Re: dropbox security situation

To: debian-user@lists.debian.org
Subject: Re: dropbox security situation
From: Hans <hans.ullrich@loop.de>
Date: Sat, 07 Dec 2019 18:49:17 +0100
Message-id: <[🔎] 1912241.g2m5C1V9qh@protheus2>
In-reply-to: <[🔎] alpine.NEB.2.21.1912071158190.26808@panix1.panix.com>
References: <[🔎] alpine.NEB.2.21.1912071158190.26808@panix1.panix.com>

Am Samstag, 7. Dezember 2019, 18:06:37 CET schrieb Jude DaShiell:
Hi Jude,

I know, there were several security issues with dropbox in the past, that 
frightened me. So dropbox would not be my first choice, although it is most 
used by people. (Windows is also most used by people, think of your own).

My search lead me to nextcloud or SpiderOakOne. SpiderOakOne is my personal 
favourite, because it is cheap and had no serious security issues (as far as I 
know). And it is opensource.

However, there are a lot of cloud solutions offered, many are closed source, 
some are open source. Dropbox is just the best known.

Putting files into a cloud is IMHO always a risk, you know, they are in the 
internet, but you do not know WHERE. 

To your question: I do not believe, that this was a direct attack, I more 
beilieve, this was just an attack by some automatically and unmanned bots. 

Trusting third parties like dropbox and all the others is always a risk and 
secret data should always be under ones own control. Always!

So, this were just my thoughts of your message.

Best regards

Hans
> Recently I created a dropbox account with my gmail account.  Very shortly
> after creation I was refused access since dropbox claimed someone tried
> to change the password on my account and they weren't sure it was me so
> got prompted to change my password.
> What I don't know is if high probability exists this happened or if
> dropbox does this with everyone that first creates an account using google
> credentials to get new passwords on those accounts.  It would be good to
> know one way or the other since the former scenario is more serious than
> the latter.  I deleted dropbox and anything linked to it from all of my
> devices and am thinking to use a different email address with a strong
> password for a future dropbox account and expect will be changing my
> google password shortly as well.  The password on google I used was strong
> but google accounts whether two-step or not are routinely hacked.
> 
> 
> 
> --

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to:

Follow-Ups:
- Re: dropbox security situation
  - From: Jude DaShiell <jdashiel@panix.com>

References:
- dropbox security situation
  - From: Jude DaShiell <jdashiel@panix.com>

Prev by Date: AppArmor profiles for firefox on Buster
Next by Date: Re: dropbox security situation
Previous by thread: dropbox security situation
Next by thread: Re: dropbox security situation
Index(es):
- Date
- Thread