Dropbox takes a peek at files

Post a reply

:
In an effort to prevent automatic submissions, we require that you enter both of the words displayed into the text field underneath.
Smilies
:pray: :sleep: :D :alien51: :) :mrgreen: :wink: :love: :obsessed: :| :( :twisted: :evil: :scary: :o :dunno: :? 8-) :hmmm: :shock: :flop: :top: :x :P :oops: :cry: :?: :idea: :arrow: :!: :nails: :look: :rtft: :roll: :ohno: :hell: :vomit: :lol: :think: :headscratch: :clapper: :bang; :censored: :badair: :help: :owned: :nope: :nwo: :geek: :ugeek: :robot: :alien: :mrcool: :ghost: :sunny: :peep: :yell: :banana: :dancing: :hugging: :bullshit: :cheers: :shooting: :hiho:
View more smilies
BBCode is ON
[img] is OFF
[flash] is OFF
[url] is ON
Smilies are ON
Topic review
   

Expand view Topic review: Dropbox takes a peek at files

Re: Dropbox takes a peek at files

Post by mediasorcery » Sat Sep 14, 2013 3:29 pm

its all coming out, just as most guessed hey? good tip off.
now send a .doc with instructions to make a b&%$#omb and with the trrst word in it and see how long i takes for the doorknock lofl. :lol:

Dropbox takes a peek at files

Post by -Marduk- » Sat Sep 14, 2013 1:57 pm

Dropbox takes a peek at files. But it's totally nothing, says Dropbox

Dropbox takes a peek at some kinds of uploaded files. That’s normal, the Web storage service says.

The disclosure comes after a test of the service found that several “.doc” files were opened after being uploaded to Dropbox.

Dropbox’s behavior was detected using HoneyDocs, a new Web-based service that creates a log showing when and where a document was opened, according to a blog post at WNC InfoSec.

The experiment involved uploading to Dropbox “.zip” HoneyDocs folders with embedded “.doc” files. HoneyDocs lets users set up a “sting,” or a notification that is sent by SMS or email when a file has been viewed. Where the file has been viewed from is plotted on a map.

The callback, or as HoneyDocs calls it a “buzz,” is an HTTP Get request with a unique identifiers assigned to a sting. The data on when and where the file has been opened is sent over SSL port 443, according to HoneyDocs.

WNC InfoSec wrote the first buzz came back within 10 minutes after a file was uploaded with the IP address of an Amazon EC2 instance in Seattle. Dropbox uses Amazon’s cloud infrastructure.

Of the submitted files, only “.doc” files had been opened, WNC Infosec wrote. HoneyDocs also pulled information on the type of application which accessed the document, which in this case was the open-source productivity suite LibreOffice.



full article here -> pcworld

:think:

Top

Visit Disclose.tv on Facebook