Thoughts on Dropbox
Dropbox is the recently-launched YCombinator-backed startup that aims to seamlessly sync files between multiple computers as well as act as a conduit for backing up files to the proverbial cloud. They have been the subject of some great reviews and truly deliver what they claim. That being said I don’t plan on reviewing Dropbox, rather I am going to put out my concerns for why I won’t be using Dropbox full-time just yet.
Dropbox Primer
Let’s say you have a PC and a Mac that you constantly share files between. Up until now you might have been emailing files to yourself, made use of file-sharing on a home network, toted around a USB memory stick or shuttled an external hard drive between them constantly (bonus points if you said use JungleDisk sync). Those are all burdensome tasks and aren’t bulletproof for when each computer is not in the same building.
Dropbox approaches this problem and goes a step further with shell integration for a Dropbox repository (I say repository out of nature.. dropbox can handle file revisions), shared folders and the like. The OS integration is what is phenomenal about Dropbox, and no OS was left behind: OS X, Linux and Windows are all supported. It’s much easier to work with than having to open up an FTP application or Amazon S3 client and manually sync or move files. The TortoiseSVN or SCplugin-like UI is a fine touch as well.
In addition to all of that, there is a web interface where you can access your files as well.
What I’d Like to See
Dropbox currently comes with 2GB of free storage, which is in turn stored on their Amazon S3 account which they further secure with their own AES-256 encryption in addition to using SSL before anything is ever sent out. Overall, I would absolutely, 100% recommend Dropbox to the regular user that wants to easily sync files between computers while just as easily be able to share them with others. I particularly like being able to right-click a file in the public folder and get a public URL for it.
The seamless integration within the operating system is of paramount importance to the user that would otherwise be clueless to setting up their own S3 account and backing up manually. In the near future Dropbox will sell paid accounts for “richer sharing options and more storage” so you won’t have to worry about 2GB not being enough.
I probably do not represent Dropbox’s target audience and my concerns are almost on the order of devil’s advocate but here’s what I’d like to see in the future:
- Control over what is copied to my machine(s) from the cloud - I have more data on my S3 account than my MacBook’s hard drive can fit. Naturally, I don’t want that data on my computer all the time. With Dropbox, currently everything in the “Dropbox” folder always remains on my computer. I would rather it only download the file when I try to use, open or edit it.
- The ability to just “disconnect” - Expanding on the idea above, I would like the Dropbox folder to disappear when the Dropbox application is closed or if I provide some authentication for it to display/hide.
- Use my own S3 account - I would pay a lot to have the ability to store my data in my own S3 account. I realize part of Dropbox’s business plan likely revolves around charging for storage, but I propose they offer a high-end account where I just pay $30/month for the use of their API to power file revisions, the web interface and all of that, all-the-while being stored on my own S3 account.
- My own encryption. - Adding on to the ability to use my own S3 accounts, I’d like to supply my own encryption key and have my files encrypted with it. However, this does bring in some technical challenges with Dropbox requiring access to my files to keep track of revisions and the web interface and will likely require Dropbox to have the encryption key as well, which almost defeats the purpose.
- Ask Me First - I would like Dropbox to ask me for my password each time it opens up. I’d rather not have it be the weak link in my system’s security and inadvertently give someone that happened to steal my laptop while it was on, access to the gigabytes of data I also store online. However, Dropbox does get points for having the ability to “unlink” a computer.
On a related note, I can’t seem to find a Dropbox entry in the OS X login keychain. It would be easier to secure if credentials were stored there by Dropbox. - Leave no trail behind. - I’d like the option to disable “show deleted files” and have all deletes be nuclear.
Overall
I’m not trying to knock Dropbox by listing out such feature ideas. Dropbox is the slickest file storage and synchronization solution I have seen, period. If I wasn’t as paranoid with security, I would be very, very happy with it. But just think, what would the enterprise do?
Dropbox: Yay or nay?
Disclosure: I had stir fry with Drew, Arash and Aston earlier in the summer.
Actually, Dropbox and JungleDisk can be used in combination: I store a lot of stuff on my Jungledisk, knowing it will free up space on my computers while being accessible from all of them; with Dropbox, I sync stuff that I would rather keep on each of my hard drives, like data for applications that I use of two of my computers. This is the only reliable way I have fund of keeping everything in sync for applications (like Things, for instance) that can’t sync via MobileMe.
I’ve been contemplating on whether to switch to DropBox from my current sync buddy - iDisk. Currently getting 2.5GB on my iDisk ‘Family-Pack’ account, I think it adequate for the sharing of files that I do. However, MobileMe reliability, and the sluggishness of file transfers in Finder has bothered me from day one. I don’t care for any advanced features like encryption and all that. So is dropbox faster than iDisk or do I just have a crappy connection?
(For the record, I do have a crappy connection)
Hey äul,
Most of the suggestions you made have been already asked by beta testers in the forum several times and I am sure the team is gong to fix all this.
I’ve been enrolled in Dropbox several months ago and it’s true thati’d like the ability to connect/disconnect on the fly.
What do you think of the sharing functionality? Do you think it would work well for early-stage startups and friends working together on side projects? This seems like an easy and free way to do file sharing with versioning for lightweight work.
