Re: dropbox security situation

To: Hans <hans.ullrich@loop.de>, debian-user@lists.debian.org
Subject: Re: dropbox security situation
From: Jude DaShiell <jdashiel@panix.com>
Date: Sat, 7 Dec 2019 13:09:41 -0500
Message-id: <[🔎] alpine.NEB.2.21.1912071301430.2914@panix1.panix.com>
In-reply-to: <[🔎] 1912241.g2m5C1V9qh@protheus2>
References: <[🔎] alpine.NEB.2.21.1912071158190.26808@panix1.panix.com> <[🔎] 1912241.g2m5C1V9qh@protheus2>

On Sat, 7 Dec 2019, Hans wrote:

> Date: Sat, 7 Dec 2019 12:49:17
> From: Hans <hans.ullrich@loop.de>
> To: debian-user@lists.debian.org
> Subject: Re: dropbox security situation
>
> Am Samstag, 7. Dezember 2019, 18:06:37 CET schrieb Jude DaShiell:
> Hi Jude,
>
> I know, there were several security issues with dropbox in the past, that
> frightened me. So dropbox would not be my first choice, although it is most
> used by people. (Windows is also most used by people, think of your own).
>
> My search lead me to nextcloud or SpiderOakOne. SpiderOakOne is my personal
> favourite, because it is cheap and had no serious security issues (as far as I
> know). And it is opensource.
>
> However, there are a lot of cloud solutions offered, many are closed source,
> some are open source. Dropbox is just the best known.
>
> Putting files into a cloud is IMHO always a risk, you know, they are in the
> internet, but you do not know WHERE.
>
> To your question: I do not believe, that this was a direct attack, I more
> beilieve, this was just an attack by some automatically and unmanned bots.
>
> Trusting third parties like dropbox and all the others is always a risk and
> secret data should always be under ones own control. Always!
>
> So, this were just my thoughts of your message.
>
> Best regards
>
> Hans
> > Recently I created a dropbox account with my gmail account.  Very shortly
> > after creation I was refused access since dropbox claimed someone tried
> > to change the password on my account and they weren't sure it was me so
> > got prompted to change my password.
> > What I don't know is if high probability exists this happened or if
> > dropbox does this with everyone that first creates an account using google
> > credentials to get new passwords on those accounts.  It would be good to
> > know one way or the other since the former scenario is more serious than
> > the latter.  I deleted dropbox and anything linked to it from all of my
> > devices and am thinking to use a different email address with a strong
> > password for a future dropbox account and expect will be changing my
> > google password shortly as well.  The password on google I used was strong
> > but google accounts whether two-step or not are routinely hacked.
> >
Thanks Hans, The only reason I had for using dropbox is orgsley on
android will link to it with other possibility being webdav and since
I've never done anything with webdav yet one of my concerns about using
that solution is I'd like to confine webdav to local network and it's
possible if this got done even if it was possible might break webdev.
There is a local directory option in orgsley but I haven't been able to
figure out how to get the phone and computer linked even with wi-fi so my
computer directories show up on my phone when a browse gets done.
I'm thinking it best to backup directly to a nas once internet access is
off and take the nas off the system once backup gets done then have
internet off while doing any kind of restore.  I have external drives
available for this locally.

> > > > > > -- > >

--

Reply to:

Follow-Ups:
- Re: dropbox security situation
  - From: Hans <hans.ullrich@loop.de>

References:
- dropbox security situation
  - From: Jude DaShiell <jdashiel@panix.com>
- Re: dropbox security situation
  - From: Hans <hans.ullrich@loop.de>

Prev by Date: Re: dropbox security situation
Next by Date: Re: sed question
Previous by thread: Re: dropbox security situation
Next by thread: Re: dropbox security situation
Index(es):
- Date
- Thread