Dropbox authentication gaffe exposes users’ files

dropbox-logo-large

Online storage service Dropbox—popular for its seamless mobile and desktop client software—accidentally disabled password authentication on its service for four hours yesterday. Although Dropbox says less than one percent of its 25 million accounts were accessed during that time, the gaffe does mean that all users’ content—potentially including email, documents, photos, videos, passwords, and more—were exposed to the whole Internet until Dropbox corrected the issue.

According to Dropbox CEO Arash Ferdowsi, Dropbox began rolling out a code change just before 2PM PDT on June 20 that exposed an issue in Dropbox’s authentication system that would enable logins without a correct password. Dropbox found the problem four hours later and severed all active connections to the service, re-instating normal authentication.

“We’re conducting a thorough investigation of related activity to understand whether any accounts were improperly accessed,” Ferdowsi wrote. “If we identify any specific instances of unusual activity, we’ll immediately notify the account owner.” The company says that all accounts logged in during the period should now have received an email message with additional security information.

The gaffe follows controversial changes to Dropbox’s privacy policy and re-statement of its content encryption process, which have sparked a complaint to the Federal Trade Commission. Dropbox has characterized the complaint as meritless.

Dropbox’s authentication failure highlights some of the risks of cloud-based storage: while users appreciate the convenience and elegance of Dropbox storage and being able to access it cleanly from a number of devices and services, the bottom line is that users are trusting their data to third parties, and operational glitches seem all too common the burgeoning cloud world.

Emerging Tech

Awesome Tech You Can’t Buy Yet: A.I.-powered cat toys, wallets, food containers

Check out our roundup of the best new crowdfunding projects and product announcements that hit the web this week. You may not be able to buy this stuff yet, but it sure is fun to gawk!
Home Theater

What is Hulu with Live TV? Here’s everything you need to know

Hulu with Live TV is a different take on a live TV streaming service, directly integrating live TV into the Hulu app you already know and perhaps love. We've put together a guide with everything you need to know about the service.
Home Theater

Google offers a week of free credit after YouTube TV outage, but not for long

Earlier this month, YouTube TV went down for users all around the world, and to make up for it, Google is offering affected users a week of free service. But if you want to grab the credit, you need to act quickly.
Home Theater

Don't need sports or local channels? Philo can save you some dough

Philo is a super-affordable live TV streaming service, with an impressive channel list and feature set. With more hardware support and greatly improved TV Everywhere features, the service is now even easier to recommend.
Home Theater

Cutting the cord? Let us help you find the best service for live TV streaming

There's a long list of live TV streaming services available to help you cut the cord and replace your traditional TV subscription. Each is different in important ways, and this guide will help you find the best one for you.
Computing

What's the best laptop? We've reviewed a lot of them, and this is our answer

The best laptop should be one that checks all the boxes: Great battery life, beautiful design, and top-notch performance. The laptops we've chosen for our best laptops you can buy do all that — and throw in some extra features while…
Gaming

The 'Fallout 76' beta starts tomorrow! Here's when it starts and how to join

Want to get into Bethesda's Fallout 76 beta? We don't know when the program will launch, but we provide instructions on how to get ready. The game officially launches on November 14.
Emerging Tech

Looking for a good read? Here are the best, most eye-opening books about tech

Sometimes it's sensible to put down the gadgets and pick up a good old-fashioned book -- to read about the latest gadgets, of course. Here are the tech books you need to check out.
Computing

Samsung’s HMD Odyssey Plus gives you a clearer view into the virtual world

Samsung's refreshed HMD Odyssey+ promises to make Windows Mixed Reality experiences better by eliminating pixelated views caused by screen doors. The $500 headset also focuses on comfort this year with ergonomic improvements.
Computing

Intel denies rumors that 10nm Cannon Lake CPUs have been canned

Intel's long-in-development and oft-delayed, Cannon Lake 10nm CPU design has reportedly been canceled. Intel is denying the rumor, but if true, it could push back the release of new Intel chips by a long time.
Computing

Not to be outdone, Samsung says it’s making a laptop with a foldable display

Samsung announced that it is also working on a dual-screen computer. But rather than using two separate display panels, Samsung said that its novel laptop will come with a large flexible display that can fold when closed.
Photography

Free your digital memories, and frame them, with the best photo printers

Printed photos are experiencing a revival at the moment, but you don’t need to go to a special lab. Here’s our favorite options for making quality prints, from pocket-sized printers to wide-format photo printers capable of spitting out…
Computing

A new bug in the Windows 10 October 2018 Update could delete your files

The Windows 10 October 2018 Update has been on a rough path and in the latest set of issues, a new bug is impacting native zip file operations, potentially leading to overwritten files in some instances. 
Computing

Antivirus software has evolved a lot recently, and we need it more than ever

Everyone says you need it, but really is antivirus software, and how does it work? It depends on who you ask as different digital security companies employ different techniques to combat the latest malware threats.