View Single Post
Communication with the server defaults to secure (encrypted) HTTP just like your online banking sites use; the files are not encrypted on the server, though. (We wanted to preserve our ability to help folks with sync issues when/if they occur.)

The sync server has all the security/protection that our online store does, but we can't responsibly issue flat guarantees. Syncing with any server run by someone else is inherently less secure/private than doing so with a server you control yourself.

There's a tradeoff between security and convenience in cases like this that's up to each individual to make.