View Single Post
Old 08-21-2012, 05:58 PM   #4 (permalink)
BBF Spam Killer Moderator
daphne's Avatar
Join Date: May 2007
Location: on a sunny beach
Model: Paspt
Carrier: VZW but not for long
Posts: 9,176
Post Thanks: 120
Thanked 147 Times in 116 Posts
Default Re: Dropbox (in)security

Originally Posted by aiharkness View Post
Niether here nor there, but I was about to sign up for a Dropbox account one day when news came out that they were misrepresenting what they do to encrypt customer data. I wouldn't have stored anything beyond trivial data anyway, but I still decided to steer clear of it. I guess I'm not really comfortable with the whole idea, either, but the news put me off of giving it a try. I'm too set in my ways.

On the Honan story, of course it reinforces the advice to use unique login info, but the big take away (for me, anyway) was the extent to which what one entity uses to identify you may be available easily from another entity. The so-called hacker didn't really hack anything. He just exploited publicly open vulnerabilities.

As an aside, if the news reports are accurate, Honan wasn't targeted per se, at least not for who he was or who he represented; the Hacker just found his twitter username interesting and wanted to cause chaos and watch.
Posted via Mobile
That's right - the hack was also done by social engineering - getting the last 4 digits of his credit card that was stored on Amazon, and getting Apple support to change the password. It might have been a different article, but on one of them Mat Honan said the hacker told him he just wanted the Twitter handle @mat because he thought it was cool.

And having all your online accounts linked to each other isn't so good because if one gets compromised, all the rest can be compromised too.

I remember that news about Dropbox misrepresenting what they do to encrypt customer data. How can one trust a company after that.... ?
Report spam text messages to 7726
#BlackBerry by choice
Offline   Reply With Quote