"Secret" means that the supposed account violation wasn't specified in the message from Dropbox. Possibly an automated decision. And apparently it was without warning on the first offense? Definitely need more info. And extremely worrying for me as a customer that they will take down the whole account for a single toc violation.
Quite possible something hard illegal, like problematic porn or terrorism or such. I guess in case of some random hollywood-alarm being triggered, there would have been a DMCA-complain coming from that party.
700 million people use them, and 17 million are on a paid plan. I still use Dropbox, because I don't trust that I'd be able to reach a helpful human at Google should anything happen to my Google account.
we may have different account types but they started wiping inactive accounts a while back. I never installed the client on my computer though, so that probably didn't help.
I had pictures of an abroad internship from winter 2014-15 that I was able to find last year as I was aggregating all my pictures.
But I just checked their filings, the 700M figure is indeed "registered" users, not "active" ones. Which makes a lot more sense. There are not a lot of services with 700M monthly active users out there.
Dropbox is afaik the only cross platform one with support for extended file attributes like tags, comments and custom icons in macOS, which I use extensively.
I have free OneDrive through my university, and I pay $99/year and I have it through work. With multiple TB available.
Yet I still use Dropbox because it’s way more usable.
Running the OneDrive agent is a hobby and it spikes my machine a few times a day. Running Dropbox is something that just works and has worked for 10 years without me ever noticing the sync app (a good thing).
I avoid Google because I wouldn’t want my gmail to turn off because of an event like this.
The more files you have, the more OneDrive tends to chew as a baseline. If you exceed those limits it'll just sit and chew without actually updating anymore. I want to say something like 200K files is the limit.
If you're using it for work to sync build dependencies or your build tree or similar, it's easy to accidentally end up exceeding those limits and watch it eat CPU time totally ineffectually. Ask me how I know!
How do you never notice the sync app? I stopped using Dropbox because I got sick of the client (on Windows) constantly blaring about new features and corporate sharing tools.
I muted that stuff years ago and have it run on startup. I get no notifications and if I put a file in that folder it syncs up. And files I add to dropbox sync down.
Granted I haven’t run the windows client in a long time so I’m talking about my MacOS experience. But OneDrive on MacOS does all sorts of shenanigans. The funniest is when it logs me out and forces a hard resync. As a user, I never want that.
I ditched them for OneDrive which comes with an Office365 subscription. OneDrive is buggy, has file naming issues (on MacOS at least), is a memory hog, and has a host of other issues. So I tried iCloud+ which comes with AppleOne subscription, and it lacks some of the sharing/directory collab features I wanted.
So yes, there are alternatives, many of which are free or included in other subscriptions, but they lack the focus of Dropbox, which Dropbox itself nearly lost when it tried to become something beyond file storage, versioning, and sharing.
I only use it for one of my lesser used domains and it is the worst email/app experience I have had in ages.
For some reason the outlook app went blank and had to resync. Missed a really important email. It gets like 100 MS update emails which have zero relevance to me and then it sends random emails I am not sure how to unsub from. It shows notifications for all those random emails and actual important ones get lost.
I got it for the 1TB storage space and teams(let me not even start on that). But now I am seriously considering moving that domain to gmail and zoom.
I use it on Mac with the built-in email client. On Linux, Evolution (via Evolution Data Server) supports Exchange too. I find their proprietary HTTP-based protocol much more reliable than IMAP and it's the only way to get push email on iOS using the stock client (it doesn't support IMAP IDLE and their proprietary equivalent is only open to GMail and Fastmail, no way to self-host and no other providers are supported).
It's the only solution still that "just works" on all OSs and mobile devices. I spent a year trying to use alternatives like Syncthing and Resilio and they all have pain points, especially on mobile. Gave up and just paid for Dropbox. I would gladly self host if there was an option that worked well on mobile.
I've been using Nextcloud and before that Owncloud for years. I recently switched to the native mobile client from a generic web DAV client. It supports one way sync for things like photos which is very handy. My home NC has around 1/2TB in use so far.
I also look after another one for a company with several 1000 users' safety docs on it. Nearly all the clients are mobiles and tablets using the native client. This NC is more of a one way thing where one dept uploads pdfs and the drivers and co read them on their tablets. Office staff point a browser at it.
Dropbox has more enterprise features like data governance and DLP features like requiring MDM. Drive and one drive is fine for certain things but our legal and finance documents, we need certain features.
Dropbox supports block-level file sync. I'm not sure if Google Drive or OneDrive support that yet? It makes a big difference when working on large files.
I use and am happy with Dropbox. I was an early adopter of Google Drive (to try to save costs) and it never really worked right. There were lots of bugs with the syncing of data. My entire digital world is on Dropbox. I use (and pay for) Google Drive too, but I use it differently.
It works for me because, in theory, all my data is on every HD in my house (which is really just two). So, I don't lose anything if Dropbox deletes my account; I've got it all locally.
That theory doesn't work anymore, however, because I have 399 GB of data in Dropbox and I don't duplicate it all to every machine anymore because of the size and the data transfer required to keep that much locally and in the cloud.
I really do need to start thinking about this again so that I can get it all duplicated locally.
I use and am happy with them too—although if Dropbox deletes files from your account, or deletes your account outright, doesn’t that reach out and delete the data from all of the synced devices too, regardless of the number of devices that happen to be local to you?
Do you use a second line of local backups/versioning to protect against that possibility?
As far as I know, if you just have the files as "Keep local" or whatever, Dropbox will still delete them locally if it's removed from Dropbox. The only exception is if you're also using the backup feature to backup certain folders on your machine that's not in the Dropbox folder.
Onedrive can't handle a ton of files without just breaking.. at least not up until a few years ago at best.
We have ~1 million files in our dropbox that we use for business. Lots of files change each day. And everything just works. It uses some CPU, but honestly for what it's doing it's not too bad. At least dropbox can handle it, other type of file syncing apps just stop working.
So for small-medium business I'm not sure what the alternative is to dropbox if you are file-system heavy unless it's just for throwing some random files here and there.
I still have it because of inertia. I don't even add stuff to it anymore, I just haven't bothered to go through it and make sure everything's copied somewhere else easily-accessible, yet.
I suspect that's the case for a lot of folks. I'm not sure it'd even make the top-5 of such services I'd consider, if I had none of them and were signing up for one today.
I've been using Dropbox for at least a decade and have no intention to jump ship (though summary execution of accounts does give me pause). The reason why I do so is...
* It works on absolutely everything. I have one foot in every major tech ecosystem and that immediately excludes anything platform-specific like iCloud. I also used to daily-drive Linux, which has no official OneDrive client, and the Google Drive client is notoriously bad on that platform.
* Mobile photo upload was extremely convenient when I first discovered it and it still works very well. If I need to take a picture of something I can use my phone and then grab the file on my desktop or laptop.
* The option to store everything locally still exists and is the default. If I get banned from Dropbox I will still have my entire Dropbox folder contents as they were present on my desktop's massive hard drive array. Backing up Google Drive in this way can be done, but only if you aren't using anything like Docs or Sheets, which can't be stored locally without a manual file export. Dropbox even tried to replicate this with Paper and I never touched it for exactly this reason.
For their specific job, Dropbox is still the best. Which is really sad considering what they do. They are the only one delivering a sane client, working well on multiple platforms, without any quirks like filename-hiccups and such. Though, my requirement is also to work on linux, so I might be a bit special. Though, OneDrive seems to now be pretty good on Windows and mostly on pair with Dropbox featurewise.
But on the other side, it's easier to lose your account with google or microsoft, so this might be another reason people preferred dropbox, till now.
Many of the VPS providers have a backup option. My personal preference is to have a VM at a few different VPS providers and a cron job that uses lftp to do a rsync-like replication between VPS providers using SFTP. The advantage of lftp over rsync is that I can sync between accounts that are chroot sftp-only with nearly identical capabilities of rsync. The lftp client can also break up one file into multiple TCP streams.
