By Richi Jennings. April 26, 2011.
Updated: Reports earlier this week from several open-source developers made worrying reading. Cloud-filesystem-darling Dropbox has allegedly been censoring and making crass legal threats against an open source project, Dropship, by misusing the DMCA. The affair has also uncovered what seem to be idiotic, insecure practices at Dropbox, which bring serious implications for enterprises whose users rely on Dropbox. Let's get closer to the truth, by taking The Long View...
First some background: a Dutch open-source developer, Wladimir van der Laan, created a project called Dropship. It allows a Dropbox user to refer to, and hence transfer, existing files by reference to their hashes. If someone else uploaded a file and published its hashes, you could make it magically appear in your dropbox, and so could anyone else.
A neat hack (in the classical sense of the word), but not appreciated, it would seem, by Dropbox; van der Laan and other developers were soon on the receiving end of DMCA takedown notices, which appear to be spurious. As if that wasn't bad enough, Dropbox's justifications for this censorship make little or no sense to this author (nor to several of the developers thus censored).