Dropbox Hacked

I realize it’s taken me a while to react to this, I guess for a couple of reasons.
ownCloud secure cloud solution for filesharing

I realize it’s taken me a while to react to this, I guess for a couple of reasons. The first was that Dropbox really wasn’t “hacked” in the true sense of the word, but instead reverse engineered by “white hat” academicians.

What’s the difference? Well, for one thing it wasn’t done with malicious intent. And I don’t think it really exposed Dropbox – there was still layers of security left – it just made it clear that those other security layers were good to have.

Granted, as security blogger Michael Mimoso pointed out, the hack also demonstrated “how to use code-injection techniques to intercept SSL data, essentially hijacking Dropbox communication, as well as bypass two-factor authentication used to protect accounts.“

That’s a little scary.

Now, ownCloud, because it’s open source, doesn’t need to be reverse engineered. The code is there for all to see, poke at, improve or just comment on. And that actually is an important security layer for us – and for our customers. No surprise Trojans, no back doors – benign or otherwise, the code is what it is. Not just a layer of security, but in some sense another layer of control. We’re big about control here, not our control, your control.

I guess the second reason I held off commenting is related to the first – it’s sort of, “so what”? I mean, most code can be reverse engineered and of course in these paranoid post-PRISM days Dropbox would be a pretty big target. But I guess for businesses who have employees putting sensitive corporate data on Dropbox, it’s just another reason to maybe look at other alternatives.

ownCloud GmbH

September 9, 2013

Ready to see what’s next?

Having trouble viewing or submitting this form?

Contact Us

We care about protecting your data. Here’s our Privacy Policy.

Read now:

ownCloud Infinite Scale 4.0 is released!

ownCloud Infinite Scale 4.0 is released!

ownCloud has launched Infinite Scale 4.0, the latest significant update to its secure content collaboration platform. This release introduces a range of new features and functionalities, including enhanced capabilities for importing data from third-party clouds, simplifying data upload, refining search functions with the use of tags and filters, and further enhancing user-friendly linking and navigation.

read more