Dropbox has every encryption key used with Dropbox, so they can decrypt any file. Both transport keys and storage keys. Dropbox does at least (allegedly) encrypt stuff for storage, so they can RMA hard drives without having to destroy them first, but that's pretty meaningless.
There are some (flimsy) reasons for Dropbox to have copies of all storage keys (a web UI, which only some users use). Dropbox has done a good job of misrepresenting how their security worked for the past ~4 years to mislead people into trusting it, though.
This is mostly why I don't use Dropbox whenever I have a choice.
I would suggest Spider Oak, however, their support is not timely and there's currently a bug in the Windows 8 client that doesn't let it work. But if they get those issues sorted it could be a decent service.
Could someone please tell me why I can't reply to any comments that are below the third level? The reply link simply disappears!
Edit: Now that I've made this statement there's a reply to gknoy, but not the ones below him or to o0-0o. This is really weird.
Edit 2: Upon refreshing, there's now a reply link to o0-0o but not the other ones below gknoy.
You can just click on the "link" link and then reply from there, instantly.
(I kind of hate the feature, since most of the time "you suck" "no, you do" "no, you do" only goes on a few levels, so the exponential delay isn't an issue, but an actual technical discussion goes deeper. False positives and false negatives. :( )
They were on S3 at one point in time (and pretty widely known as the biggest S3 customer). I'm not sure if they are on S3 today. This may depend on when you interviewed.
From the caliber of engineers I talked to, I can't imagine them bringing storage in house without some major churn. It is a sea of fresh CS grads with no real world operational experience.
Do something for mobile please? You're one of the most trustworthy providers, particularly if you build things on mobile so we don't necessarily need to trust you...
We're genuinely interested in what you mean by this ...
Android devices are unix devices, and (I assume) either have ssh/scp/sftp/rsync in their userland or it can easily be placed there...
If I had a modern phone, which I do not[1], I would probably just load duplicity[2] on it ? But now that I think about it, in the same way that I have zero data on my laptop, I assume I would also have zero data on my phone ?
It's trivial for desktops. I personally like AeroFS the best, but you could use anything and layer crypto on top of it, or use something with a painful UI like tarsnap, or build your own, or really whatever. Wuala/SpiderOak are fine too, but kind of suck for non-security reasons in my limited experience with them, compared to Dropbox or AeroFS. (I personally just use rsync and NFS over VPN, though.)
The problem is mobile. Due to some questionable decisions made by especially Apple but also earlier with Google, you really need every single app to write to your cloud storage provider's API. Dropbox is unquestionably the leader there; iCloud on iOS seems to do ok for newer apps. Neither provides meaningful encryption. Requiring every app developer to figure out encryption and manage keys on his own and then handle that on top of the Dropbox API is also insane.
Arguably Apple has a lot of ways to pwn iOS users already, so I'd consider trusting Apple and iCloud to not be that much worse than just trusting iOS, but it is still bad (and most of the bad things Apple can do to you either involve signing bad things, then requiring an active step by the user or MITM, or doing things like retaining device keys at manufacture time and subsequently seizing the devices, or having some deeply-buried backdoors which probably require physical access or are exceedingly infrequently used.)
There's really no good solution for mobile now. You could probably build something fairly non-shitty in the Android world, although I don't know enough about how applications share files and interoperate to know if it would need to be a per-user-app integration. On non-jailbroken iOS, it's pretty clear you'd need to develop a new API which did client-side crypto, key management, etc., on top of file sharing. It would be a pain, and even more of a pain if you wanted to avoid fully trusting Apple in the process.
The best solution right now is "no data lives on the phone", rather than trying to sync; use some kind of web or app which just uses transport crypto to interact with a server but never stores anything locally. If you trust the OS a lot, you could do something like what Good Technologies does and try to sandbox your data within a specialized app like that.
There are some (flimsy) reasons for Dropbox to have copies of all storage keys (a web UI, which only some users use). Dropbox has done a good job of misrepresenting how their security worked for the past ~4 years to mislead people into trusting it, though.
This is mostly why I don't use Dropbox whenever I have a choice.