Security researcher warns over Dropbox authentication security flaw

    Date12 Apr 2011
    CategoryHacks/Cracks
    4013
    Posted ByAnthony Pell
    Attackers able to get their hands on a Dropbox configuration file would be able to access and download any files a user synchronises through the service without betraying any signs of compromise, a security researcher has discovered. Derek Newton discovered that a Dropbox authentication token, stored in a config file of the Dropbox directory of a Windows PC, allows access to an associated account with the file-synchronisation service
    You are not authorised to post comments.

    LinuxSecurity Poll

    Do you reuse passwords across multiple accounts?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /component/communitypolls/?task=poll.vote
    13
    radio
    [{"id":"55","title":"Yes","votes":"5","type":"x","order":"1","pct":45.45,"resources":[]},{"id":"56","title":"No","votes":"6","type":"x","order":"2","pct":54.55,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    Advisories

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.