Disclosure: I have designs on entering this space with my own apps. (thanks for providing me additional motivation to hustle!)
1. Opening up the crypto implementation is a very smart move. Whenever I talk to my wife about building crypto tools, her first question is "Why should people trust you?"
2. Think critically about first user impressions w.r.t. stuff like fonts, the tone of your text, etc. Per the above, you're asking people to trust their data to you. "ur Dropbox" might not give them that safe feeling they're looking for.
3. Another question to be wary of is "why not just use an encrypted disk image." I think you're handling some of that by promoting the ability to share files, but think about answering that question more directly in a FAQ.
an encrypted disk image also means the entire disk gets uploaded to dropbox every time any content on that disk changes, causing long uploads and bandwidth issues if the disk is big enough.
For those looking for alternatives, I have been using Boxcryptor and it has been excellent. It includes a few more options (e.g. file name obfuscation).
Few things which led us to avoid file name obfuscation
. File versioning: Dropbox does a great job in versioning, so we wanted retain that flexibility.
. Collaboration for teams: This is one of the most important things that we wanted to address. So keeping file names as is the most simplest solution we could make use of.
Also, we are using keys. So strength of the password is a non issue and makes it much much harder to device a rainbow table attack.
21 comments
[ 0.30 ms ] story [ 52.1 ms ] threadAlso in your "how it works" s/loosing/losing.
Keep in mind that you are breaking dedup, which is likely to make dropbox sad. Probably not sad enough for them to do anything useful though.
Thanks. Fixing the typo.
How do you create the "folders" that people see? (ui wise?) And hide the encrypted counterparts?
I tried to capture a how a typical working session might look like. http://www.youtube.com/watch?v=uF-uRQtT49U
1. Opening up the crypto implementation is a very smart move. Whenever I talk to my wife about building crypto tools, her first question is "Why should people trust you?"
2. Think critically about first user impressions w.r.t. stuff like fonts, the tone of your text, etc. Per the above, you're asking people to trust their data to you. "ur Dropbox" might not give them that safe feeling they're looking for.
3. Another question to be wary of is "why not just use an encrypted disk image." I think you're handling some of that by promoting the ability to share files, but think about answering that question more directly in a FAQ.
Overall, lots of potential here.
#3 encrypted disk image doesn't allow collaboration. That was one of the main things as I set out to solve.
edit: sorry if it came off as rude. in a meeting and replied in a rush.
Truecrypt would also work. Does dropbox do binary diff syncs?
. File versioning: Dropbox does a great job in versioning, so we wanted retain that flexibility.
. Collaboration for teams: This is one of the most important things that we wanted to address. So keeping file names as is the most simplest solution we could make use of.
Also, we are using keys. So strength of the password is a non issue and makes it much much harder to device a rainbow table attack.
After installation it wouldn't synchronize folders, being on Windoze closing and starting again your app did the trick.
The people interested in security solutions would happily pay much more than $1 I would think.