In the event a provider terminates my account I could not care less. The files will be at multiple providers and HAProxy will automatically remove them when the content validation health checks fail.
They typically don't spy on their customers as much as a service like dropbox does.
Before downvoting, ask yourself: When was the last time a VPS provider scanned the disk contents of their customers? And when was the last time they booted someone for using full disk encryption?
Meanwhile, dropbox proudly proclaims how they scan the contents of their users' files.
Edit: you substantially changed your comment after complaining about downvotes. That’s not cool. Note that you edited it.
VPS companies delete customer data for all kinds of reasons, just as arbitrarily as Dropbox. I’ve had VPSes at dozens and dozens of places over the years. I’ve seen them accidentally delete servers, purposefully disable stuff for what they claimed were hacked sites that weren’t actually hacked (so that’s scanning right there), I’ve seen them go out of business because the owner was 15 years old, I’ve seen them go out of business because they sold to Endurance or whoever, I’ve seen their data centers catch on fire — taking everyone’s data with it, I’ve seen them accidentally delete whole clusters.
And I excuse it in most of those cases because it is a VPS I pay a pittance for and don’t run production on, but the risk is always there. Trusting your data to Dropbox or OneDrive makes a lot more logical sense, especially if you aren’t knowingly violating any of their rules.
And yes, you can colocate. I’ve done that too. But I no longer have the energy to do that, especially if my box is in a data center I can’t physically access.
I backup about 5 different places because I’m always afraid of someone fucking me over. But for Dropbox to do this, is truly terrible. Especially for an unlisted rule.
Dropbox has invested in infrastructure to do things like index and search the contents of your files.
VPS provider doesn't even necessarily have read access to your data, and because you aren't relying on them for search/index features, encryption is much less expensive from a functionality standpoint.
Definitely not happening with my Synology NAS unless I rage quit and throw it out a window (and it backs up to Backblaze B2).
It is unfortunately more of a time commitment then paying for Dropbox (which I previously did, for years), but I won’t lose all my data because of them finding something to complain about with a hash of one of my files (or however they’re scanning content) and nuking my account. That’s simply not an option.
One is an objective statement of the world, the other is a subjective statement about you personally.
If these things mean the same to you, you're not parsing the English correctly, which points to a larger comprehension issue that further explains why you didn't get the original sarcasm.
>Of course I pointed and laughed at you, you were (and still are) acting very poorly towards others.
A non-confrontational mention that a tone marker would have helped, which you turned into an attack somehow (?), then you took pedantry to a new level (not uncommon on HN, but lol), and then after other insults on the OPs intelligence you say that they are acting poorly? What a laugh.
Communication is collaborative. If you can't accept the fact that sometimes someone might say "Hey, this would have helped me understand you better" without losing your mind over it, I feel sorry for anyone else you converse or collaborate with.
Shame on anyone who doesn't memorize comments from years ago. Or people with English as a 2nd+ language and may not glean the intricacies of written English that you think are so obvious.
That is not what he said, and again the misuse of quotations to make it seem like that's literally what he said is definitely not helping the situation.
It appears that you are now the one having trouble parsing English.
You know how in a book when fictional characters are talking how they use quotation marks to indicate that? In my comment, my fictional someone was talking, so I used quotes.
Perhaps you could stop telling me how to write my comments and stop telling me to change my writing behavior for your sake, just because you misunderstood?
I would argue that "failing" to interpret sarcasm in this context is generally the fault of the person employing sarcasm. With none of the other cues that are available IRL (tone of voice, body language, facial expression, etc.) there's very little to tell a reader what is meant to be taken literally, versus taken as sarcasm. So yeah, if a writer doesn't include /s or ⸮ or whatever, that's on them if their words are misunderstood.
I didn't understand the reference but I didn't have to quickly scan to other comments because the next comment mentioned that it was a reference.
I would also say that sometimes being exclusive can make a joke funnier to the in-group. Denoting your sarcasm can make humor less attractive, in the same way explaining a joke ruins it. Sometimes you want to be vague to see who catches the signals.
Some people, myself included, will react poorly when requested to perform additional work when additional work from the requester also could have been performed.
What evidence is there that "everybody" else did "get it"? And what does that even have to do with what I just said? Choosing to communicate poorly is a bad decision, even if some people happen - by chance - to understand you correctly in spite of that bad decision.
No need to talk down to my neurodiverse friends, they understand irony and sarcasm in written text just fine. The neurotypical ones sometimes miss it, though.
This whole long thread makes me sad. Not least because I kind of find myself agreeing that tone tags do take something away from the joke. Not to say the commenter is flawed somehow for not getting the context, I didn't either right away.
I can install drop box in under ten minutes. I don't have to manage security patches for all the binaries in the stack. My data is available in network edge locations close to me or the people I share it with. I can turn dollars into more storage very easily. I don't have to configure user permissions and groups in more than one place.
Also, what you described is not "sftp + cvs + vps" ;D
Can you right-click a large file (in your day-to-day file manager), hit Copy Link, and email the link to someone so they can download it (without having to give them any further credentials)?
Syncthing makes Dropbox look downright barbarian. Especially if you combine Syncthing with Android and a NAS or home server. iOS is... not really capable of sync outside Apple ecosystem. And this is true even with Dropbox. Not an Android fanboy. Just stating the fact. I take a picture on my Android phone and I don't have to think about it. It's now on my home server, it's encrypted, it's automatically backed up, etc. I have an app that takes a backup of my phone and puts it in a single file. Literally I press a button and my entire phone is backed up via syncthing. I use KeePass. My passwords are in sync at all times, on every device. There is also KDE Connect, which I have yet to try out.
Even before Syncthing, Unison existed since 1995. Which was the true free software version of Dropbox. You never needed a bunch of hacks to get automatic sync working on Linux. Syncthing is a bit easier to configure, IMO.
Syncthing + NextCloud + rsnapshot backups would have been my open-source alternative recommendation, but of course not everyone wants to take the time to learn that skillet, set that up, and maintain it.
You can get the whole package from Hetzner pre-configured, or just configure it yourself. I manage our team's nextcloud installation, and installing on bare-metal (sans containers) is a half day job at most.
Moreover Nextcloud supports WebDav which allows tools like Zotero to directly tap into that.
Would you say that the install and maintenance load for both systems (Dropbox vs packages containers) is the same?
Like, I'm confident my tech illiterate parents could get drop box running. Ease of use and UX are features.
I'm not saying the self hosted stack is bad, and in fact it's probably better in many ways. But it doesn't have the same feature set if you consider usability a feature, imo.
What does Syncthing add to the Nextcloud capabilities? (Honest question because I'm curious; I have a NextCloud & snapshot to encrypted S3 backup solution already.)
I admit I have not used NextCloud, but the hands-off automatic file-sync-between-devices that Syncthing provides has been transparent and seamless. It has required no babysitting after initial set up.
I have forgotten if NextCloud does this, because I don't use NextCloud at this time, nor have I.
As someone who recently migrated off of Dropbox, you can get most of the features with open source systems like Syncthing and a self hosted server.
The main complication to implement is encryption at rest for the data (I use luks2 on a hd and the fs of a raspi controller) and secure remote access (wireguard works really well and is easy to manage).
I wireguard into my remote systems and have Syncthing configured only to local network (no relays etc). It works beautifully; not missing dropbox at all.
I am still working out a viable alternative for things like document scanning, but I have no regrets owning my data.
Why a $5 VPS? Why not a $25 VPS in a reputable rackshack that has at
least triple off-site redundancy? You get what you pay for and the
choice isn't only between free and scuzzy, and cheap and scuzzy.
I just posted one of my own, and I agree with your sentiment.
I would like to see a future where humans achieve symbiosis with machines. Our brains acting as a limbic system to a larger sovereign machine entity. Still “you”, but more.
For such a thing to work, many ideas need to change. Data ownership, sovereignty, and the core philosophy in regards to machine-human augmentation needs to be reworked in groundbreaking ways.
