum participants as “Defender Against the Dark Arts” but internally I refer to myself as “Chief Worrywart.” )

      Cheers,

      -j

      • Curbed
        Curbed says:

        Hi Jeff,

        Yes, I agree with you on any internal service being a high value target for hackers. I guess that’s what LastPass (and Roboform) have to contend with. I guess there’s no easy answer. I’m still trusting of Dropbox for 1P as of now, but when I get my Mac I might switch to Wifi Sync. Such a shame it won’t work on Windows too, as I’m multi-platform for now. Regards, Curbed.

  10. Mike
    Mike says:

    We have considered them, and have had to reject them for various technical reasons.

    Well listen here, I don’t care about your technical reasons. As a paying customer I expect you guys to figure it out. You are so proud of your custom built keychain, but when it comes to syncing you’re just sitting on your hands waiting for someone else to do it. That’s not acceptable. You get paid to hire programmers, so get to work!

    Dropdox has bad service and bad security. Just a few weeks ago they left some accounts totally open. I NEED to drop dropbox, and I need to drop them fast, they are not to be trusted. The terms you are discussing here are the result of them hiring lawyers, it has NO technical base at all. For all I know, tomorrow some of their idiot developers pushes an update that leaves MY files available for the world to see.

    All my files have been removed from doprbox, all that is remaining is my 1password keychain. 1password vNext better support FTP/Subversion/WebDAV/Google/Amazon/Azure and all more and not just some goofy new interface, or else I’m out. For all I care you sell each of those as separate plug-ins to cover the cost of development. Just don’t EVER blog about what’s NOT POSSIBLE!

    Just so you know, blogging excuses about technical stuff is extremely lame. It’s software, you can do anything with it.

    PS. Call Cultured Code, they have some syncing technology in beta now.

    • Tom
      Tom says:

      It’s software, you can do anything with it.

      It’s wood, you can do anything with it!
      It’s plastic, you can do anything with it!
      It’s sand, you can do anything with it!
      God forbid, it’s semen, you can do anything with it too!

      Writing software isn’t just about barfing onto the screen. Like Jeff said, alternatives have been considered; they just haven’t found any suitable service other than Dropbox. Love it or hate it, Dropbox’s got a good API that the 1Password team likes.

      Besides, 1Password’s database is encrypted before it’s even written onto disk (let alone upload to Dropbox). Not every hacker will be able to crack your database (nor would they care unless you’re some high profile individual serving the FBI or CIA, in which case, shouldn’t you be working instead of complaining online?)

      …I was having a bad day…sorry people…move on…ignore me…

    • Jeff
      Jeff says:

      Hi Mike,

      I never want to say something is impossible. Indeed, our developers have proved to me on several occasions that things I thought were impossible are actually do-able.

      I don’t mean to rule out alternatives. But I did want to forestall questions of “have you considered X?”. We have, and we continue to. But we have run into difficulties with these that we have not (yet) been able to surmount.

      So thank you for the reminder that it is up to us to find solutions.

      Cheers,

      -j

      • Charlie
        Charlie says:

        Jeff, while I understand that you need to maintain civility, thanking a troll like Mike only serves to validate his aggressive communication.

        And doesn’t he know that using all caps to express said trolling is extremely lame?

        Really enjoying your thoughtful discussion on 1Password and Dropbox. Colour this paying customer extremely impressed.

        • Jeff
          Jeff says:

          Hi Charlie,

          Thanks for your support! Even though I think people may be barking up the wrong tree, I do understand that a lot of people are feeling very angry and frustrated. That is going to come out in a number of forms. In comparison to some of the things going around the net about this issue, all of posts here have been civil.

          Again, thanks for your support.

          Cheers,

          -j

        • Mike
          Mike says:

          Well, if we are calling names here, Jeff, if I’m a troll, then you are a suck-up. You say thank you for nothing (I used html and not caps, hope you like it).

          I’m just saying, software companies that do not deliver, which this post is all about, do not deserve customers.

          That’s why I ended with my comment about Cultured Code. They are now beta testing a sync tool they developed themselves, exactly because they needed to. For that they will earn my repeat business (e.d. I will buy their upgrade).

          1password is making excuses that they can’t find anything else and that they can’t build it themselves. So they will lose a customers.

          Simple as that.

