Comments on: Dropbox: Yes, we were hacked

By: yacahuma

yacahuma — Wed, 17 Oct 2012 14:01:56 +0000

if someone got valid credentials, how can that be considered a hacked? is not dropbox fault. Am i missing something?

By: philippe

philippe — Tue, 28 Aug 2012 21:05:11 +0000

I’m using a different encryption solution added on top of the cloud storage (typically BoxCryptor + Dropbox) rather than trusting built-in (if any) encryption from these storage providers. This way, you need 2 passwords, not related to access my data and even if you break-in Dropbox and copy everything, it won’t help (even filenames are mangled). BTW I agree that everything I put under Dropbox, I consider it “potentially public”. I’m sure there are flaws too, but seems to be much more serious protection and it works well on iOS, Android, Linux, Mac and Windows

By: Ronald Zia

Ronald Zia — Tue, 28 Aug 2012 03:45:48 +0000

How could they have not been hacked if end users are smart enough to use an unique email address for each different sites, yet they get SPAM through the email address that was only used for dropbox. Because I’m getting spam through the alias used for dropbox.

By: Ronald Zia

Ronald Zia — Tue, 28 Aug 2012 03:41:34 +0000

They were hacked obviously. I used an unique email alias for dropbox only, and now I’m getting spam emails via that specific email address. I use an unique email addresses for every single website that I visit so it is easier for me to track down what caused the spam problem. It is obviously they were hacked.

By: Ronald Zia

Ronald Zia — Tue, 28 Aug 2012 03:32:25 +0000

no wonder I’m getting spam emails through my unique email alias created for dropbox.

By: Snoopy104

Snoopy104 — Thu, 23 Aug 2012 15:07:09 +0000

How could they have been hacked? if the end users are stupid enough to use the same login credentials wherever they go on the web, then its the end users fault? If you give your username and password for any service to someone you don’t know or trust and then complain when that person uses it, who is to blame? People need to start taking responsibility for their own security, not shifing the blame for their own incompetent actions. Its a shame that most people these days seem to be lacking any common sense.

By: Filip Herman

Filip Herman — Fri, 17 Aug 2012 14:35:16 +0000

You could also mention:
- Res Hyperdrive (http://www.ressoftware.com)
- Accellion / Kitedrive (http://www.accellion.com)
- Sparkweave (http://www.sparkweave.com)
- …

Major players in private cloud file sharing

By: Julia Mak

Julia Mak — Thu, 02 Aug 2012 17:26:35 +0000

Most consumer cloud services require users to upload their data and make copies of their files as well as account credentials in the public cloud. However that is not to say all cloud services are insecure… while most vendors take a similar approach to copy data out in order to provide remote and mobile access, but there are still other solutions who can solve the problem and allow companies to keep their data safe with a different approach. For example here at Oxygen Cloud we allow companies to keep their data using their own storage, and we don’t have access to corporate passwords either so the passwords can be stored safely behind own firewalls.

Cloud analyst Ben Kepes actually made a really good argument on how Dropbox was never meant for the enterprise. To avoid compromising data security and rogue users, IT should also take the initiative to explore other solutions to address user needs in a more secure manner that meets their own requirements. http://www.cloudave.com/21173/dropbox-security-issues-it-has-itself-to-blame/

By: masonoise

masonoise — Wed, 01 Aug 2012 18:01:37 +0000

This is a rather misleading article. The fact that some people used the same passwords on other services which were then used to access their accounts on Dropbox says nothing about Dropbox’s security. If an employee’s account was accessed, bad for them, but again it says nothing about Dropbox’s security. Having a list of user email addresses is bad practice, obviously, but this article is headlined and written only to make for a seemingly exciting story, which just isn’t there, I’m sorry to say.

By: Keith Townsend

Keith Townsend — Wed, 01 Aug 2012 17:05:24 +0000

I replied to this and it didn’t show up. It may have hit the SPAM. So, I’ll link to my own post which has the link you are looking for. http://virtualizedgeek.com/2012/04/28/who-do-you-trust-with-your-data-google-microsoft-or-dropbox/