Microsoft News

Microsoft issues security advisory affecting all versions of Windows, Windows Phone

General News

UK government set to rush through emergency surveillance legislation

General News

UK officials follow US counterparts by banning electronics that have no charge from boarding flights

Microsoft News

Microsoft restores control of seized domains to No-IP

Windows 8 Apps+Games

1Password for Windows gets much needed 4.0 update

Editorials

Using strong passwords and keeping your online self secure

General News

First smartphone 'kill switch' bill in the US passed by… Minnesota

Apps

Secure your passwords and critical information with Enpass Password Manager

General News

Bitly alerts users of widespread account compromises, claims no accounts have been accessed

Apps

Box completely rebuilds Windows Phone and Windows 8.1 apps

Apps

John McAfee's Chadder aims to keep your messages private, lands on Windows Phone before iOS

Windows

Microsoft issues security patch for Internet Explorer

Microsoft News

Microsoft issues warning about limited, targeted attack vulnerability in Internet Explorer

General News

Microsoft gets decent clean energy marks from Greenpeace

Microsoft News

Listen to Microsoft CEO Satya Nadella discuss ‘the intersection of cloud and mobile’ live today at 1 PM ET

Apps

Unite all your cloud storage services with Otixo for Windows Phone

How To

Get secure by encrypting your PC with Microsoft BitLocker for Windows 8 Pro

Microsoft News

Microsoft Store giving away $100 credit; simply trade up your Windows XP dinosaur (US and Canada Only)

General News

Cloud Storage on Windows Phone – which service is the best value?

Microsoft News

Microsoft says it's really time to dump Windows XP thru this clever infograph

4

Security bug disables DropBox passwords

The other day we mentioned an openly available tool, Dropbox Reader, that is designed to circumvent security measures on your DropBox account. We are now hearing that over the weekend, no tool was needed to access DropBox accounts.

For a brief period of time, users could log into accounts using any password. Just type in an email address and wing it with a password and you were in. DropBox has confirmed this breach and states it left everything vulnerable from 1:54pm PDT to 5:46pm PDT this past Sunday (06/19/2011). The fix only took five minutes to put into place once DropBox became aware of things.

In a statement on DropBox's blog, the cloud storage service reports,

"We’re conducting a thorough investigation of related activity to understand whether any accounts were improperly accessed. If we identify any specific instances of unusual activity, we’ll immediately notify the account owner. If you’re concerned about any activity that has occurred in your account, you can contact us atsecurity@dropbox.com.

This should never have happened. We are scrutinizing our controls and we will be implementing additional safeguards to prevent this from happening again."

If you're a DropBox client, you may want to check your account to see if any files were accessed during the time frame or have gone missing. Changing your password might not be a bad idea either.

Glitches in security happen but it sure does seem like DropBox has been snake bitten here lately. 

source: TechCrunch via: Gizmodo

0
loading...
0
loading...
24
loading...
0
loading...

Comments

There are 4 comments. Sign in to comment

1jaxstate1 says:

Nothing important in my dropbox. But this is a mess.

Light Speed1 says:

android's answer to wp7 skydrive integration turns out to be an unsecure JOKE? you dont say???

dtboos says:

I stopped using dropbox when I got my wp7 phone. I strictly use Skydrive and look forward to the full skydrive sync come fall.

w0qj says:

Good review – here is another cloud storage solution that is fully encrypted:With SugarSync, you get 5GB of cloud storage space with the FREE version, but now there is no restriction to the number of computers you can sync/backup (up from 2).It gives you the ability to upload and sync any folder on your computer.It is the only service that offers such a broad device and OS support with apps for BlackBerry, Android, iPhone/iPad, Symbian, not to mention your computer!You can also stream MP3 music files to your smartphone or computer.Also if you use the below referral code you get a bonus 500MB extra on top of your Free 5GB!https://www.sugarsync.com/referral?rf=tbtp0asbw9ptHope it helps someone.