dropbox Dropbox told about vulnerability in November 2013, only fixed it when

[LilBambi 3,283]

Dropbox told about vulnerability in November 2013, only fixed it when the media showed interest - Graham Cluley

 

Dropbox was contacted yesterday by the media, investigating the claims being made by Intralinks – a file sharing and collaboration service for enterprises – after it revealed that it had stumbled across individuals’ mortgage applications and income tax returns that should surely have remained private on Dropbox.

 

Dropbox responded last night with a blog post saying it was addressing the vulnerability and that it was “unaware of any abuse of this vulnerability”.

 

Well, clearly – despite Dropbox’s protestations – users’s data *was* exposed, otherwise files like this and this wouldn’t have fallen into the hands of unauthorised parties.

 

 

 

 

And likely Dropbox still wonders why security aware people may not trust them with their sensitive information...

 

I stopped using them for anything that matters long ago.

[ross549 1,255]

That's why Spideroak is so awesome.

 

Trust No One......

 

Adam

[ebrke 1,331]

That's why Spideroak is so awesome.

 

Trust No One......

 

Adam

Based on the user encryption angle? Looking for info, not challenging your opinion. I'm always suspicious about any cloud-based service.

[ross549 1,255]

Your data on SpiderOak is encrypted before leaving the computer. SpiderOak cannot see your data. In fact, they state that if you have a problem with your data itself, they cannot help you. If you forget your password, they can't help you either.

 

Edit: They can verify that the client on your computer is working. They just can't see the data or decrypt it on their servers.

 

They are reputable and trustworthy. (2GB free)

 

Adam

[ebrke 1,331]

Interesting. Thanks, Adam!

[LilBambi 3,283]

Yep. Love SpiderOak.

[V.T. Eric Layton 6,544]

I keep nothing of importance or value in the cloud. Sorry. Just don't trust it/them.

[ross549 1,255]

The cool thing is if your data is stolen from SpiderOak, the hackers can spend all the time they want trying to decode it..... the crypto involved is AT LEAST as good as the crypto used in CryptoLocker!

 

 

Adam

[V.T. Eric Layton 6,544]

NSA has no difficulty with that at all.

[Robert 235]

I put my file(s) in a Truecrypt folder with a unique, strong password, then upload the folder to the cloud.

[Temmu 1,931]

i put all my sensitive, self incriminating evidence unencrypted in various cloud sites for ease of access in case i forget my password or loose my private key.

[ross549 1,255]

Well, as you use more and more cloud services, the data becomes harder to find, right?

 

 

Adam

[LilBambi 3,283]

[V.T. Eric Layton 6,544]

Send in the clouds... er, clowns, I mean...

[LilBambi 3,283]