As it stands, with megacorporations having no respect for individual access to their data on services at the whims of the corps, human machine symbiosis is about the scariest thing imaginable right now.
It's a common failure mode for a kind of products (SaaS) YC frequently funds. While it probably happens rarely, its consequences can be devastating for those affected, and thus it's a problem that needs fixing -- yet no progress seems to happen in the industry.
Overall, it's similar in relevance to security breaches. Awareness needs to be raised. Thus I'd argue it's relevant.
One thing that helps me think about which cloud services to use is the phrase "a stranger's house."
If I'm working on something important to me... how comfortable am I leaving it in a stranger's house? If I wouldn't be comfortable doing it, I always make a local backup. This saved my ass when I inexplicably lost access to an old Google Drive account. I lost a couple days of work, rather than a couple months. I still have no idea why that account was disabled.
It can't. False positives are a trade-off against the administrative, legal and regulatory burdens of not having such a system on a UGC-hosting site at scale.
You responded less than 60 seconds after I wrote my comment, the substance of which is unchanged. Organizing thoughts into words is a process for me, it takes a moment.
Then do the organizing and rewrite befor you submit the comment or include your updated thoughts in a way that marks them as new and leaves the original content.
I often add an edit immediately after I post, but unless it is fixing a typo, I always mark the edits.
Thanks for the tip. Apparently delayed comments don't appear on the site instantly, but do appear in the API instantly. https://i.imgur.com/ytWyvc3.png
This is a reflection of a poor commenting system. I would prefer for every online commenting system, including HN's, to allow one to see the version history of a comment. As things stand right now, commenting systems are biased in favor of revisionists.
Yes, it is a community standard that exists to work around a UX issue. I would agree that an edit history and an indicator that edits have been made would probably be an improvement.
That said, in the past when HN seemed to be doing something weird, dang usually has a pretty great explanation for why, so there might be a good reason for this choice as well.
I believe this is a common issue with automated copyright detection systems. Companies don't seem to care much as the grief caused by a false positive is almost completely offloaded to the user.
I would like for Dropbox to not know the contents of my dropbox.
Although in the olden days it was nice in that if they detected a matching hash of your file, it didn’t actually upload it, you just had it. So that was super handy. For pirating as well as for situations where I have the same file in multiple location. I legitimately have disk images in dropbox because cheap storage and having them immediately sync and be backed up was nice to save on bandwidth.
Yet another example of why we need a users bill of rights to give users some standardized legal recourse to discover the reasons for account bans and dispute them.
I like bringing up the Uniform Commercial Code [0] as a template for this kind of stuff. Where there’s a common goal and groups push for legislation in each state.
Sadly I’m not sure there’s a good advocacy group to push for this. Mozilla is funded by Google who definitely doesn’t want any user rights that conflict with their revenue. Maybe the EFF or FSF.
A state by state push would be one way to make this happen, but given that online companies and their users are often in different states, this does seem like the kind of interstate commerce that could be addressed federally.
I'm not hugely optimistic about this. It's possible that the pushback against tech will enable something like this to get passed, but I'm pretty sure that pushback is for purely for political points and not being done with any intent to actually change much.
If he uses it for work, and clearly, most shared links he creates are of copyrighted media content, how would this work in practice? Does Google Drive/Dropbox have some flag for "creator" accounts?
I don't have an answer for your question but from experience I can say that anecdotally most well known creators have their own infrastructure or outsourced infrastructure and legal teams. Content will not be deleted unless there are repeated egregious violations and complete refusal to remediate violations of the contract that their legal team agreed to. By contact I do not mean some thing that someone clickity-clicked their way through. I mean a contract that went back and forth between legal teams and signed/recorded by a public notary. In such cases deletions would always be done by a human. I have no idea why the Rick and Morty creators did not have such an agreement in place with Dropbox to prevent this scenario or if Dropbox even supports this model.
As a funny side story, at least I think it is funny... I used to manage the backend servers for Atari. The "Internet Police" used bots to send take down notices for copyright violations and emailed us saying to take down Atari's software because it was a copyright violation. Atari was our customer. This should have been obvious as the FCrDNS had their domain name in the PTR records. I found it hilarious but also saw how that was a bit of foreshadowing as to how the internet would devolve.
Rick and Morty isn't the only thing Justin works on. Likely this was his personal account and not something used specifically for that show. There's no mention of the show in his tweet.
Assuming this is copyright related... probably not. The only way this could be done in practice would be for Justin Roiland/Williams Street/Rick & Morty LLC/Cartoon Network/Warner Bros. to legally indemnify Dropbox - as in, agree to pay all of Dropbox's legal fees and damages if they get sued for copyright infringement outside of their DMCA 512 safe harbor. This is entirely impractical for an individual to pull off, and Dropbox might not even have a copyright indemnity policy for corporate clients.
Also, if anyone actually has a bone to pick with Dropbox over shared links, this is probably a very bad idea, because it would just be opening WB's far larger pockets to whoever Justin is pirating content from. There is no actual legal provision for "creators" to get away with copyright infringement that we cannot.
And let me be perfectly clear: It is not legal to copy media over any kind of file share, even privately within an organization, unless you have a copyright license, which they clearly don't. Censorship[0] on-demand in exchange for liability limitation is the world that all these media companies chose to live in. They screamed their heads off about the harms of noncommercial piracy over the Internet while also, apparently, pirating enough content internally that Dropbox needed to shut off their account. If they want their account back, then either pay for a license to every video file on that share or publicly lobby Congress to legalize file sharing.
Or this could have nothing to do with copyright and some internal spam filter just shat the bed very badly. The original linked tweet didn't clarify anything and Justin might just not even have anything to clarify with. I really hate how modern tech companies are allowed to do summary executions of accounts like this with no explanation.
[0] I am willing to accept the "copyright infringement is not speech" argument, which SCOTUS also does, but DMCA 512 still allows censorship of novel speech because the counternotice procedure is laughably inadequate.
bet you a dollar that they were taken down because they were sharing links to content they had created for Rick and Morty etc and Dropbox’s dumb algo just didn’t know that they were the creators of that content.
If that's the case surely they could have told him that was the reason. Otherwise we're talking about software engineers deliberately writing code to waste other people's time and make the Dropbox product look worse to their customers or prospective customers.
> Otherwise we're talking about software engineers deliberately writing code to waste other people's time and make the Dropbox product look worse to their customers or prospective customers.
Seems true-to-form. This has been Dropbox's product strategy for the last 5 years.
Dropbox only hashes files that they've gotten DMCA takedowns for. So WB told Dropbox "do not allow people to share Rick & Morty", and then got angry because they couldn't share Rick & Morty internally. This isn't a false positive, the algorithm is working exactly as intended.
Yes, because you need to be able to counternotify; this is why I was a little suspicious of the "it's a copyright problem" explanation. However, if they had ignored prior notices and continued infringing, then Dropbox needs to shut off their account because they're a repeat infringer, and that process might just look the same as any other TOS violation ban.
Surely he's the legal owner of much of it, unless you're trying to imply he doesn't do any creative work at all outside the scope of his current contracts.
I would be highly suprised if he doesn't have the right to distribute his work in a small scale non-commercially, especially as part of the process of creating that work.
You have made a huge and baseless assumption that there was any copyright infringement happening.
Hopefully this will stop HNers from linking everyone ye olde "this is why Dropbox is better than your nerdass solution" comment, and hopefully it vindicates everyone over the years who countered that argument by asking what happens when Dropbox deletes your account apropos of nothing...
I hope we're a long way away from VPS providers doing automated scanning for content rather than dealing with potential copyright infringement on a complaint basis.
This is an inevitable consequence from the push to make cloud companies responsible for the content they host. Analyzing all of it can only be automated; automation will deliver weird false positives.
