This is a follow-up to the previous post, “Dropbox…opening my docs?”

As it turns out, Dropbox views/opens certain file types in order to convert them to a compatible format so they are easily accessible via web browser for its users. This makes sense and is common practice for many cloud storage services to provide the convenience of browser access while not needing any additional software to open these documents.

So at first, I was under the impression that only Dropbox had opened the HoneyDocs files. Now I realize the possibility that any cloud storage service (which provides thumbnail previews or allows access to certain types of documents within a browser) may also need to open these files and copy/index some of the content within. The other services could have been possibly blocking the external resources from being loaded within the documents that included the embedded links or disregarding them altogether. This turned out to be a theoretical security issue that Andrew Bortz (Security Team Lead at Dropbox) decided to address, as mentioned in this Hacker News thread.

Some additional privacy concerns are addressed here, “Three Reasons Why Dropbox Previews Are Security & Privacy Nightmares.” One suggestion that came up was to grant users the ability to disable this ‘preview’ functionality. That seems like a reasonable request, especially for users who exclusively use the desktop client and do not have much use for browser specific features on their accounts.

Because of all the official responses and statements, I certainly have a better understanding of the “effects of rendering low-quality previews.” I still plan on using Dropbox because it does certainly provide benefits, but I will also be more aware of what goes on in the background regarding server-side processes. With that said, I would recommend looking into Boxcryptor or TrueCrypt if privacy takes precedence over convenience in your situation.