Baaad Dropbox

[DasMorbo]

Hi everyone, haven't been posting in a while - been busy elsewhere.

Did you hear the latest news about Dropbox?

They read the files that users place in the service.

This is a German news article about it.

http://www.hardwareluxx.de/index.php/news/software/browser-und-internet/27882-dropbox-greift-auf-gespeicherte-dokumente-zu.html

In the end the article posts a part of the end user agreement which tells us that the content of user files will be decrypted befor being send to law enforcement agencies.

Hello NSA.

I think it isn't too interesting if you use the Dropbox just for gaming, but this is to those people who use it otherwise.

Is it just me or do other people feel sick too, when looking at the scope of surveilance the average citizen is subjected to these days???

Best regards

Olf

[para]

Hi everyone, haven't been posting in a while - been busy elsewhere.

Did you hear the latest news about Dropbox?

They read the files that users place in the service.

This is a German news article about it.

http://www.hardwareluxx.de/index.php/news/software/browser-und-internet/27882-dropbox-greift-auf-gespeicherte-dokumente-zu.html

In the end the article posts a part of the end user agreement which tells us that the content of user files will be decrypted befor being send to law enforcement agencies.

Hello NSA.

I think it isn't too interesting if you use the Dropbox just for gaming, but this is to those people who use it otherwise.

Is it just me or do other people feel sick too, when looking at the scope of surveilance the average citizen is subjected to these days???

Best regards

Olf

I didn't know that so thanks for the info..and yes too much snooping for my liking

[c3k]

Anything "free" just means you don't understand the cost. Gmail, dropbox, etc.

[Oddball_E8]

So the lesson learned from this is...

Do not play against anyone from the US government since they migt be able to read your turns?

[Juju]

Anything "free" just means you don't understand the cost. Gmail, dropbox, etc.

I wish more people would understand that...

[Tarquelne]

DB, in opening files to generate previews and coughing up files to the Feds on demand, is just as bad as a personal computer. (With the - sometimes important - exception of having no chance to smash your HD before the lab gets it.)

Note DB will remove DB's encryption for the Law, to save the NSA the trouble. If you want to make the NSA earn their keep you'll need your own encryption.

Whenever you put files in the "cloud" you'll be told your privacy is important and the files are secure. Maybe the service is run by liars or incompetents, maybe not. Either way, you'll be told the same thing, any mainstream service will likely cave to the law, and any service you can't successfully sue if your data is leaked or lost is one you can't count on not to leak or lose the data.

Here's the followup post from the guy who originally discovered the file-opening behavior:

http://www.wncinfosec.com/opening-and-previewing-documents/

Like most convenience features it's a non-zero added security risk, in that it's another opportunity to create a vulnerability. If you're concerned you should either be encrypting your data or just not putting it on the public cloud at all. (The internet is hardly a bank vault. When you put files in the cloud they're copied multiple times in multiple locations and overseen by multiple people. None of this is particularly conductive to iron-clad security.)

So this is really something of a non-issue. Real news is when someone finds a security flaw in such a service, and the jackpot is catching one actually leaking/mining data... Which the Infosec guy was fishing for. Good for him. (Give him the WH beat!)

[A Canadian Cat]

I wish more people would understand that...

Hee, hee says the guy who give us free UI mods. What is your hidden cost @Juju?

[blondKnight]

cough cough http://owncloud.org/

[Wodin]

I use 4shared and Skydrive.

[Wodin]

They must have tens of thousands of workers then just reading every new upload..and the NSA would be swamped..hmmm..me thinks it isn't as bad as t seems. I expect flag words are used and certain countries would come in for checking.

Hi everyone, haven't been posting in a while - been busy elsewhere.

Did you hear the latest news about Dropbox?

They read the files that users place in the service.

This is a German news article about it.

http://www.hardwareluxx.de/index.php/news/software/browser-und-internet/27882-dropbox-greift-auf-gespeicherte-dokumente-zu.html

In the end the article posts a part of the end user agreement which tells us that the content of user files will be decrypted befor being send to law enforcement agencies.

Hello NSA.

I think it isn't too interesting if you use the Dropbox just for gaming, but this is to those people who use it otherwise.

Is it just me or do other people feel sick too, when looking at the scope of surveilance the average citizen is subjected to these days???

Best regards

Olf

[GJR144]

me thinks it isn't as bad as t seems.

Because you have nothing to hide, correct?

Do you have a door for the WC? Why, if even complete foreigners working for the NSA know with whom you conversate, where you move, when, what you buy, what you talk about on the phone.

