Dropbox has published a set of guidelines for how companies can "encourage, support, and celebrate independent open security research" -- and they're actually pretty great, a set of reasonable commitments to take bug reports seriously and interact respectfully with researchers.
Read the rest
Condi, not satisfied with just reading your documents, buys secret chat company; NSA backdoor to follow. Read the rest
Ars Technica's Jon Brodkin reviews the new BitTorrent BitTorrent Sync, a peer-to-peer-based Dropbox replacement that's now in public alpha testing. BTSync uses the BitTorrent protocol to keep the files on several computers synchronized, and the actual file-transfers are robustly encrypted so that no one -- not BitTorrent Inc, not your ISP, and not a hacker -- can sniff them as they traverse the Internet and invade your privacy. There's no central server for the police to seize or for hackers or backhoes to knock offline, either. Brodkin's review is comprehensive and makes this sound like a hell of a product.
"Since Sync is based on P2P and doesn’t require a pit-stop in the cloud, you can transfer files at the maximum speed supported by your network," BitTorrent said. "BitTorrent Sync is specifically designed to handle large files, so you can sync original, high quality, uncompressed files."
In the pre-alpha testing that began in January, 20,000 users synced more than 200TB of data. BitTorrent Sync clients can be downloaded now for Windows, Macs, Linux desktops, and Linux-based network-attached storage devices. Mobile support will come later.
Setting the client up is easy. No account is required, but a randomly generated (or user-chosen) 21-byte key is needed to sync folders across computers. After installing the application and choosing a folder to sync you'll be given a string of random letters and numbers that should be typed into a second computer to sync the folder...
BitTorrent Sync creates private, peer-to-peer Dropbox, no cloud required Read the rest
A couple weeks ago, a few hundred Dropbox users noticed they were receiving loads of spam about online casinos and gambling websites, at email addresses those users had set up only for Dropbox-related actions. The online file storage service now admits that hackers snagged usernames and passwords from third party sites, and used this data to break into those Dropbox users' accounts. Dara Kerr, reporting for CNET:
"Our investigation found that usernames and passwords recently stolen from other websites were used to sign in to a small number of Dropbox accounts. We've contacted these users and have helped them protect their accounts," the company wrote in a blog post today. "A stolen password was also used to access an employee Dropbox account containing a project document with user email addresses. We believe this improper access is what led to the spam."
Over at Ars Technica, Jon Brodkin has more. Evidently, the illicit access happened because a Dropbox employee’s account was hacked. Read the rest
Dropbox just made it so that
I you can get up to 16GB of storage by referring new users to the awesome, life-changing free-of-charge cloud service. Noobs also get the same bonus for being referred, too. Let's get this pyramid scheme rolling, people. Update: I'm maxed out. Scroll down to the comments and give your fellow readers some. Read the rest