Dropbox has File Smarts

I’ve noticed after uploading several files that Dropbox is now smart and can do an md5 hash check on other files that have been uploaded to their server.

How does this help you? Well, I’ll explain soon, but if you’re downloading a file that someone else has already downloaded and synced with Dropbox then it helps you tremendously!

Basically, Dropbox checks to see if anyone has previously uploaded theΒ exact same file in the past. If they have then you’re in luck!

If the md5 hash matches (I’m purely guessing that they use md5 since it’s the commonly accepted standard for file checking) then they simply “copy n’ paste” what someone else has already uploaded into your personal upload space!

This means that the 347mb file that you want to sync could take 10 seconds to be synced with your account even over a dial-up connection if someone else has already taken the time to upload it for the first time!

If you’re the first person to upload your file then you will certainly have to wait the due time for a proper upload, so don’t expect it with every file.

This is an ingenious move by the Dropbox team as it saves them tons of much needed bandwidth performance and instead pushes the workload to the server side “copy n’ paste” routine…which will perform much faster than your dial-up or simple broadband connection.

Imagine the speed of uploading a 10mb file to Dropbox verses copying that same file from one folder on your hard drive to another folder on your hard drive. That is similar to the performance that you can expect.

It also obviously saves you time since you can sometimes drag n’ drop a large file…blink…then it’s done.

Don’t worry, your files are safe. Chances are slim that someone will upload a file that matches yours in filename and md5 hash code, …but it could happen.

It’s been proven that the md5 hash is insecure, but the chances of someone uploading a file that is recognized as one of yours is very very…(repeat as needed)…very slim.

Honestly, the biggest thing to worry about is the fact that if you delete a private file, someone else could happen to upload a file matching the filename and md5 hash and automatically have access to a file that you uploaded ages ago.

I’m current unaware of how long Dropbox caches the files that you store using their service, but I know that some files that I’ve uploaded in the past and deleted now have been removed from the server…so security is fairly assuring.

While it’s a little creepy and it sounds dangerous….it’s highly improbable.

On the Dropbox teams side, saving bandwidth means that you have that much extra bandwidth to upload content that you need sync’d. Bandwidth is very important these days especially considering that many of us are uploading videos (whether they be family or leisure) and music. Many of these files can range from 3mb for music up to 10gb for video (and blu-ray will bring even higher filesizes :P).

Of the sync services that I’ve used (and it’s been a lot so far), Dropbox is by far the front runner. With the features that they offer that you’re not normally aware of, they already pass up the competition hands down. That’s just my own personal opinion.

I’m currently on the free service (2gb), but I would highly suggest that you purchase their pay-for service that gives you up to 50gb of online storage if you’re one to upload a lot or need a lot on the go.

At the very least give them a try and download the Dropbox application. I’m sure anyone could take advantage of the free 2gb package that they offer online to backup important documents or whatever it may be. πŸ˜‰

Rest assured that if you’re using Dropbox then you’re also using one of the best available sync services to be established thus far! Free space never hurt anyone. πŸ˜‰

3 thoughts on “Dropbox has File Smarts”

  1. using Safari 4 Safari 4 on Mac OS X 10.6 Mac OS X 10.6
    Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10

    I’d really like to know if they use other peoples’ files with md5 matches instead of just your own (may be worth some testing). Seems like though it’s insanely improbable it could present some security issues if you happened to have an md5 collision with filename, size, and hash match. I know for sure that they use your own (Mozy does as well) because I’ve had to restore some computers and dropbox didn’t reupload everything (although at first it said “uploading 81456 files…”).

  2. using Google Chrome 5 Google Chrome 5 on GNU/Linux GNU/Linux
    Mozilla/5.0 (X11; U; Linux i686; en-US) AppleWebKit/533.4 (KHTML, like Gecko) Chrome/5.0.375.125 Safari/533.4

    I suspect they are using md5 and they are copying the exact same file over and over again. I mean why would they create a copy of the file when they can just simply create a link (if we consider it as a file system) to the actual file. This way, they save some bandwidth as well as disk space…

  3. using Firefox 4 Firefox 4 on Windows 7 Windows 7
    Mozilla/5.0 (Windows NT 6.1; rv:2.0.1) Gecko/20100101 Firefox/4.0.1

    They use SHA256 and due to the recent attention to Dropbox’s security flaws exposed by Dropship, they have disabled file block sharing across users

Leave a Reply