Okay, so I happen to have a shared DropBox configuration with a variety of collaborators. A few folders are overlapping, but most are not.
Some 15% of my total DropBox storage is shared. * * *>>That's not the risk I am concerned about. I'm concerned about the risk where you're sharing a Dropbox account with folks whose machines are not under your control, which, from my understanding, is one of the major use cases for this service* Your premise needs validation. *Most* of the people I know who are using DropBox are not sharing the folders with anyone else. Of the people I know using DropBox who *are* sharing folders with others, 80% are only sharing them with me. So, of the 30-odd people I know using Dropbox, removing me from the equation results in almost no folder sharing. But, for argument's sake, let's suppose that my anecdotal stats are completely off-base. DropBox allows you to share at the subfolder level, not the root, so a person would have to go to a lot of work to share their entire DropBox archive. *>>Putting aside any concerns about the security of the Dropbox infrastructure (which is a considerable question of its own), the security model for this is completely borked.* Just because you say so? Try presenting something substantive. Back to me and my 15% shared storage. If the full system of one of the people who I share a set of folders with becomes compromised, some 3rd party could setup a separate machine that would allow them to install DropBox and get access to 100% of the victims files, plus 15% of my files (actually, some % less than 15, since that number is my total shared percentage across different teams). So, my exposure is very limited. *>>My initial premise that your Dropbox is exposed if your config.db is stolen - not the same thing.* The degree of exposure is limited to the degree of data sharing with the victimized individual -- IOW, no additional data is exposed above and beyond that which is already exposed by access to the original machine. If my DropBox looks like: DropBox ------ Cool Stuff ------ Secret Stuff ------ Other Stuff *------ Shared Stuff #1* ------ Shared Stuff #2 ...and I am sharing the *"Shared Stuff #1"* folder with the victim whose machine has been co-opted by BadDude, then the only risk I have is to *"Shared Stuff #1"*, which is the same read risk as before, but a new delete risk for me. However, it should be noted that there is no increase in risk over controlling the machine and simply deleting the shared files in the first place. *ASB *(Professional Bio <http://about.me/Andrew.S.Baker/bio>) *Harnessing the Advantages of Technology for the SMB market... * On Wed, Apr 13, 2011 at 5:35 PM, Kurt Buff <kurt.b...@gmail.com> wrote: > On Wed, Apr 13, 2011 at 11:17, Andrew S. Baker <asbz...@gmail.com> wrote: > >>>The takeaway here: Don't use any remote applications in the cloud for > >>> anything you wouldn't want to see posted on the front page of the NY > Times. > > FTFY > > I'll accept that fix. > > > This is much ado about nothing. > > I don't believe as you do. > > > If your box is compromised, and you're > > sharing things remotely, then you have more risks than if you weren't. > > That's not the risk I am concerned about. I'm concerned about the risk > where you're sharing a Dropbox account with folks whose machines are > not under your control, which, from my understanding, is one of the > major use cases for this service. Putting aside any concerns about the > security of the Dropbox infrastructure (which is a considerable > question of its own), the security model for this is completely > borked. > > > Feel free to suggest an authentication mechanism that would withstand the > > initial premise of "your machine is exposed such that your config.db is > > stolen". > > My initial premise that your Dropbox is exposed if your config.db is > stolen - not the same thing. > > > Several of the comments, particularly those by alec muffett, provide > > valuable information about the risk. > > I'd welcome the ability to see where else systems are logged on to > Dropbox, > > but that's about the extent of my concern at this time. > > And, given that some influential staff in my org are using Dropbox, > and started doing so without notifying IT, I'm concerned about that > too, and that I don't have a good way to turn their access to it off. > > Kurt > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