For lightweight use Dropbox or SugarSync should be the right solution.
Cloud life is still nascent. With crappy unreliable internet, I can’t take the risk of putting all my data online.
i find dropbox slow at uploading files. a while back i was uploading photos about 20mb and it took at least 20 minutes. maybe this is because dropbox is on amazons US servers, and i live in ireland. syncing files (download) is really fast.
other than that i really like it. comes in really handy around uni.
I hadn’t tried myself but I read on Dropbox forum that some people put TrueCrypt encrypted volume into their Dropbox. It doesn’t increase strain on conneciton much because only changes are synced and solves most of security issues.
And about incoming stuff from cloud - Dropbox is much more of a sync solution than backup or online storage.
I just won a one-year (though I only found out about the time limit after winning) 50GB Dropbox account, and I’m ambivalent. I hear your points about security, and the fact that my laptop’s hard drive is only 40GB definitely negates some of the value there. As others have said, though, it is a synchronization service, not a backup service; perhaps I’m asking it for something it wasn’t designed to do.
The interface is very slick, the way it only syncs changes is awesome, and it never bugs me when it’s running. However, I do wonder about moving the Dropbox folder to my external hard drive (320GB), which would leave more than enough room to sync. I suppose I’ll ask in the forums; are you at all interested in the answer?
I couldn’t agree more. If I have, say, 1GB of stuff accumulated over time in my Dropbox and buy a new computer at some point, installing Dropbox will set it off downloading all that data, which in my area would take at least overnight and use up a significant proportion of my monthly traffic limit. Far more logical would be to show the *contents* of the folder and download the files I choose to open.
The fact that it stores everything on your local HD as well as in the cloud also precludes its use on shared machines. At work (where machines aren’t locked down) and university (where they are), I find myself having to faff about with the web interface. Perhaps a potential future market for Dropbox would be selling to institutions as a replacement for, say, your university file storage with an installation of Dropbox on each workstation that “detects” who you’re logged in as and gives you your files from their servers. Being able to access that at home would be ace.
>If I have, say, 1GB of stuff accumulated over time in my Dropbox and buy a new computer at some point, installing Dropbox will set it off downloading all that data, which in my area would take at least overnight and use up a significant proportion of my monthly traffic limit.
You can simply copy your local Dropbox folder to new computer (with flash drive or something). No traffic wasted.
It seems people want from Dropbox way more than it was designed to do. :) Key feature here is simplicity, not bunch of power-user bells and whistles. It is also still in beta btw.
where’s a good place to get hi-res wallpapers of cars like the ones you have??
The best I can say is.. the internets. I get them from various car sites/blogs. Can’t name a particular one.
The features you listed are very valid, but I think the danger is to try and make something that is everything to everyone. I used Live Mesh for a while, but the web interface was so clunky and even the integration on the desktop was pretty rough. It was more of an inconvenience than something that’s supposed to simplify the way I share data between my various devices.
I recently signed up for Dropbox and I’ve been very impressed with the level of integration and more importantly ease of use. I literally just want to be able to chuck some files into a folder and know that I have it whether I’m on my desktop, laptop or work computer. I don’t want weird graphics and admin panels. Sure I’d like a bit more control over the storage location and security, but most of the stuff I’m working on isn’t top-secret so I have no qualms with the current implementation. Tying it in with my own S3 is one feature that I wouldn’t mind having but isn’t a deal breaker either.
what do you think of wua.la ?
There are systems that can encrypt using a private encryption key without the server needing to know the key. Mozy (mozy.com) is one example of a service that does this. Not only can Mozy’s client encrypt using a key the server doesn’t have, but it can do efficient differential backups–syncing only the parts of the files that changed.
However, Mozy doesn’t work as a file sharing system–you can only access files from the same computer from which they were backed up.
@Brian - this can be done as well on S3 (for example, through the JungleDisk client). The reason I mentioned that this might present a technical challenge with Dropbox is that to utilize their web interface to display files as well as their system to manage file revisions, it would need to know the encryption key to work with it.
One more thing… I’d love to see them get the dropbox.com domain. I’m forever typing that in and getting a page of rubbish.
I could really use a service like DropBox. Thanks for posting about this. Great things coming out of Y Combinator!
About the security issues. Say I had a bunch of projects I was working on, small websites and say a personal project and one that had potential security risks with data or whatever.
Could I not just have my projects all in one folder on my pc, encrypt using 7-zip then drag that to dropbox to sync with other computers?
Just means that on each computer i have to decrypt to a seperate folder.
After making my changes I could then encrypt again, put back in dropbox and access from wherever else.
I would also back this zip file on usb key incase and maybe monthly make a backup on external hard drive.
I am not a security expert but I am trying to come up with a solution where i can work on any project I have from anywhere while still being really secure and have backup disaster prevention.
Any tips?
@dean
See my comment above about putting TrueCrypt volume in Dropbox. It’s bit more complex than using archives but more secure without need to unpack (creating temporary files that require cleanup).
I completely agree on the upload control issue—it’s real problem when using Dropbox as an online backup solution.