I haven’t written about Dropbox’s security problems; too busy with the book. But here’s an excellent summary article from The Economist.
The meta-issue is pretty simple. If you expect a cloud provider to do anything more interesting than simply store your files for you and give them back to you at a later date, they are going to have to have access to the plaintext. For most people — Gmail users, Google Docs users, Flickr users, and so on — that’s fine. For some people, it isn’t. Those people should probably encrypt their files themselves before sending them into the cloud.
EDITED TO ADD (6/13): Another security issue with Dropbox.