I encountered a false positive where a pure text file made up of personal log entries was flagged by antivirus as malicious, and it started fighting me on trying to restore the file from a backup as well. Fortunately, I was eventually able to recover it, although I've forgotten how.
Probably my most memorable lesson in unexpected failure modes for complex, automated software.
Amazing that the Internet culture that vehemently opposed DRM and created things like bit torrent so quickly lined up behind algorithmic content moderation.
fans of bittorrent and fans of services with auto content moderation share at least one common factor: they are free to use. Many people are not motivated much further than keeping their hard earned cash.
I think that internet (that opposed drm) and this one are very different. The anti drm movement was more of a popular movement and this one is a reaction by large corporations to new legal regulations (or threats of more regulations). It’s hard to even think of those as the same “culture”
IMHO, the problem started when we all jumped on Gmail, knowing that there was no support, and if it broke, we got to keep both pieces. I watched my wife's account get taken over in real time a couple years ago. Ten years of personal and financial info, now in the hands of God-knows-who for God-knows-why. I simply deleted the account from her devices, and moved on. There was nothing I could do, and no one I could complain to about it. The WILD success of this model has led everyone else to do the same thing.
>> IMHO, the problem started when we all jumped on Gmail, knowing that there was no support
Back when Gmail was invite-only, most people used Hotmail or Yahoo Mail, which would offer a base level of (I think) about 50-100MB of storage at the time. If you wanted more storage; you'd have to pay for your email service - an idea I don't think anyone born past 2000 has even heard of.
Gmail came along, and suddenly offers us 1 GB of free storage, for free. This was around a quarter the size of some people's hard drives at this point.
Of course we didn't care if there was no support!
Are you kidding? I don't think Hotmail had support, either - (maybe I'm wrong?) - even if you paid for it; but here Google was offering a substantial value for anyone using any other existing mainstream email service, immediately.
They even had STMP and IMAP support, meaning you could use whatever client you preferred. Back in the day most people used computer-side email clients and had local backups of emails anyway - so if one went missing from Google's side it wouldn't be so bad.
There's a reason Gmail is still one of Google's strongest and unusually longest-lasting product of Google's. There's less reason now - but my God, when it was introduced it was an honest-to-God mindfuck as to how they were offering such a large amount of space and features for nothing.
Unsurprisingly, after funding the initial round of Google investment, the DoD would come back not much later to eavesdrop on the email and uploads delivered to gmail into that storage.
What i found is that darpa paid for research at a university and the students learned something from their project and then when they graduated they built something with their knowledge? It seems like the system of publicly funded research is working.
I don't think in-q-tel was one of the original VCs that funded google. Google acquired Keyhole some time after founding, and Keyhole was in-q-tel funded, so in-q-tel ended up getting google stock.
> it was an honest-to-God mindfuck as to how they were offering such a large amount of space and features for nothing.
Of course, now we all understand that they were harvesting all the personal data this gave them access to, in order to monetize it, and sell access to it to anyone who would write them a check.
And then we found out that this information was so valuable, and in such a concentrated place, that the CIA placed fiber taps on Google’s data center drops.
Have you ever tried to fight spam at scale? It’s trivial to block the 50% of obvious spam accounts, but we are at the stage of humanity where the activity of very dumb humans and the activity of very clever bots, EASILY overlap. A lot.
Bots will use proxies that use residential IPs, they will maintain session info (Cookies, User-Agents, etc) they will move the mouse and introduce jitter, their access patterns aren’t random but are engineered to work in the day night hours that match the geo-data of the IP they are using. They solve captchas, at the same rate that humans do (time, error rate)
Some human accounts look like bots. They sign up and upload a couple of files which immediately get high traffic. They use NordVPN so their public IP is shared by thousands of “known bots”, their access patterns are weird and unpredictable.
Yes, you can use machine learning to try and identify theses but then you end up with false positives and real people having problems like the poster above.
And on top of all that, bots are constantly subverting detection so whatever solution you have now won’t work next week.
No. It's not just to write the code. To fake a six-month legitimate use, the spammer also needs to run the code for six months, it takes lots of resource to do so.
To avoid detection, you can't just make API calls for six months. You have to run the official client on the machine for six months, and then the official client can collect more data on your usage pattern. Imagine the cost to run hundreds / thousands those accounts.
If you come up with an algorithm to reliably and enduringly distinguish a spam account with a legit account you will be a billionaire. It's the 20 foot wall, 21 foot ladder problem.
This chilling effect is already going on. I'm writing a science-fiction thriller and took most of my notes off Google Drive out of fear that they would misconstrue them as political extremism. If AI is being used for content moderation then this only raises the likelihood that a false positive is identified, devoid of any context, and I lose my entire Google account to an uncontactable bureaucracy.
I made a Nextcloud to host my references and storywriting notes. Nextcloud is horribly buggy, difficult to maintain, and has very poor user experience compared to Google Drive - but at least I don't need to worry about my entire digital life being auto-terminated by an overzealous robot, with no reasonable appeal process beyond "knowing enough people to make a stink".
always keep a copy outside of your home. my own writing is replicated on almost every device i have. it's the most valuable to me. more so even than photos which are just memories.
If you keep your files only on your devices and a home server, you are making yourself vulnerable to scenarios like the one discussed here very recently:
In a heavy fireproof box along with the birth certificate, and other important papers. If you want extra protection put that box in a larger safe. This really isn’t a difficult question to answer. If you are trusting a third party to store your things, when something happens to their service or they terminate your account randomly you have only yourself to blame.
Humans can have just as overzealous a response as those robots. In my senior year of high school, I developed a bit of a fascination with historical serial killers and turned in an assignment for AP English exploring the mindset, and my teacher promptly turned it over to the school's counseling service, and I was forced to see a counselor, questioned about violent tendencies, given a 0 on the assignment, and a C in the class. This was the same semester as the Columbine shooting, so I guess schools were on edge about students who might want to kill other students, which I definitely did not want to do, but apparently writing about people who want to do that kind of thing can easily be misconstrued as autobiographical. I almost didn't graduate because of that. Heck, one of my friends was expelled for possessing a switchblade comb because things that looked like weapons were banned. There was no appeal process for these infractions, either.
Honestly, that seems like a feature of many administrative processes, even those administered by government. So far, in the process of trying to become licensed as adoptive parents, my wife and I have been dropped twice now by licensing agencies, without any explanation of why or recourse to appeal the decision. As far as I can tell, the only way to gain the right to appeal a decision is to actually be convicted of a crime.
If anyone doesn't want to deal with hosting Nextcloud, Cryptpad.fr is a free option and in my experience the only issue is it's a bit slow and doesn't work nearly as well on mobile devices as G Suite
Well, European countries produce "studies" that say hate is effectively reduced and overblocking does not happen. Germany was leading here and the digital services act will copy the crap. No real relevant social networks in Europe and it only applies to platforms like Twitter and Facebook, but it is still silly legislation with negative effects.
All TOS violations on all platforms are always secret. They will never tell you what you did. We are all one secret violation away from digital homelessness. Being booted from Dropbox is probably one of the least bad boots you can get.
Not really. It’s unacceptable for Dropbox to know/inspect what content you’re storing, scan it for anything without you actively requesting they do so, and certainly to delete it.
This behaviour and any terms of service that allow it should be illegal. The fact that it goes on constantly is a scandal.
I kind of get both sides. They shouldn’t scan personal files at all but then again Dropbox files are also shareable and is kind of like YouTube in that way. So if in this case a guy has copyrighted content, which they own the copyright for, and are sharing copies of copyrighted content, how can an algorithm know it’s not some random person. It’s much more likely not to be the copyright owner than to be it. What’s the worst part imo is that there’s no recourse, no appeal process, no one to talk to for the mistake - except it seems via twitter.
Why shouldn't they be able to know/inspect/scan the content that they are physically storing?
I'm genuinely curious the logic.
From my perspective, they're a company providing a service and can determine the terms upon which they'll provide it. You don't have to use them if you don't like it.
