Home > slashdot > Dropbox Authentication: Insecure By Design

Dropbox Authentication: Insecure By Design

April 8th, 2011 04:04 admin Leave a comment Go to comments


An anonymous reader writes “Dropbox can be very useful, but you might be a little surprised to learn that by copying one file from a computer running the application, an attacker can access and download all of your files without any obvious signs of compromise. Normal remediation steps after a compromise such as password rotation, system re-image, etc will not prevent continued access to the compromised Dropbox. Derek Newton, a security researcher that published this finding yesterday, discusses the security implications of this by-design security authentication method on his blog.”

Source: Dropbox Authentication: Insecure By Design

Related Articles:

  1. Nikon’s Image Authentication Insecure
  2. Dropbox Adds Two-Factor Authentication
  3. Dropbox Confirms Email Addresses Were Pilfered
  4. DIY Dropbox Alternatives
  5. Open Source Alternative To Dropbox?
blog comments powered by Disqus