You don't have to trust the single cloud provider to encrypt and not be able to spy. The vault is encrypted on your own device using fully open software, and the cloud only ever sees a blob they have no keys to, directly or indirectly. The encrypting/decrypting software was not written by the cloud provider.

You don't have to trust any single cloud provider to stay up, be available in your country, stay friendly to you. If Dropbox goes down or kills your account, you just flip to any of 20 other options.

You say you don't understand why someone prefers Dropbox over the special custom syncing, but I don't understand what the excuse is for a special vendor-specific implimentation of something that is already generic and agnostic. It's like using a browser that uses it's own version of http to download files and only works with one web site that has the matching special server.

It's not a remotely equivalent comparison between "one cloud" and "another cloud". One is a single vendor-specific, custom purpose, single-provider thing, the other is agnostic and infinite, use any method you want from any provider you want any time you want.

For me it's not about "mitigating a real or percieved threat". It's just basic system resilience and principle to avoid special things and prefer generic/agnostic things, and keep concerns seperated. But it is also more secure not to trust any integrated cloud provider, vs having the cloud be just storage that doesn't know anything about the blob being stored, and can't even if they turn bad, or are pressured by a government, or get hacked, etc.