Dropbox, one of the most prevalent cloud storage systems out there, is disabling shared links in order to fix a bug that has apparently been affecting its service. The company said that it had no information about the exploit being used to steal personal information. The fact that it exists, and it uses public links to access information, caused the company to act however.
According to a blog post on the exploit from Dropbox, said that access to shared public hyperlinks to items on its service have been disabled entirely. Over the next couple of days the company says it will be restoring access to those items that are not susceptible to the vulnerabilities found in the Dropbox system, and users are able to recreate any links that are now broken in order to reinstate access without fear of intrusion.
Gates Capital's ECF Value II fund was up 9.4% for the first quarter, compared to the HFRI Event-Driven Index's 8.2% gain, the Russell 2000's Value Total Return Index's 21.2% gain, and the S&P 500's 6.2% return. Q1 2021 hedge fund letters, conferences and more Gates Capital Management is an event-driven value . . . SORRY! Read More
Dropbox disables service to plug holes
The blog post that dealt with the exploit said that those links vulnerable to abuse were those that had a hyperlink to a third party website that is clicked on by a user. That could potentially allow documents to be accessed by someone other than the intended recipient. Many users who regularly use Dropbox to share and edit documents use shared hyperlinks to work with the service making the closing of those old links a major problem for the company’s users in the short-term.
In the statement Dropbox said “We realize that many of your workflows depend on shared links, and we apologize for the inconvenience. We’ll continue working hard to make sure your stuff is safe and keep you updated on any new developments.” The company is aware of the way that people use its service, and they’re actively working on getting any links that were taken down back up and working.
Business customers have an additional way to get around the problems being faced by the service’s users. According to the blog post, “if you’re a Dropbox for Business customer, you have the option to restrict shared link access to people in your Dropbox for Business team. Links created with those access controls were not affected.”
Dropbox security flaw opens doors
The Dropbox security flaw may be an opportunity for its competitors. The exploit was actually discovered and initially posted about by Intralinks, a company that directly competes with Dropbox. The cloud storage industry, which is being crowded by a few small players and a few big ones right now, is far from mature, and there is a huge amount of changes that may come to force themselves on the sector before its business is anything like stable.
The security flaw that Dropbox admitted today is not a major one, and it’s not likely to play against the public image of the company in any major way. The company is the big name in cloud services, barring perhaps the Apple Inc. (NASDAQ:AAPL) iCloud service that so many know through their smartphone. Unless the bug revealed by the company today takes a major turn and lasts much longer than expected, its reputation should manage to stay intact through this issue.