Oh, and don't ask stupid questions, if your daughter doesn't get a certain job. You shouldn't have bought that book at Amazon, which rendered your family as not trustworthy...

And also don't be afraid of the 1% criminal state workers. Surely never anyone at the NSA will empty your bank account or sell the private data or use it for personal reasons, since only angels are working for the enemies of freedom...

You are correct, it isn't as bad as it seems. It's much worse.

[ZPB II]

We live in a broken world, but I think singling out Dropbox is a bit alarmist. Pretty much everything on the net gets intercepted, do you use Google or Facebook? Even better, have you bought a smartphone? In the future we will see people use more and more signal jamming equipment to maintain even a modicum of privacy. I know engineer type people who claim to have acquired relatively inexpensive gear capable of jamming common frequencies...I personally hope Google Glass will be banned by law, I know several workplaces that already stricly ban anything even remotely resembling it. It has already become standard practice to have people place their electronics in a container during business meetings, but recently you start to notice that normal people demand smart devices be put the **** away when things of sensitive nature enter the discussion. Normal microphones aren't that bad, but what worries me are advancements in laser microphone technology...

If you are alarmed by Dropbox, you should start using Thor or somesuch and steer the **** away from any major website. Or the net in general.

If you think anything mainstream you do on the net is secure, be prepared for some bad news...You think your email isn't getting scanned for flags?

Yes, I think it's BS that privacy is worthless these days, but it's been like this for years. I laugh at the people who only went "Eureka!" since these latest leaks...If you mentioned ECHELON 10 years ago people would laugh and call you a paranoid tinfoil type...

Who knows, maybe they're watching your PBEM turns here: http://mondediplo.com/2010/09/04israelbase

[iMolestCats]

We live in a broken world, but I think singling out Dropbox is a bit alarmist. Pretty much everything on the net gets intercepted, do you use Google or Facebook? Even better, have you bought a smartphone? In the future we will see people use more and more signal jamming equipment to maintain even a modicum of privacy. I know engineer type people who claim to have acquired relatively inexpensive gear capable of jamming common frequencies...I personally hope Google Glass will be banned by law, I know several workplaces that already stricly ban anything even remotely resembling it. It has already become standard practice to have people place their electronics in a container during business meetings, but recently you start to notice that normal people demand smart devices be put the **** away when things of sensitive nature enter the discussion. Normal microphones aren't that bad, but what worries me are advancements in laser microphone technology...

If you are alarmed by Dropbox, you should start using Thor or somesuch and steer the **** away from any major website. Or the net in general.

If you think anything mainstream you do on the net is secure, be prepared for some bad news...You think your email isn't getting scanned for flags?

Yes, I think it's BS that privacy is worthless these days, but it's been like this for years. I laugh at the people who only went "Eureka!" since these latest leaks...If you mentioned ECHELON 10 years ago people would laugh and call you a paranoid tinfoil type...

Who knows, maybe they're watching your PBEM turns here: http://mondediplo.com/2010/09/04israelbase

Looks like all of the people who were called crazy and laughed at, are the ones laughing now. Hell everything we do and say is being monitored these days. Soon background checks for buying a gun will be tied in with the NSA data base and they will be able to pull up anything you have ever said on the internet. Next they find out you said some things about the government a few years back and deem you N/A for that gun you wanted for self-defense. Just because you may have said something when you were mad. Now they are just exploiting the system as they've been doing for years, just taking it to another level.

[agusto]

So the lesson learned from this is...

Do not play against anyone from the US government since they migt be able to read your turns?

I bet that all those detainees in Guantanamo just played a CM battle against someone from the US government and won. So better let your opponent win if you believe he is working for the NSA.

[poesel]

http://www.heise.de/mac-and-i/meldung/Dropbox-oeffnet-doc-Dateien-nicht-mehr-1958579.html

(link in german)

Looks like they stopped doing that. Still: if you give sensitive data to someone who should not read it - encrypt.

[GreenAsJade]

NSA "Information Dominance Centre".

[Jack Ration]

Me thinks a lot of these "the govt is watching you" scams must come from people who don't work in the govt! The bureaucracy is flat out paying its own exorbitant salary never mind scanning game turns in Dropbox!

GAJ - re the Guardian (otherwise know as: The Prada-Meinhof Newsletter)

A joke sometimes made about the Guardian is that it is just as dishonest as any other UK paper...except the Guardian distorts and lies for ideological purposes rather than commercial ones, which make it slightly "purer"

[The Teacher]

Oh Crap !

