I really wish some big shots in the security world would write an ISO standard or something stating how harmful blanket 'block Dropbox' policies are for the reasons you list.
The security implications (which dropbox do not take seriously) of this are a nightmare. I feel sorry for all of the network admins and security people who have to deal with the fact that all of their employees are unintentionally exfiltrating everything.
The point is that it would break features for many users in exchange for security theater.
Limiting the access of Dropbox is all well and great except that it breaks sharing, which many people use, in exchange you simply move the files to another folder on the same Dropbox which effectively does nothing.
Slightly off topic, but Who stores senstive files unencrypted in Dropbox anyways?
You're reading a lot more into my statement than what I wrote. I'm talking about Dropbox in particular, not "any company or program that's ever had a security issue".
I very much doubt dropbox is insecure by design. Skipjack was insecure by design. Dropbox is (arguably) insecure by oversight, or by lack of thoughtful security design.
1. Sensationalism aside, Dropbox should review questionable security claims to reduce false sense of security if any. With millions of users, careless words formed out of marketing needs are no longer needed. What Dropbox users need now is more clear picture of what they are giving up to gain Dropbox's services.
2. The weakest security link is the user and their computer, not Dropbox which has enough financial incentives at stake to be diligent security wise. In the end, no computer open to external data or code is safe. What protect most users today is actually not security technologies but cost/benefit ratio to potential attackers, tempered by goal and scale. 99.9999% of Dropbox user data is useless to attackers and cost of mining questionable nuggets out continually expanding sea of data from 20 million users is not a trivial task.
3. While it's true that user must trust Dropbox in the end, some of its security measures could use strengthening even if it's just intended to raise the level of sophistication necessary to steal Dropbox data.
Since day one I've stored an arsenal of Truecrypt archives in my Dropbox folder for anything that I really don't want anyone else to find out about. (Not that there is much of that.) Most of the rest of what I store there is ebooks, university lecture notes, my portfolio, and other stuff that I wouldn't worry about if Dropbox really dropped the ball. Seems reasonable to me to be a little more in charge of your own security instead of handing off responsibility to people you don't even know. Still, I agree that we should be holding Dropbox (and similar services) to a high standard, and they have indeed stumbled on this issue.
Dropbox has already demonstrated that they play it fast and loose with user privacy issues. While I use Dropbox for many things, and admire what they've built, we'd do well to be more realistic about it around here.
Hey mangodrunk. Thanks for taking the time to put together citations. I was aware of the first item on your list and I was impressed with how Dropbox handled the situation. Everyone have bugs, but it's how you deal with these things that speak volumes to me.
I haven't heard of the other 2 things on your list, but I'll take the time to read them thoroughly. Thanks for bringing them to my attention. Obviosuly privacy is something important to me, so knowing all the facts is important.
That being said, when it comes to TOS, Dropbox is far more attractive.
I do agree on the fact that it is totally embarassing for Dropbox, and I do not either recall a similar issue with Microsoft, which does not make it safe. DEP / ASLR mechanism have been "easily" bypass several times this year, which to me is also embarassing. But the fact that this issue happened with Dropbox does not mean that it will again, and I'm pretty sure that it will make security one of their top priority. I do believe that going to Microsoft for better security is an odd move.
"I really hope no one is storing their financial records and health information on Dropbox..."
In 2015, the only sensible approach to security is to consider every machine you touch to be compromised, all the time. And yet I still store financial information on Dropbox - pay slips, bank records, mortgage documents, wills. Why would I care? I don't put download links to them on every email I send out of course, but if they would 'leak', it wouldn't make a material difference to my life. While the ease with which I can access and keep track of them does.
Same with medical information - what do I care that anyone knows how strong my prescription glasses are? Or if I'd got some serious disease tomorrow, what sort of treatment I get? I'd have to disclose if I wanted to get life insurance anyway.
I no longer see a rational reason for trying for absolute secrecy on things like this. The cat's out of the bag.
From a compliance standpoint, these are pretty meaningless. Sounds like Dropbox marketing isn't taking security and compliance very seriously.
Actually, it really bothers me that Dropbox touts these things as compliance factors (vs. features of the underlying storage system). Dropbox is the user-facing service, not Amazon S3.
If I put a bunch of money in some super-duper safe, chain it to a flatbed truck, and then leave the truck unlocked with the engine running, the safe doesn't make that money secure.
Dropbox is a consumer file storage company. Statements like that will confuse the majority of their target market and stall adoption of the service.
What Dropbox is doing in relation to security/encryption is about the best possible solution that balances features and function with data protection for files that might be leaked or stolen.
If you have suggestions for Dropbox, lay out concise technical suggestions. Writing new legalese for them is not solving any of the problems that people are getting so worked up about.
Why would dropbox even need that level of obfuscation for a backdoor? The binary just do evil directly (although having something that seems plausibly like a bug would be ideal.)
reply