Re: [OT] something about dropbox
Not to be the downer in this conversation, but from a security
standpoint, there was a finding that dropbox's configuration file was
stored insecurely on all OSes [1] [3]. This appears to have been fixed
in late 2011.
However, the other issue is that dropbox uses the same
dropbox-controlled key to encrypt all users files. [2] [3] This allows
dropbox (or their employees) to decrypt any files. You can consider
the ramifications of this.
[1] http://dereknewton.com/2011/04/dropbox-authentication-static-host-ids/
[2] http://eggfreckles.net/notes/from-dropbox-to-spideroak/
[3] http://www.jupiterbroadcasting.com/7211/dropbox-flaws-techsnap-1/
--b
On Tue, Jun 26, 2012 at 3:48 PM, rjc <rjc@linuxstuff.pl> wrote:
>
> On Tue, Jun 26, 2012 at 08:02:00PM BST, Denis Witt wrote:
> > That's not correct. You can install and use it without having X
> > installed. I did it so on one of the servers in the office. There is a
> > CLI script written in python which is officially supported:
>
> Yes, you are right.
>
> I had Dropbox <-> Nautilus in my head. I do remember seeing dropbox.py
> script somewhere, for some reason I assumed that it's a CLI control
> for already (X bound) running Dropbox.
>
> Thank you for correcting me.
>
> Having a quick look it still is not does not off a real daemon mode -
> you need to use terminal multiplexer (i.e. tmux, dtach, screen, etc.)
>
> Ta,
> --
> rjc
>
>
> --
> To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: [🔎] 20120626194836.GA13564@linuxstuff.pl">http://lists.debian.org/[🔎] 20120626194836.GA13564@linuxstuff.pl
>
Reply to: