BlackBerry Forums Support Community               

Closed Thread
 
LinkBack Thread Tools
Old 08-20-2012, 10:42 PM   #1 (permalink)
BBF Spam Killer Moderator
 
daphne's Avatar
 
Join Date: May 2007
Location: on a sunny beach
Model: Z
OS: 10.2.1.12
PIN: X1ZPY34K
Carrier: VZW
Posts: 9,165
Post Thanks: 122
Thanked 146 Times in 116 Posts
Default Dropbox (in)security

Please Login to Remove!

I know Dropbox is very popular with mobile users but I think people should be aware they have been compromised several times, the most recent being the end of July.

User details compromised as Dropbox admits security breach | ITProPortal.com

Dropbox security bug left accounts unprotected | ITProPortal.com

https://twitter.com/csoghoian/status/82973832180277251

Dropbox gets hacked ... again | ZDNet

5 Dropbox Security Warnings For Businesses - Security - Security administration/management - Informationweek

caveat emptor

I have an inherent distrust of the cloud but I have used box.net. They have no history of breaches as far as I know.

While on the subject, if anyone has not heard about blogger Mat Honan's devastating iCloud hack, read on.

How Apple and Amazon Security Flaws Led to My Epic Hacking | Gadget Lab | Wired.com
__________________
Report spam text messages to 7726
#BlackBerry by choice #BlacBerry 10 is here!

Last edited by daphne : 08-20-2012 at 10:46 PM.
Offline  
The Following User Says Thank You to daphne For This Useful Post:
knottyrope (08-21-2012)
Old 08-21-2012, 10:36 AM   #2 (permalink)
BlackBerry Elite
 
knottyrope's Avatar
 
Join Date: Jan 2008
Location: Massachusetts
Model: Z30
OS: 10.2.1
PIN: t of blood has been taken
Carrier: AT&T-US with I dee ten tee errors
Posts: 6,637
Post Thanks: 264
Thanked 269 Times in 255 Posts
Default Re: Dropbox (in)security

always encrypt all your files in the cloud
__________________
irony : many old timer posters have de-evolved into the trolls they once fought
I am on http://supportforums.blackberry.com
BES 10 running sweet for my Z30, Z10 and Q10
Online  
Old 08-21-2012, 01:30 PM   #3 (permalink)
BlackBerry God
 
aiharkness's Avatar
 
Join Date: Jul 2005
Location: Florida Panhandle
Model: Z10
OS: 10.2.1
Carrier: T-Mobile USA
Posts: 13,710
Post Thanks: 15
Thanked 498 Times in 485 Posts
Default Re: Dropbox (in)security

Niether here nor there, but I was about to sign up for a Dropbox account one day when news came out that they were misrepresenting what they do to encrypt customer data. I wouldn't have stored anything beyond trivial data anyway, but I still decided to steer clear of it. I guess I'm not really comfortable with the whole idea, either, but the news put me off of giving it a try. I'm too set in my ways.

On the Honan story, of course it reinforces the advice to use unique login info, but the big take away (for me, anyway) was the extent to which what one entity uses to identify you may be available easily from another entity. The so-called hacker didn't really hack anything. He just exploited publicly open vulnerabilities.

As an aside, if the news reports are accurate, Honan wasn't targeted per se, at least not for who he was or who he represented; the Hacker just found his twitter username interesting and wanted to cause chaos and watch.
Posted via BlackBerryForums.com Mobile
Offline  
Old 08-21-2012, 05:58 PM   #4 (permalink)
BBF Spam Killer Moderator
 
daphne's Avatar
 
Join Date: May 2007
Location: on a sunny beach
Model: Z
OS: 10.2.1.12
PIN: X1ZPY34K
Carrier: VZW
Posts: 9,165
Post Thanks: 122
Thanked 146 Times in 116 Posts
Default Re: Dropbox (in)security

Quote:
Originally Posted by aiharkness View Post
Niether here nor there, but I was about to sign up for a Dropbox account one day when news came out that they were misrepresenting what they do to encrypt customer data. I wouldn't have stored anything beyond trivial data anyway, but I still decided to steer clear of it. I guess I'm not really comfortable with the whole idea, either, but the news put me off of giving it a try. I'm too set in my ways.

On the Honan story, of course it reinforces the advice to use unique login info, but the big take away (for me, anyway) was the extent to which what one entity uses to identify you may be available easily from another entity. The so-called hacker didn't really hack anything. He just exploited publicly open vulnerabilities.

As an aside, if the news reports are accurate, Honan wasn't targeted per se, at least not for who he was or who he represented; the Hacker just found his twitter username interesting and wanted to cause chaos and watch.
Posted via BlackBerryForums.com Mobile
That's right - the hack was also done by social engineering - getting the last 4 digits of his credit card that was stored on Amazon, and getting Apple support to change the password. It might have been a different article, but on one of them Mat Honan said the hacker told him he just wanted the Twitter handle @mat because he thought it was cool.

And having all your online accounts linked to each other isn't so good because if one gets compromised, all the rest can be compromised too.

I remember that news about Dropbox misrepresenting what they do to encrypt customer data. How can one trust a company after that.... ?
__________________
Report spam text messages to 7726
#BlackBerry by choice #BlacBerry 10 is here!
Offline  
Old 08-24-2012, 02:07 AM   #5 (permalink)
Thumbs Must Hurt
 
Join Date: Aug 2011
Model: 9800
PIN: N/A
Carrier: ATT
Posts: 129
Post Thanks: 1
Thanked 1 Time in 1 Post
Default Re: Dropbox (in)security

Quote:
Originally Posted by daphne View Post
That's right - the hack was also done by social engineering - getting the last 4 digits of his credit card that was stored on Amazon, and getting Apple support to change the password. It might have been a different article, but on one of them Mat Honan said the hacker told him he just wanted the Twitter handle @mat because he thought it was cool.

And having all your online accounts linked to each other isn't so good because if one gets compromised, all the rest can be compromised too.

I remember that news about Dropbox misrepresenting what they do to encrypt customer data. How can one trust a company after that.... ?
Fact is a person cannot trust any company where you don't have the personal ability to verify they are doing what they say. Many companies claim they keep user information private but since we users can neither check on their performance nor punish them for violating their promises their claims are essentially worthless.

However I suppose a cloud service could be useful if the data could be encrypted prior to uploading. Encryption using a long, random key should make the data private even if accessed on the cloud server. Not to say it could never be compromised. But, the effort would be too much for just about everyone.

What encryption application to use? Who knows what machine I'll use a year from now? Except I know it won't be Apple. Anyone know of a file encryption application that runs on Blackberry, Windows and Android?

Last edited by NoBox : 08-24-2012 at 02:25 AM.
Offline  
Closed Thread


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Similar Threads for: Dropbox (in)security
Thread Thread Starter Forum Replies Last Post
Dropbox security claims aiharkness Aftermarket Software 2 05-16-2011 07:21 PM
LIST of DropBox Compatible Apps (FileScout, Docs-To-Go, etc) Mark Rejhon Aftermarket Software 2 02-08-2011 10:44 AM
DropBox Beta Nomis Aftermarket Software 3 09-16-2010 08:48 AM
DropBox Beta for BlackBerry djm2 Aftermarket Software 0 09-14-2010 11:07 AM
DropBox service added to YouMail Shaun Aftermarket Software 3 08-26-2009 11:22 AM





Copyright 2004-2014 BlackBerryForums.com.
The names RIM and BlackBerry are registered Trademarks of BlackBerry Inc.