Right to privacy. Companies have never had carte blanche to create any terms they like. Many types of contractual agreement are illegal or unenforceable.
Your landlord can’t just turn up and start rifling through your stuff, and the owner of your rented disk space shouldn’t be allowed to do the digital equivalent.
I quite like the landlord analogy. Landlords need to give notice before any termination action. Even if reasons are not given for termination, the tenant is warned and given time to prepare.
Another analogy might be a long term storage locker. You, the customer, place your belongings in the locker, and return a month later to find it empty. All your stuff was destroyed by the storage facility, because they found pirated movies among your belongings!
That won't keep your landlord from rifling your stuff if they think your legal foo is weaker than theirs, nor from claiming that they had the right to do it.
That depends on whether you share the content. In this case, there might be legal requirements for checking on the shared content, so dropbox can't avoid it.
But they might do something about how they handle this. Especially if it's an likely older account. Dropbox has many creators as customers. They should have more experience to handle this gracefully.
That's part of the problem itself. In most cases there ARE no communications about why an account was terminated, and it's impossible to get any unless you have enough influence to cause a messy public incident on Twitter.
Exactly. The BOM cost of a NAS with 3 2TB needs to be under $100. Even if we could somehow have 2TB 2.5" HDD for $30 BOM, three of them would have been $90.
How did you arrive at that target price? I find the Synology units to be a steal for what they offer. Its very hard to undercut this with a DIY build, best you could do is plug a USB drive into the wifi router I guess.
I use ResilioSync (formerly Bittorrent Sync) for my personal Dropbox-like stuff. The iOS client is sparse but functional, and it has clients for pretty much every OS I need, including arm Debian... so I have my 'not-quite-Dropbox' home on a Raspberry Pi.
We also use it to cross-backup photo libraries with an avid photographer friend who lives across town.
I wish governments imposed a support API on public cloud companies and forced them to triage requests 24/7, with the obligation to track them via open Grafana dashboards.
This would essentially eliminate any possibility of violating any terms of service as far as I can tell?
I'm not too comfortable putting any files on dropbox without some sort of encryption
fwiw, I've found that cppcryptfs is one of the better implementations of that sort though most (if not all) use the same library which seems to choke on certain files once in a while
And I bet doing that would also avoid what happened here -- account suspension for some unknown reason, but likely content related. If your content is encrypted, they can't drop you over it.
Of course at that point you're not using all of dropbox's features, and some other rsync-style solution may well be cheaper.
Reminds me of an incident we had with Dropbox a decade ago. They deleted some niche accounting software (custom developed by us) from our Dropbox account, plus their own log files covering those deletions. Then played ignorant.
We learned the lesson, and never again trusted Dropbox, for anything.
(Best guess - a would-be client got pissed when software which they'd never paid for lacked a feature, and told Dropbox a story.)
EDIT: Only executables & related distribution files were on Dropbox, not any source code. We lost nothing...except our trust in Dropbox.
EDIT2: Yes, as several others have kinda pointed out, this incident was a collision between (a) naive human expectations (of high-skill, high-touch, highly-invested customer service for such situations) and (b) the actual business model of any huge / cheap or free / convenient cloud provider of X (plus just "internet reality"). Sadly, I don't see that either (a) or (b) has changed in the past decade.
A copy of your data that can be easily modified (whether through bugs, malice, or even just you mistakenly deleting a file and Dropbox happily deleting it everywhere for you) is not a backup. It’s definitely way better than nothing, but people relying on Dropbox as the only “backup” will be in for nasty surprises occasionally.
Sadly this story could have happened with any big cloud provider.
Ideally there would be more regulation around the ability of big tech companies to shutdown your digital life through a mindless algorithm, with close to zero recourse. Unfortunately I don’t see anything happening unless someone really powerful (say a member of Congress) gets bitten by this.
The solution to this in my mind is self-hosting. Yes, right now that's the exclusive domain of tech nerds, but in theory there's no reason that an open source project can't come along and make this relatively easy for non-techies to set up for themselves (in a similar way to how, say, Squarespace made website creation easy).
I think the real hurdle in adoption would be that most non-techies don't even register their dependence on big cloud providers as a problem yet. But I expect the day is coming. Similar to how Mastodon saw an influx of Twitter users when Musk announced he was intending to buy Twitter.
The main issue is you can accidentally nuke your own source directory and it's possible to do so in non-obvious ways. This has happened to me a few times (though thankfully had backups elsewhere).
I don't think it is something that needs legislation.
But it definitely needs more publicity. And if there is something that will bring down "big tech", I think that's it.
"cloud providers" should be treated like something that can fail. We already don't trust hard drives, that's why we have RAID, we don't even trust RAID arrays, that's why we have backups, and we don't trust the place where backups are stored, that's why we have off-site backups. Dropbox (and Microsoft, Google, etc...) is also not to be trusted, just like your hard drive can crash or your servers can catch fire, Dropbox can delete your data. It is not the same mechanism (one is a chemical reaction, the other is a mindless algorithm), but the end result is the same: you lose your data.
But once you take that into account, the value proposition of big cloud providers takes a hit. Often, big companies justify the premium price they ask with reliability. I mean, no one expects companies like Microsoft to go bankrupt anytime soon, and they certainly know about backups and redundancy, but what's the point if all it takes for your data to disappear is an artificial brain fart. Suddenly, the server in your basement doesn't look so bad in comparison, and neither are the smaller companies that actually have people you can talk to.
The whole concept of ToS needs to be overhauled with vast amounts of practice that is currently considered acceptable thrown right in the fucking trash.
The idea that companies can change their ToS on a whim every day and push out walls of text that no one reads and everyone clicks through is insane. Why can't we modify the terms of agreement?
Let's start with that law, all ToS interfaces must include an interface for users to upload their own modifications and companies must have a human interpret them (not some shitty 'ai') and decide to accept them in a reasonable time frame, and if the company chooses to decline them they cannot ban the user from the service for this, the last ToS that they accepted must be the one that their interaction with the customer is conducted under. The entire process must be auditable by other by both sides and a neutral third party.
I'm sick of big companies hiding behind an opaque wall of bullshit, if this was a small town dispute between two individuals this would be transparently settled one way or another and that's exactly how it should be on the internet.
The laws haven't kept up with the times, and they haven't kept up with the creative ways people with money try to fuck over those without.
+1...but don't expect "$VVVIP bitten by this..." to change anything. Big cloud providers doubtless have Secret VIP Customer Service departments, to avoid that problem.
in a number of ways yes, depending on the amount of 3rd party attention devoted to the files, in my neck of the woods a 1 terabyte drive is worth ~ 100$
> plus their own log files covering those deletions
This is the really unreasonable part. Some convoluted internal process that ends up accidentally flagging a file as suspicious and then deleting it is bad enough, but still partially understandable if you're very conservative with assigning blame. But deleting the log files? Either extreme technical incompetence or plain malice.
I agree with Hanlon, but the size for basic audit ability is pretty small. Fileid, action, date, actorID. Maybe a bit more nice to haves. If it’s expensive store it for a couple weeks before archiving to cold storage.
Here’s another Hanlon, it wasn’t Dropbox that deleted the files it was an authorized user, OP or coworker, accidentally who forgot or wouldn’t fess up
Files that are stored in iCloud Documents will also not be backed up by Time Machine. Huge mess if you ask me. I therefore don't use iCloud Cloud storage anymore. It's just too complicated to reason about.
Sounds like an opportunity for a new company that abstracts away the actual different cloud providers, provides redundancy, and provides a security abstraction layer that prevents cloud hosts from knowing what their segments of files are for.
And when that service is abused for piracy, CP, and other illegal files; it will start the ball rolling that inevitably drags it down legally to the level that DropBox is at.
380 comments
[ 3.4 ms ] story [ 295 ms ] threadBut I just checked their filings, the 700M figure is indeed "registered" users, not "active" ones. Which makes a lot more sense. There are not a lot of services with 700M monthly active users out there.
