Think I'll be switching to SpiderOak. Luckily I have nothing private on my Dropbox store.
http://nakedsecurity.sophos.com/2011...-in-as-anyone/
Think I'll be switching to SpiderOak. Luckily I have nothing private on my Dropbox store.
http://nakedsecurity.sophos.com/2011...-in-as-anyone/
damn all my Sara Jean Underwood pictures gone ......
TBH this could happen to any provider - as the article states, Facebook made a similar error last year.
Dropbox is very convenient, but anything sensitive I store in a truecrypt container and store that on Dropbox.
(\__/)
(='.'=)
(")_(")
![]()
Been helped or just 'Like' a post? Use the Thanks button!
My broadband speed - 750 Meganibbles/minute
It can't happen if they do proper client-side encryption and don't store the keys - the security they (Dropbox) imply is a fantasy. Sure, they can still lose/corrupt data but nothing would be viewable by a third party.
Last edited by watercooled; 09-07-2011 at 11:06 AM.
That may be true, but the issue in this case was that the authentication mechanism was broken for a time so anyone could log in. Now if the keys were stored locally (and not held by Dropbox, that would prevent decryption, but would also make sharing harder to do - and one of the selling points of DB is the sharing facility, either between computers by one user, or different users. And it is very good for that.
Despite aidanjt's assertion above, cloud technology is still evolving, and my major concern is that the cloud is fine, while the service provider is still operating. But it is because of the sy concerns for sensitive stuff that I encrypt anything sensitive before uploading it to Dropbox - photos I don't really care.
I hadn't realised though that Dropbox uses Amazon's S3 storage for user files.
(\__/)
(='.'=)
(")_(")
![]()
Been helped or just 'Like' a post? Use the Thanks button!
My broadband speed - 750 Meganibbles/minute
There are currently 1 users browsing this thread. (0 members and 1 guests)