Does this mean the photo of me naked on a beach in Bali is going viral in the security sector of national defence......damn it.....photo shop....Im going to have to photp shop all my pics...hmmmm.... shave 35kg from the tummy... remove all the body fur.... buggar !

Add 7 inches..... are you sure they are looking in my dropbox ?

Someone is always watching, its life as we know it.

Cheers

[Brindlewolf]

All i have to say on this subject is:-

WAR IS PEACE

FREEDOM IS SLAVERY

IGNORANCE IS STRENGTH

Room 101 anyone(mines would be my ex-wife but that's another story )

[GreenAsJade]

Me thinks a lot of these "the govt is watching you" scams must come from people who don't work in the govt! The bureaucracy is flat out paying its own exorbitant salary never mind scanning game turns in Dropbox!

GAJ - re the Guardian (otherwise know as: The Prada-Meinhof Newsletter)

A joke sometimes made about the Guardian is that it is just as dishonest as any other UK paper...except the Guardian distorts and lies for ideological purposes rather than commercial ones, which make it slightly "purer"

I just thought it was enlightened of those guys to want to be like Picard rather than Kirk

Or maybe this was a Guardian distortion, and really they wanted to be like Kirk

GaJ

[iMolestCats]

All i have to say on this subject is:-

WAR IS PEACE

FREEDOM IS SLAVERY

IGNORANCE IS STRENGTH

Room 101 anyone(mines would be my ex-wife but that's another story )

I just read then watched 1984 so all of that is still fresh in my memory.

[Wodin]

I too worked for the British Government..I'm telling you now..no chance they are capable of monitoring every conversation and email and file passed on the net worldwide. When you've worked for them you'll realise how laughable it is.

It's fantasy. Just work out the AMOUNT of data that is..then the man hours needed to sift through it.

I think these conspiracy theories are a distraction away from the truth

Remember this April fool..get all of you tube on DVD..which was 175 truck loads and then one truck load every week..thats just youtube..

YouTube

http://www.youtube.com/theyoutubecollection

[A Canadian Cat]

It's fantasy. Just work out the AMOUNT of data that is..then the man hours needed to sift through it.

Well this is pretty much way off topic for these forums.

The thing is *not* people who are monitoring all the data - programs running on computers are. And yes it is doable. It becomes kind of like a big database you can do research on. Find a cell of criminals in real life? Look at their cell calling patterns before their big job, code it up and go see if you find similar patterns for the last year, two years, 10 years or happening in real time now. Oh look - that is a set of suspicious calling patterns, lets send agents to look at that group over there. Or we will run background checks on everyone we get a hit on and send agents to follow up any that seem suspicious. Or look at that these guys have a similar pattern over the last few years lets see what they are up to and start reading their emails.

You can see where this can go. If your quality of searches are good you might find actual bad guys doing the same bad thing. If your searches are bad you might be following joe/jane citizen as they go about their daily business. That could lead to a lot of disruption for joe and jane citizen.

And by keeping all this filed away you can really get dark about it. Those XYZ people keep opposing my political agenda go find out what they have been up to for the last 10 years. Some of them must have done something we can use to discredit them.

Or my girl friend/wife left me where is she now? Who doe she work for? Is she seeing someone else now? What can I get him in trouble for? Can I get her fired? Can I close down the day care she uses? And since the data is there for everyone you can do that kind of crap if you have the right access. And given the lack of oversight that has been recently revealed this is a real issue not a conspiracy theory.

And on and on.

[Redwolf]

So the lesson learned from this is...

Do not play against anyone from the US government since they migt be able to read your turns?

But the turn is still password protected even if you get ahold of the file.

The Guvernment might be able to read SSL/https/AES but not CM PBEM files. I am sure of it.

[Jack Ration]

GAJ - I'm more of a Sun reader

PM Jim Hacker: "Don't tell me about the press. I know exactly who reads the papers: The Daily Mirror is read by people who think they run the country, the Guardian is read by people who think they ought to run the country, the Times is read by people who actually do run the country, the Daily Mail is read by the wives of the people who run the country, the Financial Times is read by people who own the country, the Morning Star is read by people who think the country ought to be run by another country and the Daily Telegraph is read by people who think it is."

Sir Humphrey: "Prime Minister, what about the people who read the Sun?"

Bernard Wooley: "Sun readers don't care who runs the country, as long as she's got big tits."