Granted, it's kind of splitting hair considering it's still gonna be in the 9 figures, which is impressive regardless of where it is in that range.
Yet I still use Dropbox because it’s way more usable.
Running the OneDrive agent is a hobby and it spikes my machine a few times a day. Running Dropbox is something that just works and has worked for 10 years without me ever noticing the sync app (a good thing).
I avoid Google because I wouldn’t want my gmail to turn off because of an event like this.
I run on MacOS and my cpu has spiked twice today already. When I hear the fans, it’s usually OneDrive.
I don’t mind the cpu as I have lots but it might take 30 seconds to sync a new word document before I can share it, so that’s annoying.
With Dropbox it’s almost instantaneous and the file just syncs up.
I’m not sure what OneDrive is doing, but it’s harder to use. I don’t want to slow down and wait for OneDrive to sync before I work with others.
If you're using it for work to sync build dependencies or your build tree or similar, it's easy to accidentally end up exceeding those limits and watch it eat CPU time totally ineffectually. Ask me how I know!
Granted I haven’t run the windows client in a long time so I’m talking about my MacOS experience. But OneDrive on MacOS does all sorts of shenanigans. The funniest is when it logs me out and forces a hard resync. As a user, I never want that.
So yes, there are alternatives, many of which are free or included in other subscriptions, but they lack the focus of Dropbox, which Dropbox itself nearly lost when it tried to become something beyond file storage, versioning, and sharing.
I only use it for one of my lesser used domains and it is the worst email/app experience I have had in ages.
For some reason the outlook app went blank and had to resync. Missed a really important email. It gets like 100 MS update emails which have zero relevance to me and then it sends random emails I am not sure how to unsub from. It shows notifications for all those random emails and actual important ones get lost.
I got it for the 1TB storage space and teams(let me not even start on that). But now I am seriously considering moving that domain to gmail and zoom.
I also look after another one for a company with several 1000 users' safety docs on it. Nearly all the clients are mobiles and tablets using the native client. This NC is more of a one way thing where one dept uploads pdfs and the drivers and co read them on their tablets. Office staff point a browser at it.
Office document editing experience isn’t the best on mobile but I don’t use that feature anyway. Markdown editing works well.
https://docs.microsoft.com/en-us/microsoft-365/compliance/dl...
https://cloud.google.com/dlp/
It works for me because, in theory, all my data is on every HD in my house (which is really just two). So, I don't lose anything if Dropbox deletes my account; I've got it all locally.
That theory doesn't work anymore, however, because I have 399 GB of data in Dropbox and I don't duplicate it all to every machine anymore because of the size and the data transfer required to keep that much locally and in the cloud.
I really do need to start thinking about this again so that I can get it all duplicated locally.
Do you use a second line of local backups/versioning to protect against that possibility?
We have ~1 million files in our dropbox that we use for business. Lots of files change each day. And everything just works. It uses some CPU, but honestly for what it's doing it's not too bad. At least dropbox can handle it, other type of file syncing apps just stop working.
So for small-medium business I'm not sure what the alternative is to dropbox if you are file-system heavy unless it's just for throwing some random files here and there.
I suspect that's the case for a lot of folks. I'm not sure it'd even make the top-5 of such services I'd consider, if I had none of them and were signing up for one today.
* It works on absolutely everything. I have one foot in every major tech ecosystem and that immediately excludes anything platform-specific like iCloud. I also used to daily-drive Linux, which has no official OneDrive client, and the Google Drive client is notoriously bad on that platform.
* Mobile photo upload was extremely convenient when I first discovered it and it still works very well. If I need to take a picture of something I can use my phone and then grab the file on my desktop or laptop.
* The option to store everything locally still exists and is the default. If I get banned from Dropbox I will still have my entire Dropbox folder contents as they were present on my desktop's massive hard drive array. Backing up Google Drive in this way can be done, but only if you aren't using anything like Docs or Sheets, which can't be stored locally without a manual file export. Dropbox even tried to replicate this with Paper and I never touched it for exactly this reason.
But on the other side, it's easier to lose your account with google or microsoft, so this might be another reason people preferred dropbox, till now.
Also assuming the sun doesn’t end in a sudden heat death event.
Also assuming that my fingers aren’t removed in a thresher accident.
And assuming the provider has electricity.
Etc etc etc, it’s important to vet that services I pay for have SLAs and are competent.
This wouldn't happen with a $5 pitchfork and a stone threshing floor
In the event a provider terminates my account I could not care less. The files will be at multiple providers and HAProxy will automatically remove them when the content validation health checks fail.
Before downvoting, ask yourself: When was the last time a VPS provider scanned the disk contents of their customers? And when was the last time they booted someone for using full disk encryption?
Meanwhile, dropbox proudly proclaims how they scan the contents of their users' files.
VPS companies delete customer data for all kinds of reasons, just as arbitrarily as Dropbox. I’ve had VPSes at dozens and dozens of places over the years. I’ve seen them accidentally delete servers, purposefully disable stuff for what they claimed were hacked sites that weren’t actually hacked (so that’s scanning right there), I’ve seen them go out of business because the owner was 15 years old, I’ve seen them go out of business because they sold to Endurance or whoever, I’ve seen their data centers catch on fire — taking everyone’s data with it, I’ve seen them accidentally delete whole clusters.
And I excuse it in most of those cases because it is a VPS I pay a pittance for and don’t run production on, but the risk is always there. Trusting your data to Dropbox or OneDrive makes a lot more logical sense, especially if you aren’t knowingly violating any of their rules.
And yes, you can colocate. I’ve done that too. But I no longer have the energy to do that, especially if my box is in a data center I can’t physically access.
I backup about 5 different places because I’m always afraid of someone fucking me over. But for Dropbox to do this, is truly terrible. Especially for an unlisted rule.
VPS provider doesn't even necessarily have read access to your data, and because you aren't relying on them for search/index features, encryption is much less expensive from a functionality standpoint.
It is unfortunately more of a time commitment then paying for Dropbox (which I previously did, for years), but I won’t lose all my data because of them finding something to complain about with a hash of one of my files (or however they’re scanning content) and nuking my account. That’s simply not an option.
Maybe those have different meanings to you? They mean more or less the same to me?
If these things mean the same to you, you're not parsing the English correctly, which points to a larger comprehension issue that further explains why you didn't get the original sarcasm.
A non-confrontational mention that a tone marker would have helped, which you turned into an attack somehow (?), then you took pedantry to a new level (not uncommon on HN, but lol), and then after other insults on the OPs intelligence you say that they are acting poorly? What a laugh.
Shame on anyone who doesn't memorize comments from years ago. Or people with English as a 2nd+ language and may not glean the intricacies of written English that you think are so obvious.
You know how in a book when fictional characters are talking how they use quotation marks to indicate that? In my comment, my fictional someone was talking, so I used quotes.
Perhaps you could stop telling me how to write my comments and stop telling me to change my writing behavior for your sake, just because you misunderstood?
And not everyone else "got the joke". I'd assume many folks didn't get it, but didn't post.
I would also say that sometimes being exclusive can make a joke funnier to the in-group. Denoting your sarcasm can make humor less attractive, in the same way explaining a joke ruins it. Sometimes you want to be vague to see who catches the signals.
Some people, myself included, will react poorly when requested to perform additional work when additional work from the requester also could have been performed.
I dunno, communication is hard I guess :(
Name one feature thats not present in this stack.
Also, what you described is not "sftp + cvs + vps" ;D
Even before Syncthing, Unison existed since 1995. Which was the true free software version of Dropbox. You never needed a bunch of hacks to get automatic sync working on Linux. Syncthing is a bit easier to configure, IMO.
Ddg is your friend you know.
Syncthing + NextCloud + rsnapshot backups would have been my open-source alternative recommendation, but of course not everyone wants to take the time to learn that skillet, set that up, and maintain it.
