There are probably two different things I was trying to comment on also.
Second, the "Weak Link" question. This is very much a matter of implementation details. I'm not saying this service is or is not implemented securely; it's really more of a question. It is possible to implement a hosted service in a way that blocks even the service host from accessing user data; is this sharing service implemented in such a way or is it broken by intent/accident?
Lastpass and Spideroak where offered as examples of hosted services implemented properly to keep even the service provider out of the user's data. Services that would be discounted as "cloud" even though they do not share the design flaws that other hosted services choose to include. If you have found weak links in them though, that would be huge news.
Keep Up with TechRepublic