Did you get the news flash? Dropbox.com isn’t secure. Wait, wait, before you sue me, check out this blog entry, Dropbox Let’s Anyone Log in as anyone:
Customers of cloud-based file storing-and-sharing company Dropbox should check on the data they’ve entrusted to the service, following the company’s admission that it messed up its access controls for several hours.
As alert Twitterer Andy Durdin points out, you can readily see if someone else has changed your Dropbox files. But you can’t see if someone else has been snooping through your data.
Dropbox suggests on its blog that less than 1% of accounts were accessed during the unprotected period, and that it will contact those users in case the access was unauthorised.
If your account was accessed, be sure to ask Dropbox for a detailed log of what happened so you can find out what got stolen as well as what got changed. Unauthorised access and unauthorised modification are both bad for your digital well-being.
Of course, if you’ve been using Dropbox to store your top secret excel spreadsheet with all your passwords, you may be sweating it now. In truth, though, if you’re using KeepassX or TrueCrypt or GPG/PGP to encrypt your top secret info, you have nothing to fear except the loss of that data.
- Encrypt “private” content shared via Dropbox. This is especially true with stuff I want to share with other people but wouldn’t necessarily want to share with the world. I use a variety of tools to get that job done, such as the following (listed from easiest to more complex): KeepassX for usernames/passwords, TrueCrypt.org, NCrypt, GPG, as well as combinations of those.
- Use Dropbox for items you want to share with others, so it wouldn’t matter if others did access it.
- Make frequent backups of content on Dropbox OUTSIDE of the Dropbox folder on your computer(s).
Enter your email address:
Delivered by FeedBurner