News

Dropbox Hacked

I realize it’s taken me a while to react to this, I guess for a couple of reasons.

By ownCloud GmbH

ownCloud secure cloud solution for filesharing

I realize it’s taken me a while to react to this, I guess for a couple of reasons. The first was that Dropbox really wasn’t “hacked” in the true sense of the word, but instead reverse engineered by “white hat” academicians.

What’s the difference? Well, for one thing it wasn’t done with malicious intent. And I don’t think it really exposed Dropbox – there was still layers of security left – it just made it clear that those other security layers were good to have.

Granted, as security blogger Michael Mimoso pointed out, the hack also demonstrated “how to use code-injection techniques to intercept SSL data, essentially hijacking Dropbox communication, as well as bypass two-factor authentication used to protect accounts.“

That’s a little scary.

Now, ownCloud, because it’s open source, doesn’t need to be reverse engineered. The code is there for all to see, poke at, improve or just comment on. And that actually is an important security layer for us – and for our customers. No surprise Trojans, no back doors – benign or otherwise, the code is what it is. Not just a layer of security, but in some sense another layer of control. We’re big about control here, not our control, your control.

I guess the second reason I held off commenting is related to the first – it’s sort of, “so what”? I mean, most code can be reverse engineered and of course in these paranoid post-PRISM days Dropbox would be a pretty big target. But I guess for businesses who have employees putting sensitive corporate data on Dropbox, it’s just another reason to maybe look at other alternatives.

ownCloud GmbH

Settembre 9, 2013

Ready to see what’s next?

Having trouble viewing or submitting this form?

Contact Us

We care about protecting your data. Here’s our Privacy Policy.

Read now:

Nessun risultato

La pagina richiesta non è stata trovata. Affina la tua ricerca, o utilizza la barra di navigazione qui sopra per trovare il post.