Web

Dropbox Hashing and Privacy

Clearly the tweet was misinterpreted.

Dropbox Hashing Function

While it may look like Dropbox allowed DMCA check on users private folder, which would be unethical. It did nothing of that sort. Dropbox does takes care of your privacy and security. Dropbox most likely calculates hashing function to determine, if the file already exists on the server or not. Try uploading a public file like Eclipse setup, it’ll hardly take more than few seconds to upload and sync. Clearly Dropbox sacrifices user privacy for cost savings. This is all done for data deduplication.

This way, if a DMCA takedown notice is served to dropbox, it can simply calculate the hash sum of requested file to the files across dropbox servers and block the matching files.

Dropbox API

Dropbox does not allow clients to calculate hash value of files using API. So basically 3rd party cant really leverage the idea for bandwidth savings. The only option is to maintain their own table of all the file upload hashes till now.

Problems?

Only one. Looks like you cant* share copyrighted materials.

*Still a Pirate?

  • Client side encryption. Use encryption software such as BoxCryptor or TrueCrypt. Though they fail the entire purpose of dropbox, that is easy file access anywhere in the world.
  • Change few bits in the file without corrupting it. This might be tricky and depends on what type of file is being shared.
  • Keep large files as chunks of binary split.
  • Simply zip the file signature without any compression. That is fast and changes file as well.
Tagged , , , , , , , ,