The Hampton Roads Community should be aware of developments concerninga popular online backup service.
A widely used, multi-platform data syncing, sharing, and backup service is under public relations fire after an update to the system's architecture adversely affected its method of authentication. The bug left more than 25 million user accounts wide open to the eyes of the world when it granted access to storage lockers without regard to password matches. Any user desiring access to an account simply had to entera username and character in the password box and—viola!—the DropBox service revealed all the files—including stored passwords for other accounts—that the account owner had uploaded to DropBox.
DropBox performed the programming update on its infrastructure on June 19. The glitch was discovered less than four hours after the update anda fix went into place just minutes after the discovery. All open sessions were then force-logged out to prevent further access.
Wired's "Threat Level" reporter, Ryan Singel, reports that the security vulnerability isa flaw in the design of the architecture itself. The existing architecture of DropBox allows users to ...
http://www.examiner.com/girl-geeks-in-virginia-beach/dropbox-design-defect-dismantles-defense
Shared via News360 for Windows Phone 7. Learn more at http://news360app.com.
A widely used, multi-platform data syncing, sharing, and backup service is under public relations fire after an update to the system's architecture adversely affected its method of authentication. The bug left more than 25 million user accounts wide open to the eyes of the world when it granted access to storage lockers without regard to password matches. Any user desiring access to an account simply had to entera username and character in the password box and—viola!—the DropBox service revealed all the files—including stored passwords for other accounts—that the account owner had uploaded to DropBox.
DropBox performed the programming update on its infrastructure on June 19. The glitch was discovered less than four hours after the update anda fix went into place just minutes after the discovery. All open sessions were then force-logged out to prevent further access.
Wired's "Threat Level" reporter, Ryan Singel, reports that the security vulnerability isa flaw in the design of the architecture itself. The existing architecture of DropBox allows users to ...
http://www.examiner.com/girl-geeks-in-virginia-beach/dropbox-design-defect-dismantles-defense
Shared via News360 for Windows Phone 7. Learn more at http://news360app.com.
No comments:
Post a Comment