          Sincerely,
          -a Troll

          • Jeff
            Jeff says:

            I would really appreciate it if posters here would stop going at each other. That goes for you and for the people who have been criticizing you. In retrospect, I should have “unapproved” the message in which someone called you a troll.

            Thanks for clarifying your point about Cultured Code. My discussion above was to briefly mention what we had looked at about other third party sync solutions (WebDAV, Wuala, SpiderOak, and SugarSync regularly get mentioned in these discussions). I never meant to suggest that developing our own sync solution was off the table.

            As a policy, we don’t discuss new features until they are delivered (at least in Beta), so I won’t discuss what we are looking at; I only meant to forestall all of the “Have you considered Wuala/SpiderOak…” type comments.

            Cheers,

            -j

  11. Ed Voncken
    Ed Voncken says:

    Hello Mike,

    Not to defend anyone here, but your contribution does not appear very helpful in maintaining a good discussion here.

    You write: “Just so you know, blogging excuses about technical stuff is extremely lame. It’s software, you can do anything with it.”

    Especially that last line indicates to me that you are not a (software) engineering professional, so please try not to pass judgement until you fully understand the matter at hand.

    I myself find it extremely helpful to have discussions on the reasoning behind architecture, design and implementation choices and tradeoffs that have to be made.

    This includes discussing what is, and what is not, possible or feasible when dealing with multi-platform software engineering.

    Regards,
    Ed.

    • Mike
      Mike says:

      Well Ed, you couldn’t be more wrong. I am a developer, which is why I wrote you can do anything with software. It’s true. Dropbox could do it, and so can Apple, Google and Cultured Code. 1password is making excuses, and so they will lose a customer. Tough luck, there’s no reason for me to accept their excuses.

      But I will shut up, only positive feedback seems welcome here. I will talk with my wallet.

  12. nm
    nm says:

    As a related question, why does 1password not use bcrypt?

    Also, it would be nice to have an option that locksout/inserts a timeout after say 10 failed attempts.

    • Jeff
      Jeff says:

      Hi nm,

      My personal favorite alternative key derivation function to PBKDF2 isn’t bcrypt, but scrypt.

      The decision to continue with PBKDF2 involved weighing a number of considerations. The most important one is that there aren’t well reviewed libraries for all of the platforms we support. We don’t want to write our own encryption implementations, and would prefer things that are written by professional cryptographers.

      The second reason for sticking with PBKDF2 is that we need a key derivation function that will be usable on all the platforms we support. It’s not at all clear what something like scrypt would do to memory on a mobile device.

      We do plan on increasing the number of PBKDF2 iterations in our next version of the 1Password data format and have been experimenting with how these play out on different devices, but I also encourage people to select good master passwords for their 1Password data.

      On iOS we can and do have a forced delay after 5 failed attempts. But on Mac and PC this would make no difference because an attacker wouldn’t have to use the 1Password application to attempt cracking the password. Your encrypted data can be copied and attacked by a tool of the attackers choosing. This is why we use a resource intensive key derivation function and encourage people to use good master passwords.

      We also wouldn’t want someone to be able to accidentally or maliciously lock you out of your data by entering an incorrect master password.

      Cheers,

      -j

  13. Daniel Zandian
    Daniel Zandian says:

    I haven’t into the details of iCloud, but isn’t there APIs to it that would allow you do similar things with it?

    • dave
      dave says:

      Hi Daniel,

      I’ve been looking into what iCloud provides and it looks great. While I’m excited about the possibilities, we’re not going to make any announcements until all the code is finished and ready for release :)

  14. Brady Kriss
    Brady Kriss says:

    First, I have read the new Dropbox terms of service, and carefully. My more in-depth comments on it are here: http://bradykrissesq.com/?p=92
    Second, at this point I also only use Dropbox to store my Agile keychain. (Which works just fine!)

    I understand that Dropbox needs some intellectual property rights from me to provide the service it provides. I have a couple of problems, though, with the way they’ve worded the TOS. What part of providing a file syncing and backup service requires the public performance of my files??

    The biggest problem with the Dropbox TOS is the lack of good definitions for the terms they’re using. “Stuff” is not limited to the files you put on Dropbox. “Services” is defined circularly as the Dropbox services. And the terms also state the Dropbox can modify the Services anytime. As a responsible attorney, I like to plan for the worst case scenario – what if tragedy befalls the Dropbox guys, they have to sell the company to whomever will buy it, an evil ad company buys it and modifies the “Services” to mean targeted ads that pop up in your word documents on your Dropbox folder?
    Or, what if there’s a terrible security breach, and your sensitive medical records and financial statements that you’ve been syncing the Dropbox aren’t password protected anymore, but are freely available on the internet – Dropbox could defend itself against pretty much anything because you gave them a right to publicly display your “stuff.”

