News

Dropbox Hacked

I realize it’s taken me a while to react to this, I guess for a couple of reasons.

By ownCloud GmbH

ownCloud secure cloud solution for filesharing

I realize it’s taken me a while to react to this, I guess for a couple of reasons. The first was that Dropbox really wasn’t “hacked” in the true sense of the word, but instead reverse engineered by “white hat” academicians.

What’s the difference? Well, for one thing it wasn’t done with malicious intent. And I don’t think it really exposed Dropbox – there was still layers of security left – it just made it clear that those other security layers were good to have.

Granted, as security blogger Michael Mimoso pointed out, the hack also demonstrated “how to use code-injection techniques to intercept SSL data, essentially hijacking Dropbox communication, as well as bypass two-factor authentication used to protect accounts.“

That’s a little scary.

Now, ownCloud, because it’s open source, doesn’t need to be reverse engineered. The code is there for all to see, poke at, improve or just comment on. And that actually is an important security layer for us – and for our customers. No surprise Trojans, no back doors – benign or otherwise, the code is what it is. Not just a layer of security, but in some sense another layer of control. We’re big about control here, not our control, your control.

I guess the second reason I held off commenting is related to the first – it’s sort of, “so what”? I mean, most code can be reverse engineered and of course in these paranoid post-PRISM days Dropbox would be a pretty big target. But I guess for businesses who have employees putting sensitive corporate data on Dropbox, it’s just another reason to maybe look at other alternatives.

ownCloud GmbH

September 9, 2013

Ready to see what’s next?

We care about protecting your data. Here’s our Privacy Policy.

Read now:

Ok, Go: New language, new partners

Ok, Go: New language, new partners

In September, we presented cool new partnerships that will make our upcoming ownCloud Infinite Scale work nicely with key open-source productivity suites. We explained our reasoning in switching to Go and how to get started with ownCloud using a virtual machine appliance.

read more
Remote education: Choose these 3 tools for distance learning

Remote education: Choose these 3 tools for distance learning

Call it virtual classroom, remote education or distance learning – if you want to teach partly or completely remote, you’ll need the right tools. We recommend three helpful open-source platforms that can help educators avoid high costs, data privacy nightmares and vendor lock-ins.

read more
New shiny things from all throughout this summer

New shiny things from all throughout this summer

In August, we had a lot of cool new things to present at ownCloud: Our partnership with NAS industry leader QNAP, our all-new website, a new major server release and a new iOS App release full of new functionality. And the Privacy Shield ruling from mid-July still reverberates across boardrooms and newsrooms.

read more