Or are you saying, "well, with a completely different stack I can get closer to feature parity"?
Moreover Nextcloud supports WebDav which allows tools like Zotero to directly tap into that.
Like, I'm confident my tech illiterate parents could get drop box running. Ease of use and UX are features.
I'm not saying the self hosted stack is bad, and in fact it's probably better in many ways. But it doesn't have the same feature set if you consider usability a feature, imo.
1. You get a mail from your installation about the new version. Also desktop and mobile apps notify you.
2. You go to your "Settings -> Overview" click a button, enter your password. Upgrade starts.
3. Wait some.
4. "Disable maintenance mode and continue upgrade" button appears. Click it.
5. You're greeted with a "Start upgrade" button. Click it.
6. Wait some.
7. Page refreshes and you continue where you left.
No terminal, no commands, nothing.
I sometimes do it in the middle of the day. Nobody ever said, "Hey, uh, Nextcloud down?" yet.
Installation of the client is equally easy. You just need a URL addition to the username and password. The sync client is very competent too.
Our installation is facing outside and people are sharing public links and all. Not every member of the team is a sysadmin either.
I have forgotten if NextCloud does this, because I don't use NextCloud at this time, nor have I.
The main complication to implement is encryption at rest for the data (I use luks2 on a hd and the fs of a raspi controller) and secure remote access (wireguard works really well and is easy to manage).
I wireguard into my remote systems and have Syncthing configured only to local network (no relays etc). It works beautifully; not missing dropbox at all.
I am still working out a viable alternative for things like document scanning, but I have no regrets owning my data.
I'm suggesting a 30 line yaml file and the occasional `docker-compose pull && docker-compose up -d`.
https://news.ycombinator.com/item?id=9224
> Sorry, we're not able to serve your requests this quickly.
I upvote them because I think they expose an important issue that we need to address.
I would like to see a future where humans achieve symbiosis with machines. Our brains acting as a limbic system to a larger sovereign machine entity. Still “you”, but more.
For such a thing to work, many ideas need to change. Data ownership, sovereignty, and the core philosophy in regards to machine-human augmentation needs to be reworked in groundbreaking ways.
As it stands, with megacorporations having no respect for individual access to their data on services at the whims of the corps, human machine symbiosis is about the scariest thing imaginable right now.
Overall, it's similar in relevance to security breaches. Awareness needs to be raised. Thus I'd argue it's relevant.
If I'm working on something important to me... how comfortable am I leaving it in a stranger's house? If I wouldn't be comfortable doing it, I always make a local backup. This saved my ass when I inexplicably lost access to an old Google Drive account. I lost a couple days of work, rather than a couple months. I still have no idea why that account was disabled.
Edit: You completely rewrote you comment after I responded, that is considered bad form on HN.
I often add an edit immediately after I post, but unless it is fixing a typo, I always mark the edits.
I give myself 6 minutes to fluff around (or get bored of and delete) comments before they appear live for that same reason
I'll ping hn@ just in case
That said, in the past when HN seemed to be doing something weird, dang usually has a pretty great explanation for why, so there might be a good reason for this choice as well.
Although in the olden days it was nice in that if they detected a matching hash of your file, it didn’t actually upload it, you just had it. So that was super handy. For pirating as well as for situations where I have the same file in multiple location. I legitimately have disk images in dropbox because cheap storage and having them immediately sync and be backed up was nice to save on bandwidth.
Sadly I’m not sure there’s a good advocacy group to push for this. Mozilla is funded by Google who definitely doesn’t want any user rights that conflict with their revenue. Maybe the EFF or FSF.
[0] https://en.wikipedia.org/wiki/Uniform_Commercial_Code
I'm not hugely optimistic about this. It's possible that the pushback against tech will enable something like this to get passed, but I'm pretty sure that pushback is for purely for political points and not being done with any intent to actually change much.
As a funny side story, at least I think it is funny... I used to manage the backend servers for Atari. The "Internet Police" used bots to send take down notices for copyright violations and emailed us saying to take down Atari's software because it was a copyright violation. Atari was our customer. This should have been obvious as the FCrDNS had their domain name in the PTR records. I found it hilarious but also saw how that was a bit of foreshadowing as to how the internet would devolve.
At least not until you mass-share (maybe the case here?) them.
The problem is that we've ended up with a situation where copyright is automatically:
1. Assumed to be owned by media-corporations
2. Assumed to be wilfully violated by users
3. Assumed to be that deletion is the correct resolution
4. Assumed the USA to be the jurisdiction of the copyright holder and user
All of these assumptions should be challenged. This isn't a technical challenge, it's a legal one.
Special treatment for VIPs isn't the answer.
Also, if anyone actually has a bone to pick with Dropbox over shared links, this is probably a very bad idea, because it would just be opening WB's far larger pockets to whoever Justin is pirating content from. There is no actual legal provision for "creators" to get away with copyright infringement that we cannot.
And let me be perfectly clear: It is not legal to copy media over any kind of file share, even privately within an organization, unless you have a copyright license, which they clearly don't. Censorship[0] on-demand in exchange for liability limitation is the world that all these media companies chose to live in. They screamed their heads off about the harms of noncommercial piracy over the Internet while also, apparently, pirating enough content internally that Dropbox needed to shut off their account. If they want their account back, then either pay for a license to every video file on that share or publicly lobby Congress to legalize file sharing.
Or this could have nothing to do with copyright and some internal spam filter just shat the bed very badly. The original linked tweet didn't clarify anything and Justin might just not even have anything to clarify with. I really hate how modern tech companies are allowed to do summary executions of accounts like this with no explanation.
[0] I am willing to accept the "copyright infringement is not speech" argument, which SCOTUS also does, but DMCA 512 still allows censorship of novel speech because the counternotice procedure is laughably inadequate.
Seems true-to-form. This has been Dropbox's product strategy for the last 5 years.
Wow, you've made a huge assumption here.
You have made a huge and baseless assumption that there was any copyright infringement happening.
https://twitter.com/ResNeXtGuesser/status/153459613350625280...
Probably my most memorable lesson in unexpected failure modes for complex, automated software.
Back when Gmail was invite-only, most people used Hotmail or Yahoo Mail, which would offer a base level of (I think) about 50-100MB of storage at the time. If you wanted more storage; you'd have to pay for your email service - an idea I don't think anyone born past 2000 has even heard of.
Gmail came along, and suddenly offers us 1 GB of free storage, for free. This was around a quarter the size of some people's hard drives at this point.
Of course we didn't care if there was no support!
Are you kidding? I don't think Hotmail had support, either - (maybe I'm wrong?) - even if you paid for it; but here Google was offering a substantial value for anyone using any other existing mainstream email service, immediately.
They even had STMP and IMAP support, meaning you could use whatever client you preferred. Back in the day most people used computer-side email clients and had local backups of emails anyway - so if one went missing from Google's side it wouldn't be so bad.
There's a reason Gmail is still one of Google's strongest and unusually longest-lasting product of Google's. There's less reason now - but my God, when it was introduced it was an honest-to-God mindfuck as to how they were offering such a large amount of space and features for nothing.
The selling feature of Gmail was "Now you can keep all your mail and have a permanent searchable history of all your electronic communication".
"In-Q-Tel scouts the global market for commercially focused technologies with the potential to contribute to national security." - Source: iqt.org
Of course, now we all understand that they were harvesting all the personal data this gave them access to, in order to monetize it, and sell access to it to anyone who would write them a check.
And then we found out that this information was so valuable, and in such a concentrated place, that the CIA placed fiber taps on Google’s data center drops.
Also, can't they distinguish a spam account from a legit account based on the account history? I can't see why this is a difficult problem to solve.
Have you ever tried to fight spam at scale? It’s trivial to block the 50% of obvious spam accounts, but we are at the stage of humanity where the activity of very dumb humans and the activity of very clever bots, EASILY overlap. A lot.