    The Dropbox TOS is just bad. It’s not evil. They’re not trying to be bad. And I honestly don’t think they actually want their TOS to say what it does. It is nevertheless a contract, and people should really pay more attention to what they’re agreeing to, and what they’re expecting their customers to agree to.

    • Jeff
      Jeff says:

      Hi Brady,

      You are certainly correct to take issue with lack of precision and clarity in how Dropbox has presented things, but in this instance and previously. Though I myself struggle regularly with the difficulty of being precise, accurate, clear and accessible in what I write. I’m sure that I haven’t always struck the perfect balance.

      I think you are absolutely correct that they have no ill-intent, yet people are parsing their ToS as if they were evil.

      I have no legal expertise, but that won’t stop me from offering my own take on things. So let’s look at your two examples. If adverts started popping up in documents you store on Dropbox, that would be the time to high tail it out of there instead of reacting to the ToS as people are doing now.

      For your other example of the ToS being able to cover Dropbox’s backside in case of a data breach, first we would have bigger problems than whether Dropbox is covered in their ToS and second, although I am not a lawyer, the “Limitation of Liability” would be the relevant section instead of trying to stretch this permission to republish clause beyond recognition.

      Cheers,

      -j

      • Bart Bartholomay
        Bart Bartholomay says:

        Hi, Jeff -

        You said “I think you are absolutely correct that they have no ill-intent, yet people are parsing their ToS as if they were evil.”

        Of course, those people who have a vested interest in Dropbox (ie, members) ought to be parsing the TOS to try to make some sense out of it. Granted, most aren’t lawyers, but that doesn’t mean they’re stupid. Many with whom I’ve chatted about this very issue over the last couple of days are far more knowledgeable than me, and some are even lawyers who are having difficulty parsing what it says.

        A TOS so poorly written IS evil. And your comments on the subject are enlightening, to say the least, but consider if you will the source. The more you explain and entreaty your customers to get further information “before” making evil Tweets does point out how sensitive Agile is toward the issue. Could it be a business response trying to defuse the security panic with Dropbox and potential impact on 1Passwords members?

        No, don’t answer that. It was a pointed question. But in reality we all have the right, albeit the obligation, to parse, re-define for ourselves and others, and in general enlighten those who will listen about things like this.

        This is a good thread, but it really ought to have an unsolicited legal response from someone who’s very familiar with internet contract law. And in the FWIW category, I DON’T have a Twitter account. I exchange ideas in a broad range of business forums and receive more than my fair share of enlightening emails per day, thank you. At least two-thirds of the forums in which i participate are engaged in lengthy debate on this very issue.

        Cheers,

        Bart

        • Jeff
          Jeff says:

          Hi Bart,

          Discussion is great. That is what the net is for. But until we actually get a genuine expert weighing in people should take all blog posts (including my own) with a grain of salt. Though disclaimed as actual legal advice, at least one expert, Simon Bradshaw, has now weighed in.

          The language in the Dropbox ToS that has drawn attention is very similar to the language that we see on many sites where people upload content to be shared. Bradshaw’s post is well worth the read.

          Cheers,

          -j

      • Stephen
        Stephen says:

        To be fair, it’s fine to be someone who struggles with being precise, accurate, clear and accessible until you try to write legal documents that thousands (millions?) of customers are supposed to agree to.

        I suspect they wanted to make the ToS fluffy and non-legalistic (“your stuff” etc) for PR purposes and it’s backfired on them.

        • Jeff
          Jeff says:

          Hi Stephen,

          You are certainly correct that any legal document needs to be prepared very carefully, but I also think we need to compare with what other analogous services say. The Dropbox ToS looks very standard (other than words like “your stuff”) for any service that allows you to share information. If Dropbox have been sloppy in constructing the ToS, then so have many other services.

          I think that what they didn’t anticipate is that given their recent security failure and their earlier failure to communicate with customers clearly about security issues that non-experts would be reading the ToS with the presumption that they are evil, and so read evil into an innocuous and common clause.

