Why does dropbox have the ability to see your files at all? That seems like a pretty bad security flaw in the first place.
Technology
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
Because you gave them the files?
If you don't want dropbox to see them, encrypt them.
deleted
If you believe in any implementation of e2ee made by apple i wish you good luck in life, cuz u will need it with your naivety.
Apple makes a shitload of money from the devices and ecosystem that have access to their cloud storage, they don't have the same incentive to use the data itself for profit. In fact, keeping the data as private as they can is a selling point for the devices and ecosystem they make bank from. Dropbox doesn't have that.
The downside is I used to use Dropbox a lot for collabs with others. We're now using something else (Google Drive 🤮) but for a while, Dropbox was king.
There are drawbacks to end-to-end encryption (E2EE). I'm not aware of any E2EE cloud storage systems that have the features Dropbox provides. I would LOVE to know of any that...
-
Support at least the big 5 platforms (Android/iOS/Mac/Windows/Linux).
-
Have a functional web interface.
-
Support sharing and collaboration.
-
Have a search feature
-
Sync to the local filesystem on a folder-by-folder or even file-by-file basis
-
Integrate with other tools (e.g. android file picker)
It's not easy to do all that with E2EE, like a functional web interface, search, and integration.
ProtonMail's search, for example, is limited to subject and metadata, and that's specifically because they DON'T use E2EE for that.
I'm willing to compromise some of this for the sake of E2EE, but I'm not at all surprised that feature-first services are more popular than privacy-first services.
Response from dropbox in that post: "Jumping in to clarify some confusion. The AI third-party toggle is only visible to users who have access to our AI features. If you don’t see the AI third-party toggle, then you can’t view or use Dropbox AI features. To reiterate, neither this nor any other setting automatically or passively sends any Dropbox customer data to a third-party AI service. Please see our Help Center article for a list of those with access to Dropbox AI features."
I don't know why I find it so surprising that Dropbox apparently has a Hacker News account, but I am mindblown that's a thing.
I thought HN would be way too niche for that to be a thing.
Seeing dropbox is actually a ycombinator alumni it’s not that surprising 😄
You can still opt out by opting not to use Dropbox.
Guess I need to find and close that account now
I did this. Enjoy unsharing literally every shared file and folder and removing access etc. I thought I deleted all my files. Nope. Checked the shared area. You’ll need to undo all of that manually. Only then was I finally able to rid myself of this enshittified disaster. Goodbye forever Dropbox. The only good you ever did was scannable.
I HATE Dropbox.
I tried to use them recently and their service had some problems.
They have an option to "stream" files when you need them. The only problem is you need an internet connection to access them. I did not trust this kind of system and I actually need to access my files even without internet.
So there is a way to make the files available offline. Great! Problem solves. NOPE! They offer an option to have your files available offline, but they might remove the files and make them only available in the cloud if you local storage gets low.
That is really all they say about it and there is no option to turn this off. I was uncomfortable about their vagueness and my inability to disable this.
Within 24 hours of paying for their service I learned of this and they refused to refund my purchase.
PLEASE NEVER WORK WITH DROPBOX
I've had a great experience with Dropbox (for about 10 years!), but I also used their Linux client which is old and very straightforward. Now I'm a Nextcloud user, and I wish it worked as well as Dropbox did. But with this AI thing I'm not switching back.
Wait, Dropbox can use your files to train AI? How is this acceptable? Aren't people storing their keepass vaults there?
Those had better be encrypted
Password manager is one of the few "free" services that I pay for. Still feeling pretty good about 1password.
Pff, such capitalist bull. But communists at least have LastPass, that shares our passwords with the world under the banner of no private ownership.
But seriously, paying for a password manager is a good thing. Find a good and secure one that is properly vetted and trusted in the industry, and support them if you can.
I said this in another post:
If your business is using Dropbox as cloud storage, you are so fucked!
In 2015, I worked in a company that stored financial records. Small restaurant company with 80 employees. I emailed them last week about this and they're already making moves to leave.
It's wild that you're still in contact with your former employers.
Literally every single one has "fired me" and escorted me from the premises after I put in a 2 week notice.
You can leave a company on good terms.
I also highly recommend not burning bridges. Even if they were a shit storm, 2-3 years later you might change your mind.
Literally the first sentence of your own source:
Dropbox has hidden third party AI settings, not disabled them
But the comments below say they're not able to access the new page, even with the direct URL... It seems certain tiers of customers can't opt out. Possibly they can't be included in the first place (e.g. EU users), but it's a pretty big screw up to hide one's status on such an important privacy setting.
Ok, so how do I as a user access these to change those settings please?
If they're hiding them, chances are it's only going to get worse, not better.
Now I feel tempted to make a Dropbox account and fill it with gigabytes of noise data...
Time for dropbox users to upload all kinds of crap for ai to "learn" from, all within tos of course.
I bet there are many kinds of ways to make your files poison the ai learning data. Its going to be fun for those ai guys to sort which files are probably safe and which are not. I think even if ONE user manages to slip something that corrupts the training data and its not noticed soon enough it might cause problems for them. Though someone who actually knows something about the subject might want to tell if i'm talking shit or not.
I'm not against ai in general, but if its trained with data that was obtained from unwilling people, like this, then its makers can fuck off.
Best time for people to learn about home servers.
The problem, as I'm sure you know, is that a home server is not fit for purpose for the vast majority of people. Managing that is a fun project for some, but a complete non starter for most.
Thanks I forgot I even had a dropbox account. And everything is deleted files and account.
If someone has a way to poison their AI training by adding junk along my regular files I'm interested. Sadly I use it at work and I cannot decide to migrate to another cloud so I better sabotage them
There's probably lots of ways, look up adversarial samples in machine learning and poisoning attacks
https://christophm.github.io/interpretable-ml-book/adversarial.html
https://www.computer.org/csdl/magazine/co/2022/11/09928202/1HJuFNlUxQQ
This situation is so ridiculous
Happy I moved to Syncthing a long time ago. My data is replicated on several locations and instances on cheap old raspberries+drives and syncs instantly even on my phone, where I keep Obsidian notes. No size limits, no huge hassle, 10 minutes to get a new instance set up.
Every now and then I will rsync the encrypted version to an offline drive and store it somewhere else.
So are there any files that an AI shouldn't vacuum up that I just happen to have in my dropbox?
Apparently Proton has a drive service now...
I have my dick pics in there wtf is AI going to learn
What hotdogs look like, obviously
If you aren't aware rclone makes it easy to backup (copy) or sync files to different cloud providers like Dropbox and you can setup encryption very easily so you can continue using Dropbox since it does have pretty good value for the price even though they've shown they aren't trustworthy.
https://rclone.org/dropbox/ https://rclone.org/crypt/ https://rclone.org/commands/rclone_copy/ https://rclone.org/commands/rclone_sync/
So if I don’t opt out can I force the AI to train on my files?