NNSquad - Network Neutrality Squad

NNSquad Home Page

NNSquad Mailing List Information

 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ NNSquad ] Dropbox Files Left Unprotected, Open To All -- InformationWeek

http://www.informationweek.com/news/security/vulnerabilities/231000111

(From the article)

Dropbox on Monday acknowledged that its vast store of files was left open to the world on Sunday for four hours as a result of a bug. During this period, any account could be accessed using any password.

âââ

In March, the security of Dropbox's Android mobile client came under fire when security researcher Mike Cardwell revealed that the app was transmitting file metadata without SSL encryption.

The following month, Ferdowsi and Drew Houston, co-founder and CEO, explained that they had decided to favor performance over security because "enabling SSL for all metadata transfers made the app several times slower." They also acknowledged Cardwell's concerns and said they were working on a way to send metadata over SSL more efficiently in their mobile apps.