          Here is one of the many examples I found when looking at these (this from MobleMe Tos)

          by submitting or posting such Content on areas of the Service that are accessible by the public, you grant Apple a worldwide, royalty-free, non-exclusive license to use, distribute, reproduce, modify, adapt, publish, translate, publicly perform and publicly display such Content on the Service solely for the purpose for which such Content was submitted or made available. Said license will terminate within a commercially reasonable time after you or Apple remove such Content from the public area. By submitting or posting such Content on areas of the Service that are accessible by the public, you are representing that you are the owner of such material and/or have authorization to distribute it.

          That is clearer than the Dropbox one, but it is in essence the same thing. I think that the people who first read the Dropbox ToS and panicked were unfamiliar with how common this kind of thing is. Had they seen it in a larger context, they would have better realized what the intent and legal implications were.

          Cheers,

          -j

    • Earl Stokes
      Earl Stokes says:

      Mahalo nui loa for your proactive stance.
      Once again my faith in 1Password if sustained by you and yours!
      Your blog reflects my beliefs and may we stand together!
      Sincerely,
      Earl

  15. Rakkhi
    Rakkhi says:

    Good post. Understand about API’s. But will you please move to iCloud and Apple’s syncing API’s when iOS 5 is released?

    • dave
      dave says:

      Hello Rakkhi,

      I’m glad you liked the post! Jeff will be very happy to know his blogging is helping people.

      Regarding iCloud, I’ll repost my comment to Daniel from above:

      I’ve been looking into what iCloud provides and it looks great. While I’m excited about the possibilities, we’re not going to make any announcements until all the code is finished and ready for release :)

      • Dave Teare
        Dave Teare says:

        It’s unclear at this time. Apple needs to allow iCloud syncing to Windows somehow and when details of the Windows iCloud API emerge we’ll know for sure. It might possible to use it else where.

        Of course, Android is an iOS competitor, so Apple may elect to prevent this. On the other hand, Apple wants everyone to depend on iCloud so they can sell them more hardware, so they might allow it.

  16. Patrick
    Patrick says:

    You guys should take a look at SyncAny. It’s still in Development, but it gives you Open-Source, API, Encryption and free choice of Storage-Provider via Plugins. Maybe you could support them a little bit?!

  17. Gus
    Gus says:

    iCloud to me will be the optimal solution and what would think will be an option on the near term.

    Given the challenges Dropbox has faced and their lack of effective dialogue with their customers they are in a very tough spot that doubt will recover.

    • Jeff
      Jeff says:

      Hi Gus.

      We are certainly excited about the possibilities that iCloud has to offer, but it is still far too early to tell whether it will do what we need it to do. This is, of course, a very active area of exploration.

      Cheers,

      -j

  18. fjpoblam
    fjpoblam says:

    Google’s long-standing TOS for any Google service (Gmail, Docs, Picasa, Blogger). [Note, implied upon first use of service, and not necessarily requiring click of assent.] By submitting, posting or displaying the content you give Google a perpetual, irrevocable, worldwide, royalty-free, and non-exclusive license to reproduce, adapt, modify, translate, publish, publicly perform, publicly display and distribute any Content which you submit, post or display on or through, the Services.

    Does any Google user refuse Google services due to Google TOS 11.1?

    • Jeff
      Jeff says:

      Hi,

      You are certainly correct that this “non-exclusive license to reproduce” is common for any service (a web hosting service, a photo sharing site) that is used for sharing.

      I think that what has gone on here is that many Dropbox users use it exclusively for syncing, and simply forgot that Dropbox also provides a sharing service as well. My post above is to serve as a reminder that portions of Dropbox’s ToS are to cover what they need for their sharing service.

      There are indeed plenty of people who don’t use Google apps specifically because they are uncomfortable with what Google may do with the data, so while I take (and fully agree with) your overall point, the specific example may not be the best illustration.

      Cheers,

      -j

  19. Timothy Hankins
    Timothy Hankins says:

    This is unrelated to the larger discussion, so please forgive the tangent.

    I’ll be brief: AgileBits, you are a great software company. I can’t tell you how much it means to me as a user to see your staff on here engaging with nearly every single comment on this post. This is an important issue, and AgileBits has been thoughtful and helpful with this post and, more importantly, with its response to the comments on this post. Thank you for a great product and for the amazing added value of insightful and actionable advice on this forum.

    Cheers,

    t

Comments are closed.