p
pwarren
Jun 21, 2011

Will Dropbox start paying attention to their security?

Earlier this week, Dropbox accidentally turned off password authentication for its 25 million users for a four-hour period. This, on the heels of an FCC investigation into whether their CEO lied when he told the media that Dropbox was encrypting users data, which we later learned they were not doing. What will it take for them to get serious about securing their operation?

s
sandeepseeram
05/21/2012

Please check this article:

http://blog.agilebits.com/2011/04/20/dropbox-security-questions/

 

which can help you to determine the security challenges for dropbox

 

 

Sandeep Seeram

jimlynch
11/11/2011
Here's an interesting article from the Economist that touches on some of the Dropbox problems.

Keys to the cloud castle
http://www.economist.com/blogs/babbage/2011/05/internet_security

"CONSIDER the purchase of a home in two adjacent gated communities. Both have houses with truly impregnable locks. In one community, whenever you need to enter your house, you visit the management office and show your driving licence. A guard walks you to your home, and lets you in using the master key that opens every door lock in the community. You can stay inside indefinitely. If an employee misuses the key to wander into homes or, heaven forfend, a thief gets his hands on it, all bets are off—the households' sanctity has been compromised.

In another community, the management requires that you privately choose your own lock and corresponding key, which you hang on to and use to enter your abode at will. But if you lose the key, or any copies you have made, you can never re-enter. It will remain a sealed edifice until the universe's heat death. Which would you choose? The latter offers extreme privacy but with an unthinkable penalty for carelessness. The former is convenient but there is the risk of the key falling into the wrong hands."
jimlynch
11/11/2011
Here's an interesting article from the Economist that touches on some of the Dropbox problems.

Keys to the cloud castle
http://www.economist.com/blogs/babbage/2011/05/internet_security

"CONSIDER the purchase of a home in two adjacent gated communities. Both have houses with truly impregnable locks. In one community, whenever you need to enter your house, you visit the management office and show your driving licence. A guard walks you to your home, and lets you in using the master key that opens every door lock in the community. You can stay inside indefinitely. If an employee misuses the key to wander into homes or, heaven forfend, a thief gets his hands on it, all bets are off—the households' sanctity has been compromised.

In another community, the management requires that you privately choose your own lock and corresponding key, which you hang on to and use to enter your abode at will. But if you lose the key, or any copies you have made, you can never re-enter. It will remain a sealed edifice until the universe's heat death. Which would you choose? The latter offers extreme privacy but with an unthinkable penalty for carelessness. The former is convenient but there is the risk of the key falling into the wrong hands."
m
mstrauss
06/22/2011

I wouldn’t waste my time and frustration on a company that disrespects its customers so much as to not take the security of their personal files seriously. There must be other competitors (Microsoft Live SkyDrive, Google Docs, Amazon Web Services) who can do a better job because they’re more mature organizations who understand the risks involved.

Answer this
ASK a question
250