Dropbox authentication gaffe exposes users’ files

dropbox-logo-large

Online storage service Dropbox—popular for its seamless mobile and desktop client software—accidentally disabled password authentication on its service for four hours yesterday. Although Dropbox says less than one percent of its 25 million accounts were accessed during that time, the gaffe does mean that all users’ content—potentially including email, documents, photos, videos, passwords, and more—were exposed to the whole Internet until Dropbox corrected the issue.

According to Dropbox CEO Arash Ferdowsi, Dropbox began rolling out a code change just before 2PM PDT on June 20 that exposed an issue in Dropbox’s authentication system that would enable logins without a correct password. Dropbox found the problem four hours later and severed all active connections to the service, re-instating normal authentication.

“We’re conducting a thorough investigation of related activity to understand whether any accounts were improperly accessed,” Ferdowsi wrote. “If we identify any specific instances of unusual activity, we’ll immediately notify the account owner.” The company says that all accounts logged in during the period should now have received an email message with additional security information.

The gaffe follows controversial changes to Dropbox’s privacy policy and re-statement of its content encryption process, which have sparked a complaint to the Federal Trade Commission. Dropbox has characterized the complaint as meritless.

Dropbox’s authentication failure highlights some of the risks of cloud-based storage: while users appreciate the convenience and elegance of Dropbox storage and being able to access it cleanly from a number of devices and services, the bottom line is that users are trusting their data to third parties, and operational glitches seem all too common the burgeoning cloud world.

Photography

Color grading pushes Pinnacle Studio 22 toward more pro video editing features

Designed for videographers that aren't pros but aren't basic users either, Pinnacle Studio 22 expands its advanced tools with color grading and four-point editing. The updates bring more advanced tools to the platform.
Mobile

How to find a lost phone, whether it's Android, iPhone, or any other kind

Need to know how to find a lost phone? Here, we’ll help you locate your lost or stolen phone using both native and third-party apps and services, whether it’s a smartphone or an older variety.
Home Theater

Cutting the cord? Let us help you find the best service for live TV streaming

There's a long list of live TV streaming services available to help you cut the cord and replace your traditional TV subscription. Each is different in important ways, and this guide will help you find the best one for you.
Photography

8 easy ways for you to transfer photos from an Android phone to a PC

If you haven't already, you should back up your photos to a computer. Here's how to transfer photos from an Android phone to a PC using third-party services and a wealth of storage devices.
Movies & TV

Got questions about Hulu and Hulu with Live TV? We've got answers

Not sure which Hulu subscription is right for you? We're here to help. This is your complete guide to Hulu and Hulu with Live TV, including content offerings for each service, pricing, internet requirements, and more.
Emerging Tech

Buying on a budget? Here’s all the best tech you can snag for $25 or less

We live in a world where you can get a cheeseburger for $1, a functioning computer for $5, and thousands of HD movies for $10 -- so it stands to reason that you should be able to pick up some pretty sweet gear for $25.
Computing

Is your PC safe? Foreshadow is the security flaw Intel should have predicted

Three new processor vulnerabilities have appeared under the 'Foreshadow' banner. They're similar in nature to Meltdown and Spectre, only they steal data from different memory spaces. Here's everything you need to know.
Computing

Australian student hacks into Apple, steals 90GB of data because he’s a ‘fan’

A 16-year-old student in Australia broke into Apple’s network multiple times for an entire year to download 90GB of “secure” data and access customer accounts. He did this because he was a "fan."
Web

Google claims censored search in China is ‘not close’ as employees protest

Google CEO, Sundar Pinchai, has promised employees that the company is "not close" to releasing a censored search product in China, despite claims that it was working on such a project.
Web

Adobe Spark Page makes web design easy — here’s how to use it

Using artificial intelligence and simple tools, Adobe Spark Page is designed for easy web page design. Here's how to use Adobe Spark Page to create a travel journal, event page or any other one-page website.
Deals

Best Buy drops the price of MacBooks for its anniversary sale

It's not every day you see a MacBook sale like this, so you'll definitely want to consider these savings -- especially if you're a student. Students can save an additional $150 just by signing up for Best Buy student deals.
Deals

Walmart Back to College sale: Save big on computers, TVs, tablets, and more

Walmart's Back to College sale is your chance to score big discounts on name-brand electronics, so whether you're getting ahead of the new school year or just doing some shopping, we've picked out the best deals that can save you hundreds…
Computing

Qualcomm’s Snapdragon 850 chip appears in benchmarks with improved performance

A benchmark for Qualcomm’s new Snapdragon 850 processor show a less-than-stellar increase in multi-core performance over the previous 835 chip. Introduced in June, the Snapdragon 850 promises up to 30 percent better performance.
Computing

These 30 apps are absolutely essential for Mac lovers

There are literally hundreds of thousands of great software programs compatible with MacOS, but which should you download? Look no further than our list of the best Mac apps you can find for the latest MacOS and how they can help out your…