gspn.tv Community

Join The Community!

Dropbox - I'm getting concerned

http://www.informationweek.com/news/security/vulnerabilities/231000111

Views: 25

Replies to This Discussion

Permalink Reply by Cliff Ravenscraft on June 21, 2011 at 9:46pm
Heard about this today. It's not a good sign for DropBox. That is for sure.
Permalink Reply by Cliff Ravenscraft on June 21, 2011 at 9:48pm

What are some of the other services out there that are better alternatives?

 

Anyone hear of AeroFS? http://www.aerofs.com/

Permalink Reply by Jonathan Nation on June 21, 2011 at 11:02pm

When I was in a System Admin type of class in college a simple idea was the foundation.

 

You have a continum one one side you have a brick.

 

On the other end is wide open insecure system.

 

Two elements that are also hit those extremes is security and functionality.

A brick is secure, but not functional at all (except throwing through bricks or building studios and such).

A wide open system has a lot of functionality, but is not secure at all.

 

 

The more functional you open up your system, the more insecurity you open up.

From those eyes, it's not a dropbox issue. It's nature of the technology and such. We all have choices to make.

What to do about dropbox really depends on what dropbox does, but odds are the system will be more secure in the future due to them having issues.

The other thing I expect is that more systems like this will attacked.

Permalink Reply by Stephen Cross on June 22, 2011 at 6:37am
I understand your point, but my concern is behavior based. They have been misleading about their security on multiple occasions. Granted, their own description of Dropbox does not even bring up security https://www.dropbox.com/tour#1
Permalink Reply by Eric T on June 22, 2011 at 4:52am

I am not worried because I don`t store private stuff there. Nothing on the web is private, nothing!! Everything can be hacked, so if it`s that important don`t put it in the cloud. 

 

Go DropBox!!

Permalink Reply by Stephen Cross on June 22, 2011 at 7:21am
Regardless of how sensitive my information is, I don't want it openly available to everyone. 

Security is a key factor in the success of "the cloud" and the vendors providing cloud services.   We can't let them off the hook by thinking "it's ok because my stuff isn't real private".  For the the cloud to work, as we all imagine it, it must be secure.  Hackers are mostly successfully because of carelessness; someone not following basic security practices.  Which was clearly the case with Dropbox over the weekend.  I like the ease of use and reliability of Dropbox and want them to succeed.  But if they don't take security seriously, another vendor will come along and do a better job.
Permalink Reply by Cliff Ravenscraft on June 22, 2011 at 7:55am

I disagree... I expect my bank account access to be private and secure. They are "in the cloud."  I log in and transfer funds from one account to another, check balances, even sometimes looked at scanned check to see who a check was written to or signed by.  I can even log in and have it send a payment via the mail on my behalf.  This is on the web and I expect it to be private and secure.

 

I expect my BackBlaze online backup to be secure and and private.  I have a copy of everything on my local computer on their servers.  And I do have a backups of  my Quicken for Mac program saved to DropBox just as an added backup.

 

I don't expect web services that are "social" to be private or secure.  By this I mean that if I put a private file in a folder in DropBox and share it with Stephen Cross.  I don't expect DropBox to keep Stephen from being able to make that file publicly available for download from his website.  When we "share things" we should know that all the risks that are associated with that shared access pose.


However, the concept I believe that DropBox is on the hook for is ACCESS.  And also, potentially, the need to encrypt.  Now, I'm personally not upset about the encryption aspect as I don't know that I ever felt that it was encrypted.  However, if I decide to look for a replacement service, it would be a feature I'm very much interested in.

 

I hope that what has happened becomes a major wake up call to DropBox and that we hear reports of end to end encryption and and major improvements made to make sure that access to our accounts is only provided to the account holder.

 

If I was a paid subscriber, I think this incident would have caused me to end my paid account with them until I felt such things were in place.


As it is, I am a free subscriber and, outside of my Quicken Backups, most of my stuff stored on DropBox is stuff that I would not mind the entire world seeing.

 

 

Permalink Reply by Stephen Cross on June 22, 2011 at 1:00pm

I disagree to your disagree :)

 

Twitter is social.  They also have security settings.  You wouldn't want people seeing Megan's tweets if her settings are set to private.  

 

Facebook is social. but if my privacy settings are set to share nothing, I expect the vendor, Facebook, to implement that properly.

 

My point is that because a cloud product is 'social', does't mean it shouldn't be secure or private.

 

And in Dropboxes case they have portrayed their product as being secure, but their actions over the past few months have shown security is not their highest priority.  I'm a paying customer and my trust in them is wavering. 

 

Fun discussion.

 

-S

 

 

 

Permalink Reply by Cliff Ravenscraft on June 22, 2011 at 1:07pm

That's funny.. 

 

I sort of assume that there are going to be times when Twitter will mess up and accidentally make Meagan's protected tweets available to the public. 


Same with Facebook.  I come to have little faith in a social site to get privacy and security done right.

 

There have been countless issues with Facebook dropping the ball and even times when Direct Messages, meant to be private, were accessible to the public, from Twitter's service.

 

 

When it comes to me storing files on the web, I do EXPECT security and privacy.

 


I think I agree that we "should expect" the same level of security and privacy messages with social services, but I simply have little faith in their ability to do so.

 


Check this out... I had been waiting for years to get a Blue Ray player and ALMOST bought a Sony Playstation a few months back.

 

Today, I would not even CONSIDER getting a Playstation due to the number of hacker attacks on Sony services.

Permalink Reply by Eric T on June 22, 2011 at 8:06am

I guess I hit a nerve on that one ;-)

 

DropBox is so awesome that I hope the team can tighten it up for us.

Permalink Reply by Cliff Ravenscraft on June 22, 2011 at 8:10am

I just got this from DropBox 1 minute ago:

 

Permalink Reply by Jonathan Nation on June 22, 2011 at 9:31am
cliff, have you asked Tricia Prues if she logged into dropbox or not?

RSS

Members

Shop & Support!

Did you know that you can support the content and community of gspn.tv with each purchase you make on Amazon that starts with you simply clicking on the image below:

Upcoming Events!

Summer 2013 2013 Community Cruise Registration!

© 2012   Created by Cliff Ravenscraft.

Badges  |  Report an Issue  |  Terms of Service

Sign in to chat!