1Password and Dropbox

[Luba]

The 1password keychain is encrypted, but if I open the keychain file so I can use 1password or to look up info on my keychain on an open unsecure WiFi, could other people see my passwords and secure notes?

I believe read Dropbox stores all files encrypted, but that MobileMe does not encrypt them. Is that correct? But since the 1password keychain is already encrypted it's not necessary to have it stored encrypted like on Dropbox??

 

[BlueRevolution]

I'm not sure if Dropbox is remotely encrypted, but I doubt it. Back when CodeWeavers was giving away free copies of CrossOver, I downloaded the ~150 MB disk image files and put them in my Dropbox. The files were available online almost immediately because someone else had already uploaded a copy to their Dropbox account, so it just copied the files from one to the other so as to save server space on their end and bandwidth on mine. That's a fairly common process and there's no intrinsic security vulnerability involved (nobody can access your files by uploading random data of their own), but it does preclude server-side encryption.

Edit: It seems that Wikipedia disagrees with me, though.

However, since your keychain is already encrypted, there's no need to encrypt it again.