Bots will use proxies that use residential IPs, they will maintain session info (Cookies, User-Agents, etc) they will move the mouse and introduce jitter, their access patterns aren’t random but are engineered to work in the day night hours that match the geo-data of the IP they are using. They solve captchas, at the same rate that humans do (time, error rate)
Some human accounts look like bots. They sign up and upload a couple of files which immediately get high traffic. They use NordVPN so their public IP is shared by thousands of “known bots”, their access patterns are weird and unpredictable.
Yes, you can use machine learning to try and identify theses but then you end up with false positives and real people having problems like the poster above.
And on top of all that, bots are constantly subverting detection so whatever solution you have now won’t work next week.
To avoid detection, you can't just make API calls for six months. You have to run the official client on the machine for six months, and then the official client can collect more data on your usage pattern. Imagine the cost to run hundreds / thousands those accounts.
I made a Nextcloud to host my references and storywriting notes. Nextcloud is horribly buggy, difficult to maintain, and has very poor user experience compared to Google Drive - but at least I don't need to worry about my entire digital life being auto-terminated by an overzealous robot, with no reasonable appeal process beyond "knowing enough people to make a stink".
Why do people always forget the 'cloud' is just someone else's computer.
Nothing important should ever exist solely on the 'cloud'.
I wouldn't even trust a backup copy sent to email, yet I see that constantly as well.
https://news.ycombinator.com/item?id=31652650 ("I've locked myself out of my digital life")
The article you referenced was getting locked out of accounts. We are speaking of having documents backed up, not google accounts.
The best way period would be to periodically backup to an external HD or even SD cards.
People need to get over this cloud bullshit years ago.
All of these problems have been solved since the advent of the internet, these are all self-imposed problems.
and where do you store those?
you really want multiple backups, and an encrypted cloud storage is one of them.
Honestly, that seems like a feature of many administrative processes, even those administered by government. So far, in the process of trying to become licensed as adoptive parents, my wife and I have been dropped twice now by licensing agencies, without any explanation of why or recourse to appeal the decision. As far as I can tell, the only way to gain the right to appeal a decision is to actually be convicted of a crime.
This behaviour and any terms of service that allow it should be illegal. The fact that it goes on constantly is a scandal.
I'm genuinely curious the logic.
From my perspective, they're a company providing a service and can determine the terms upon which they'll provide it. You don't have to use them if you don't like it.
Your landlord can’t just turn up and start rifling through your stuff, and the owner of your rented disk space shouldn’t be allowed to do the digital equivalent.
Another analogy might be a long term storage locker. You, the customer, place your belongings in the locker, and return a month later to find it empty. All your stuff was destroyed by the storage facility, because they found pirated movies among your belongings!
But they might do something about how they handle this. Especially if it's an likely older account. Dropbox has many creators as customers. They should have more experience to handle this gracefully.
Then you’ll need to buy disks
We also use it to cross-backup photo libraries with an avid photographer friend who lives across town.
It works very, very well.
I largely use https://github.com/bailey27/cppcryptfs with dropbox?
This would essentially eliminate any possibility of violating any terms of service as far as I can tell?
I'm not too comfortable putting any files on dropbox without some sort of encryption
fwiw, I've found that cppcryptfs is one of the better implementations of that sort though most (if not all) use the same library which seems to choke on certain files once in a while
Of course at that point you're not using all of dropbox's features, and some other rsync-style solution may well be cheaper.
We learned the lesson, and never again trusted Dropbox, for anything.
(Best guess - a would-be client got pissed when software which they'd never paid for lacked a feature, and told Dropbox a story.)
EDIT: Only executables & related distribution files were on Dropbox, not any source code. We lost nothing...except our trust in Dropbox.
EDIT2: Yes, as several others have kinda pointed out, this incident was a collision between (a) naive human expectations (of high-skill, high-touch, highly-invested customer service for such situations) and (b) the actual business model of any huge / cheap or free / convenient cloud provider of X (plus just "internet reality"). Sadly, I don't see that either (a) or (b) has changed in the past decade.
https://www.dropbox.com/backup
This should be their slogan.
In isolation that’s all backups.
In practice it basically just means 30 day recovery for any modifications/deletions.
I used to work there FWIW. Internally it's certainly considered a backup solution for customers.
Ideally there would be more regulation around the ability of big tech companies to shutdown your digital life through a mindless algorithm, with close to zero recourse. Unfortunately I don’t see anything happening unless someone really powerful (say a member of Congress) gets bitten by this.
I think the real hurdle in adoption would be that most non-techies don't even register their dependence on big cloud providers as a problem yet. But I expect the day is coming. Similar to how Mastodon saw an influx of Twitter users when Musk announced he was intending to buy Twitter.
https://docs.syncthing.net/users/versioning.html
But it definitely needs more publicity. And if there is something that will bring down "big tech", I think that's it.
"cloud providers" should be treated like something that can fail. We already don't trust hard drives, that's why we have RAID, we don't even trust RAID arrays, that's why we have backups, and we don't trust the place where backups are stored, that's why we have off-site backups. Dropbox (and Microsoft, Google, etc...) is also not to be trusted, just like your hard drive can crash or your servers can catch fire, Dropbox can delete your data. It is not the same mechanism (one is a chemical reaction, the other is a mindless algorithm), but the end result is the same: you lose your data.
But once you take that into account, the value proposition of big cloud providers takes a hit. Often, big companies justify the premium price they ask with reliability. I mean, no one expects companies like Microsoft to go bankrupt anytime soon, and they certainly know about backups and redundancy, but what's the point if all it takes for your data to disappear is an artificial brain fart. Suddenly, the server in your basement doesn't look so bad in comparison, and neither are the smaller companies that actually have people you can talk to.
"Can fail" is certainly true, just like a hard drive can fail.
But we'd all be rightfully upset if someone at Western Digital decided to some to our home and proactively delete files from our HDD.
Why not?
The whole concept of ToS needs to be overhauled with vast amounts of practice that is currently considered acceptable thrown right in the fucking trash.
The idea that companies can change their ToS on a whim every day and push out walls of text that no one reads and everyone clicks through is insane. Why can't we modify the terms of agreement?
Let's start with that law, all ToS interfaces must include an interface for users to upload their own modifications and companies must have a human interpret them (not some shitty 'ai') and decide to accept them in a reasonable time frame, and if the company chooses to decline them they cannot ban the user from the service for this, the last ToS that they accepted must be the one that their interaction with the customer is conducted under. The entire process must be auditable by other by both sides and a neutral third party.
I'm sick of big companies hiding behind an opaque wall of bullshit, if this was a small town dispute between two individuals this would be transparently settled one way or another and that's exactly how it should be on the internet.
The laws haven't kept up with the times, and they haven't kept up with the creative ways people with money try to fuck over those without.
> you have no rights
> you promise not to try and exercise any right you think you have
> you will not do anything the company doesn't like
> the company can do anything it wants whether you like it or not
> the company is not responsible for anything ever
> the company makes absolutely no guarantees about anything
This is the really unreasonable part. Some convoluted internal process that ends up accidentally flagging a file as suspicious and then deleting it is bad enough, but still partially understandable if you're very conservative with assigning blame. But deleting the log files? Either extreme technical incompetence or plain malice.
At dropbox's scale, guaranteed logfile durability is expensive, and retaining them indefinitely even more so.
They either got auto-deleted or they were never there in the first place.
Here’s another Hanlon, it wasn’t Dropbox that deleted the files it was an authorized user, OP or coworker, accidentally who forgot or wouldn’t fess up
Deleting files from Dropbox's servers, that's fine, deleting files from my computer that I uploaded to Dropbox, that's bad.
Not if “smart sync” is enabled on the folder.
https://help.dropbox.com/installs-integrations/sync-uploads/...
Source: https://eclecticlight.co/2022/02/21/can-you-back-up-icloud-d...
[1]https://blog.box.com/introducing-box-keysafe
[0] https://ipfs.io
[1] https://skiff.com
Expensive