Dropbox authentication gaffe exposes users’ files

dropbox-logo-large

Online storage service Dropbox—popular for its seamless mobile and desktop client software—accidentally disabled password authentication on its service for four hours yesterday. Although Dropbox says less than one percent of its 25 million accounts were accessed during that time, the gaffe does mean that all users’ content—potentially including email, documents, photos, videos, passwords, and more—were exposed to the whole Internet until Dropbox corrected the issue.

According to Dropbox CEO Arash Ferdowsi, Dropbox began rolling out a code change just before 2PM PDT on June 20 that exposed an issue in Dropbox’s authentication system that would enable logins without a correct password. Dropbox found the problem four hours later and severed all active connections to the service, re-instating normal authentication.

“We’re conducting a thorough investigation of related activity to understand whether any accounts were improperly accessed,” Ferdowsi wrote. “If we identify any specific instances of unusual activity, we’ll immediately notify the account owner.” The company says that all accounts logged in during the period should now have received an email message with additional security information.

The gaffe follows controversial changes to Dropbox’s privacy policy and re-statement of its content encryption process, which have sparked a complaint to the Federal Trade Commission. Dropbox has characterized the complaint as meritless.

Dropbox’s authentication failure highlights some of the risks of cloud-based storage: while users appreciate the convenience and elegance of Dropbox storage and being able to access it cleanly from a number of devices and services, the bottom line is that users are trusting their data to third parties, and operational glitches seem all too common the burgeoning cloud world.

Gaming

Project Stream testers get to keep a free copy of ‘Assassin’s Creed Odyssey’

Those who participated in Google's technical test of Project Stream won't be able to access the service to play Assassin's Creed Odyssey after January 15, but they'll get to keep the game on PC anyway.
Home Theater

Netflix vs. Hulu vs. Amazon Prime: Battle of the streaming giants

Trying to figure out which subscription streaming service to use while sticking to a frugal entertainment budget? Check out our updated comparison of the big three: Netflix, Amazon Instant Video, and Hulu.
Music

Here's our head-to-head comparison of Pandora and Spotify

Which music streaming platform is best for you? We pit Spotify versus Pandora, two mighty streaming services with on-demand music and massive catalogs, comparing every facet of the two services to help you decide which is best.
Music

Spotify is the best streaming service, but its competitors aren’t far behind

It can be hard to decide which music streaming service is for you, so we've picked out the individual strengths of the most popular services, aiming to make your decision a little easier.
Gaming

With our Steam guide, you can give the gift of gaming this holiday season

The holidays may have passed, but it's always a good time to give the gift of gaming (especially when there's a Steam sale)! Here's our quick guide on how to give a Steam game as a gift.
Photography

Forget painting-style transfers, this A.I. creates realistic portraits of fake people

Do these images look computer-generated? Nvidia researchers recently published a paper on a new variation on style transfer artificial intelligence that's able to generate entirely new portraits.
Computing

Leaked HP laptop listing reveals entry-level Nvidia MX250 GPU

Alongside powerful graphics cards, Nvidia may have more mobile GPUs to show off at next year's CES show in January. The MX250 has been spotted in a listing for an HP laptop, potentially replacing the entry-level MX150.
Computing

ZSpace’s laptop brings education to life with its own 3D technology

The ZSpace laptop wants to overhaul education and training by offering affordable access to 3D mixed reality through a bespoke screen and glasses technology that is already supported by a wide array of applications.
Computing

Former Microsoft intern claims Google may have sabotaged Edge browser

Google's Chrome web browser has been able to establish such dominance that Microsoft is abandoning its web rendering engine, switching Edge over to Chromium, but did Google play dirty in an attempt to force Microsoft to make the decision?
Computing

ViewSonic’s 1080p gaming monitor lets you experience the action in style

ViewSonic is catering to gamers with its latest monitor, the XG240R. Featuring a 1080p 144Hz panel, RGB lighting, and a fast 1ms response time, you can conquer your opponents and do it in style.
Computing

Here’s why you might still be using Wi-Fi after cellular 5G launches

Cellular 5G might be around the corner and promising to deliver lightning fast speeds, but the folks over at the Wi-Fi Alliance have a few reasons why they think you shouldn't dump Wi-Fi just yet.
Computing

Pinning websites to your taskbar is as easy as following these quick steps

Would you like to know how to pin a website to the taskbar in Windows 10 in order to use browser links like apps? Whichever browser you're using, it's easier than you might think. Here's how to get it done.
Computing

Detangle your desk with a mighty wireless mouse. Here are our six favorites

If you're looking for the best wireless mouse on the market, we've got the list for you!. These six models have something for everyone, whether you're a hardcore gamer or simply looking to ward off carpal tunnel.
Web

Canceling Amazon Prime is easy, and you might get a refund

Don't be intimidated. Learning how to cancel Amazon Prime is easier than you might think. You might even get a partial or full refund on the cost, depending on how much you've used it. Check out our quick-hit guide for doing so.