I haven’t written about Dropbox’s security problems; too busy with the book. But here’s an excellent summary article from The Economist.
The meta-issue is pretty simple. If you expect a cloud provider to do anything more interesting than simply store your files for you and give them back to you at a later date, they are going to have to have access to the plaintext. For most people—Gmail users, Google Docs users, Flickr users, and so on—that’s fine. For some people, it isn’t. Those people should probably encrypt their files themselves before sending them into the cloud.
EDITED TO ADD (6/13): Another security issue with Dropbox.