Dropbox Fixes Shared Links Security Flaw

dropboxBy Dropbox (https://www.dropbox.com/branding) [Public domain], via Wikimedia Commons

Dropbox, one of the most prevalent cloud storage systems out there, is disabling shared links in order to fix a bug that has apparently been affecting its service. The company said that it had no information about the exploit being used to steal personal information. The fact that it exists, and it uses public links to access information, caused the company to act however.

According to a blog post on the exploit from Dropbox, said that access to shared public hyperlinks to items on its service have been disabled entirely. Over the next couple of days the company says it will be restoring access to those items that are not susceptible to the vulnerabilities found in the Dropbox system, and users are able to recreate any links that are now broken in order to reinstate access without fear of intrusion.

Dropbox disables service to plug holes

The blog post that dealt with the exploit said that those links vulnerable to abuse were those that had a hyperlink to a third party website that is clicked on by a user. That could potentially allow documents to be accessed by someone other than the intended recipient. Many users who regularly use Dropbox to share and edit documents use shared hyperlinks to work with the service making the closing of those old links a major problem for the company’s users in the short-term.

In the statement Dropbox said “We realize that many of your workflows depend on shared links, and we apologize for the inconvenience. We’ll continue working hard to make sure your stuff is safe and keep you updated on any new developments.” The company is aware of the way that people use its service, and they’re actively working on getting any links that were taken down back up and working.

Business customers have an additional way to get around the problems being faced by the service’s users. According to the blog post, “if you’re a Dropbox for Business customer, you have the option to restrict shared link access to people in your Dropbox for Business team. Links created with those access controls were not affected.”

Dropbox security flaw opens doors

The Dropbox security flaw may be an opportunity for its competitors. The exploit was actually discovered and initially posted about by Intralinks, a company that directly competes with Dropbox. The cloud storage industry, which is being crowded by a few small players and a few big ones right now, is far from mature, and there is a huge amount of changes that may come to force themselves on the sector before its business is anything like stable.

The security flaw that Dropbox admitted today is not a major one, and it’s not likely to play against the public image of the company in any major way. The company is the big name in cloud services, barring perhaps the Apple Inc. (NASDAQ:AAPL) iCloud service that so many know through their smartphone. Unless the bug revealed by the company today takes a major turn and lasts much longer than expected, its reputation should manage to stay intact through this issue.

For exclusive info on hedge funds and the latest news from value investing world at only a few dollars a month check out ValueWalk Premium right here.

Multiple people interested? Check out our new corporate plan right here (We are currently offering a major discount)



About the Author

Paul Shea
If you need to contact Paul his email is paulshea9@gmail.com

1 Comment on "Dropbox Fixes Shared Links Security Flaw"

  1. Dropbox hasn’t fixed this problem, they’ve made an obscure problem into a far first one for any of their users that rely on distributing stable links to files. All those links are now broken, and recreating the links (which gives a new URL) doesn’t fix the problem of all the emails or other documents that we’ve got out there with links that are now 404. Good move Dropbox break one of the core features of your service just as many of us are thinking of moving because of their appointment of Condoleza Rice (prominent supporter of warrantless wiretaps) to their board. Only think keeping us their was the quality of their service, that’s now been blown.

Leave a comment

Your email address will not be published.