Dropbox authentication gaffe exposes users’ files

dropbox-logo-large

Online storage service Dropbox—popular for its seamless mobile and desktop client software—accidentally disabled password authentication on its service for four hours yesterday. Although Dropbox says less than one percent of its 25 million accounts were accessed during that time, the gaffe does mean that all users’ content—potentially including email, documents, photos, videos, passwords, and more—were exposed to the whole Internet until Dropbox corrected the issue.

According to Dropbox CEO Arash Ferdowsi, Dropbox began rolling out a code change just before 2PM PDT on June 20 that exposed an issue in Dropbox’s authentication system that would enable logins without a correct password. Dropbox found the problem four hours later and severed all active connections to the service, re-instating normal authentication.

“We’re conducting a thorough investigation of related activity to understand whether any accounts were improperly accessed,” Ferdowsi wrote. “If we identify any specific instances of unusual activity, we’ll immediately notify the account owner.” The company says that all accounts logged in during the period should now have received an email message with additional security information.

The gaffe follows controversial changes to Dropbox’s privacy policy and re-statement of its content encryption process, which have sparked a complaint to the Federal Trade Commission. Dropbox has characterized the complaint as meritless.

Dropbox’s authentication failure highlights some of the risks of cloud-based storage: while users appreciate the convenience and elegance of Dropbox storage and being able to access it cleanly from a number of devices and services, the bottom line is that users are trusting their data to third parties, and operational glitches seem all too common the burgeoning cloud world.

Smart Home

With a simple command, Alexa can arm all your security devices

Alexa customers can query status plus arm or disarm home security systems several companies. New Alexa Guard skills set your home to away mode, send alerts when alarms or sensors go off, and contact home security monitoring services.
Movies & TV

Pedro Pascal officially cast as 'The Mandalorian' as Disney show fills out cast

The Mandalorian, Jon Favreau's live-action Star Wars series planned for Disney's streaming video service, will be one of the most expensive television shows ever made. Here's everything we know about it so far.
Music

Jam out in style with the 25 best playlists on Spotify

Music is the world's most potent drug, and the best playlists on Spotify will make you catch feelings. We've scoured the service for its top collections, and brought them together in one place -- for you.
Deals

Sign up for Verizon Fios Triple Play and get a free Amazon Echo, Prime for a year

Verizon is now offering its Fios Gigabit Connection Custom TV and Phone service with Amazon Prime tossed in. While valid, you can sign up for the company’s Triple Play package, which includes all three Fios services, for $80 per month.
Computing

Style up your MacBook Air with one of these great cases or sleeves

Whether you’re looking for added protection or a stylish flourish, you’re in the right place for the best MacBook Air cases. We have form-hugging cases, luxurious covers and padded sleeves priced from $7 to $130. Happy shopping!
Computing

Want to make one hard drive act like two? Here's how to partition in Windows

If you don't want all of your files stored in one place but only have one drive to work with, partitioning is your best way forward. Here's how to partition a hard drive in Windows 10, step by step.
Mobile

Leave the laptop at home, the iPad Pro is the travel buddy to take on vacay

The iPad Pro is a powerful tablet that's perfect for creatives and professionals. How does it fare when traveling with it as a laptop replacement? We took it on a two week trek in Japan to find out.
Computing

Does Qualcomm's latest laptop processor hold up against Intel's Core i5?

Qualcomm has been nipping at Intel's mobile CPU heels for years and now it might finally have overtaken it. To find out whether it's new SoC can hold its own in mid-range computing, we pitted the Snapdragon 8cx vs. Core i5.
Photography

Not just for Lightroom anymore, Loupedeck+ now works with Photoshop

Loupedeck+ can now help photographers edit in Photoshop too, thanks to physical controls for swapping tools, running actions, and more. The photo-editing console expanded to include Photoshop in the list of compatible editing programs.
Computing

Turn your Raspberry Pi into a Steam streaming hub with Valve’s Steam Link app

Valve's Steam Link app is now fully supported by Raspberry PI hardware, meaning that just about anyone with a few dollars to spare can build their own Steam streaming box in a matter of minutes.
Computing

Amazon takes $300 off Intel Core i7 Surface Pro 6 in latest sale

If you're looking for savings on the Surface Pro 6, Amazon is the place to shop. It currently is discounting the Intel Core i7 variant of Microsoft's latest 2-in-1 by $300, though no Type Cover is included.
Music

Here's our head-to-head comparison of Pandora and Spotify

Which music streaming platform is best for you? We pit Spotify versus Pandora, two mighty streaming services with on-demand music and massive catalogs, comparing every facet of the two services to help you decide which is best.
Computing

Our favorite Chrome themes add some much-needed pizzazz to your boring browser

Sometimes you just want Chrome to show a little personality and ditch the grayscale for something a little more lively. Lucky for you, we've sorted through the Chrome Web Store to find best Chrome themes available.
Computing

Don't keep typing the same thing -- learn to copy and paste with these shortcuts!

Looking for useful Windows keyboard shortcuts? The most common are the cut, copy, paste and undo shortcuts compatible with all kinds of tasks. They can save you an awful lot of time if you learn how to use them.