That's pretty misleading. That article is judging what is written in the publicly stated privacy policy of each company.

EFF has in no way verified the privacy policy is actually honored or that back-doors aren't installed in the companies' datacenters.

And let us not forget about the whole Drop Dropbox scenario which was very popular on HN at the time it was released: http://www.drop-dropbox.com

And that Dropbox was one of the companies in the whole PRISM scandal.

I still use it, mostly to transfer files between my devices, but there's no way I'm gonna be using it for anything sensitive. Everything sensitive goes to my organization's ownCloud installation which I completely trust since... well, I'm the one maintaining it.

Drew Houston, CEO of Dropbox, did all but admit it. http://techcrunch.com/2014/11/04/dropboxs-drew-houston-respo...

Unlike Google, Microsoft and Slack, Dropbox does have the top, 5 star, EFF rating for protecting your data from the government... I'm not sure what more they could be doing.

Edit to add link to EFF ratings: https://www.eff.org/who-has-your-back-government-data-reques...

Are we THAT forgetful? http://kiledjian.com/main/2013/6/7/nsa-is-using-google-faceb...

Dropbox was listed on PRISM documents. Are you kidding me?

They could do client side encryption.

Their profitability depends on being able to dedupe and compress data across all customers. They would need to raise prices significantly to make client side encryption a built in feature.

You trust the end users to back up their private keys?

I don't care what other people do. I want client side encryption!

Then use tarsnap already. Bonus: it is owned by our own cperciva.

tarsnap is nerdish, secure and reasonably priced for what it provides IIRC. Haven't used it though but expect someone would have yelled out here if it was bad. (In fact the only one I've seen bashing it was patio11, -because it was too cheap and too nerdish.)

tptacek also complains that tarsnap is too nerdish. :-)

At least on Linux/OSX/Android, you can use encfs to have a encrypted directory tree.

Spideroak can do it without private keys to back up.

Thanks for adding facts. Do they still have that questionable(?) politician on the board?

As the recent Schrems case in the CJEU said, any data held in the USA is no secure.

Sold did a good job on this... See "What was Sold?"

http://www.usesold.com

It only uses wifi by default.

You don't need to use Carousel to be on the receiving end. If the recipent isn't a Carousel user, they receive a link to a nicely formatted gallery page with the option to download all the photos in a zip file or copy them to their Dropbox.

Mildly correct.