The Continuing Saga of Dropbox
Posted by Aaron Massey on 21 Jun 2011.
Dropbox had another security snafu:
Yesterday we made a code update at 1:54pm Pacific time that introduced a bug affecting our authentication mechanism. We discovered this at 5:41pm and a fix was live at 5:46pm. A very small number of users (much less than 1 percent) logged in during that period, some of whom could have logged into an account without the correct password.
This is a big deal and if you read through the comments on that post it is littered with pissed off customers, many claiming they won’t be using the service anymore. The smart move at this point is not to keep anything sensitive in Dropbox until Dropbox proves competent at security.
I’ve written about Dropbox a couple times recently. It’s not my intention to turn this into a blog about Dropbox’s problems. However, Dropbox is particularly interesting to me because they are the quintessential cloud computing service. It’s super basic: you’re just storing files that are accessible anywhere.
Dropbox should be an outstanding example of the benefits and disadvantages of cloud computing, but even seemingly simple operations aren’t all that simple in the cloud. As codebutler pointed out on Twitter, deleting a file might not mean that it’s really gone. Here’s a statement from Dropbox’s help:
Once you find the file/folder you’d like to permanently delete, click on the arrow that appears to the right of the file for a drop-down menu. Choose Permanently delete from the list of choices.
Permanently deleted files can’t be recovered by the user. Maybe now your aunt’s fruitcake recipe can rest in peace.
Note the phrase “can’t be recovered by the user.” Because Dropbox uses Amazon’s S3 service, ultimately even Dropbox can’t guarantee that deleted Dropbox files are truly unrecoverable. This is probably great if all you’re really concerned about using Dropbox for is your aunt’s fruitcake recipe, but I wouldn’t use Dropbox for anything seriously important without first encrypting that document manually with a key that only I can control. I hope this isn’t the future of cloud computing.
[Update: Just to be more clear about the nature of the security problem Dropbox recently experienced: for about four hours, it was possible to log in to any Dropbox account with any password. That’s a serious problem.]