{"id":7555,"date":"2013-09-09T14:26:36","date_gmt":"2013-09-09T12:26:36","guid":{"rendered":"https:\/\/owncloud.com\/?p=7555"},"modified":"2013-09-09T14:26:36","modified_gmt":"2013-09-09T12:26:36","slug":"dropbox-hacked","status":"publish","type":"post","link":"https:\/\/owncloud.com\/de\/blogs\/dropbox-hacked\/","title":{"rendered":"Dropbox Hacked"},"content":{"rendered":"<p><!--:en-->I realize it\u2019s taken me a while to react to this, I guess for a couple of reasons. The first was that Dropbox really wasn\u2019t \u201chacked\u201d in the true sense of the word, but instead reverse engineered by \u201cwhite hat\u201d academicians.<\/p>\n<p>What\u2019s the difference? Well, for one thing it wasn\u2019t done with malicious intent. And I don\u2019t think it really exposed Dropbox \u2013 there was still layers of security left \u2013 it just made it clear that those other security layers were good to have.<\/p>\n<p>Granted, as security blogger <a href=\"http:\/\/threatpost.com\/researchers-reverse-engineer-dropbox-client\/102144\" target=\"_blank\" rel=\"noopener\">Michael Mimoso pointed out<\/a>, the hack also demonstrated \u201chow to use code-injection techniques to intercept SSL data, essentially hijacking Dropbox communication, as well as bypass two-factor authentication used to protect accounts.\u201c<\/p>\n<p>That\u2019s a little scary.<\/p>\n<p>Now, ownCloud, because it\u2019s open source, doesn\u2019t need to be reverse engineered. The code is there for all to see, poke at, improve or just comment on. And that actually is an important security layer for us \u2013 and for our customers. No surprise Trojans, no back doors \u2013 benign or otherwise, the code is what it is. Not just a layer of security, but in some sense another layer of control. We\u2019re big about control here, not our control, your control.<\/p>\n<p>I guess the second reason I held off commenting is related to the first \u2013 it\u2019s sort of, \u201cso what\u201d? I mean, most code can be reverse engineered and of course in these paranoid post-PRISM days Dropbox would be a pretty big target. But I guess for businesses who have employees putting sensitive corporate data on Dropbox, it\u2019s just another reason to maybe look at other alternatives.<!--:--><\/p>\n","protected":false},"excerpt":{"rendered":"<p>I realize it\u2019s taken me a while to react to this, I guess for a couple of reasons.<\/p>\n","protected":false},"author":15,"featured_media":78665,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","inline_featured_image":false,"footnotes":""},"categories":[48],"tags":[],"class_list":["post-7555","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"acf":[],"_links":{"self":[{"href":"https:\/\/owncloud.com\/de\/wp-json\/wp\/v2\/posts\/7555","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/owncloud.com\/de\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/owncloud.com\/de\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/owncloud.com\/de\/wp-json\/wp\/v2\/users\/15"}],"replies":[{"embeddable":true,"href":"https:\/\/owncloud.com\/de\/wp-json\/wp\/v2\/comments?post=7555"}],"version-history":[{"count":0,"href":"https:\/\/owncloud.com\/de\/wp-json\/wp\/v2\/posts\/7555\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/owncloud.com\/de\/wp-json\/wp\/v2\/media\/78665"}],"wp:attachment":[{"href":"https:\/\/owncloud.com\/de\/wp-json\/wp\/v2\/media?parent=7555"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/owncloud.com\/de\/wp-json\/wp\/v2\/categories?post=7555"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/owncloud.com\/de\/wp-json\/wp\/v2\/tags?post=7555"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}