Jump to content
Have You Played Atari Today?
2600|5200|7800|Lynx|Jaguar|Forums|Store  
Omega-TI

HDX Users -- A community 'Drop Box' as a sub directory.

By Omega-TI, in TI-99/4A Computers

Recommended Posts

Omega-TI

Omega-TI
Posted

Never having used "Drop Box' I have no idea how it might open ones computer up to security weaknesses. So I"m asking here... Is it secure.? If so would any other HDX user be interested in a 'community sub directory' for our TI's?

 

I cannot think of an easier way to potentially access new programs than just listing them with DM2K and pressing X to run them.

 

Share this post

Link to post
Share on other sites

+Schmitzi

Schmitzi
Posted (edited)

hmm, I cannot imagine to use dropbox on my systems, as I have to install a peace of "mystery" software on my PCs,

as I hold sensitive data here. All they want, as they offer all these drives for free, is your data, of course. They are not the welfare.

Yes, not the TI-data at all, but what exactly does this software on my PC, while working easy around all my security-systems ?

 

But i am sure, most other users accept that.

 

RS

 

PS: Maybe I could offer some web- or ftp-space on one of my public servers, but somebody should

have to care about the mechanisms, wether and how to bring it to work.

 

/EDIT/ PS: If dropbox is going to be the only solution, I will solve that by having an isolated PC-System for that

Edited by schmitzi

Share this post

Link to post
Share on other sites

Willsy

Willsy
Posted

Never having used "Drop Box' I have no idea how it might open ones computer up to security weaknesses. So I"m asking here... Is it secure.? If so would any other HDX user be interested in a 'community sub directory' for our TI's?

 

I cannot think of an easier way to potentially access new programs than just listing them with DM2K and pressing X to run them.

 

I've had it installed continuously on my machine for the last 4 years. No problems whatsoever.

  • Like 1

Share this post

Link to post
Share on other sites

Omega-TI

Omega-TI
Posted

I've been doing a little background and this article gives me some pause. Now honestly, TI stuff is TI stuff, nothing special or personal about TI stuff on their server. I'm mostly wondering if the hole this would create in my firewall could possibly be exploited.

Share this post

Link to post
Share on other sites

+Schmitzi

Schmitzi
Posted

I've had it installed continuously on my machine for the last 4 years. No problems whatsoever.

 

...yes, of course. If a burglar (DropBox-Setup.exe) has reaches full access to your house (system), and hides there,

he would do the hell to get obvious or make problems

 

I've been doing a little background and this article gives me some pause. Now honestly, TI stuff is TI stuff, nothing special or personal about TI stuff on their server. I'm mostly wondering if the hole this would create in my firewall could possibly be exploited.

 

DropBox has, after installation, fully access to all systems via the credentials you have installed it with (mostly local admin), and to all local network shares reachable for you.

NO firewall can stop it from sending and receiving data on the outside interface, as it can i.e. use port 80.

Maybe a proxy with some IDS-functions can prevent from that, or an application-filter if present,

but you would recognize that successfull prevention as the dropbox (and likely apps) would not function :)

 

I do not say that they do that, but they would be able to, theoretically. And concerning the facts that you read every day in the news,

a bunch of millions of stolen passwords here, and stolen ssl-certs there, from these "providers", could do the rest by hackers/hijackers.

(and you will only seldom get aware of the facts if something has been stolen, as they do not publish if possible, of course)

 

RS

Share this post

Link to post
Share on other sites

Dexter

Dexter
Posted

I only subscribed to Drop Box, but didn't install their software. I can login with my browser and manage the webspace of two gigabyte. They keep bugging me to install their software becaus it would give me so much more functionality. :-D

  • Like 1

Share this post

Link to post
Share on other sites

+OLD CS1

OLD CS1
Posted

I've been doing a little background and this article gives me some pause. Now honestly, TI stuff is TI stuff, nothing special or personal about TI stuff on their server. I'm mostly wondering if the hole this would create in my firewall could possibly be exploited.

 

The DropBox vulnerability does not affect anything local to your computer. The problem as I understand it was unrestricted access to private shared DropBox files (sent as links.) To my knowledge, there is nothing in the DropBox client which allows an attacker to tunnel into your computer and do nefarious things.

 

I am not a fan of "cloud" services one iota, but I do like when the media are thorough and proper in reporting problems with them rather than build up hysteria.

  • Like 1

Share this post

Link to post
Share on other sites

Willsy

Willsy
Posted

DropBox has, after installation, fully access to all systems via the credentials you have installed it with (mostly local admin), and to all local network shttp://www.johnlewis.com/aspinal-of-london-mini-hepburn-saffiano-leather-across-body-bag/p1821364?colour=Deers reachable for you.

 

Whoa. Let me stop you there. Why are you singling out Dropbox? What you have just said can be applied to any software package that you install on a Windows system.

 

NO firewall can stop it from sending and receiving data on the outside interface, as it can i.e. use port 80.

 

Just like Chrome. Or Microsoft Word. Or Gmail, or Google+

I do not say that they do that, but they would be able to, theoretically. And concerning the facts that you read every day in the news,

a bunch of millions of stolen passwords here, and stolen ssl-certs there, from these "providers", could do the rest by hackers/hijackers.

 

Sorry but your paranoia is misplaced in this particular case. You have more to fear from a search bar in your browser, or Facebook, than Dropbox. They are a reputable company and have a lot of enterprise business customers, which is where they make their money. I do agree that there are lots and lots of dodgy software applications out there, but dropbox is not one of them.
  • Like 3

Share this post

Link to post
Share on other sites

RobertLM78

RobertLM78
Posted

Whoa. Let me stop you there. Why are you singling out Dropbox? What you have just said can be applied to any software package that you install on a Windows system.

 

 

Just like Chrome. Or Microsoft Word. Or Gmail, or Google+

Sorry but your paranoia is misplaced in this particular case. You have more to fear from a search bar in your browser, or Facebook, than Dropbox. They are a reputable company and have a lot of enterprise business customers, which is where they make their money. I do agree that there are lots and lots of dodgy software applications out there, but dropbox is not one of them.

I agree... besides these days I really don't care any more what the Feds see on my computer. If it's that serious, I won't even keep it on the computer in the first place ;-)

  • Like 2

Share this post

Link to post
Share on other sites

+Schmitzi

Schmitzi
Posted

Sorry, but DropBox is only an example. If we use google-products, they tell us at installation that they might do things like that.

Uploading files from our systems to "anywhere, right over the borders of your country" (so is written in Germany)

 

If we use facebook in a browser, the possibities are restricted, depending on the browsers possibilities.

If we use i.e. the Facebook- or WhatsApp-App on mobilephone, we have lost (exception: iPhone, if ya say NO at installation)

Otherwise they catch all contacts frome mobile phone for example. Some of them say at installation (if you read it),

that they are allowed to send ads to friends with that, and may use SMS-system for that (maybe "taking" that right/permission here for future use?)

Up to today, they just use that to make better advertising, and for getting a profiles from people (also movement via GPS-data).

All for your comfort :)

 

If we use old-style-office, we can "trust" in common, if you use new office, and store your data in the cloud, your data is in the "cloud".

And who knows what happens in this grey cloud ? I do not know that.....

And if someone breaks/hacks that, and they loose all of the data, they will definetely not tell. Only if somebody gets aware of that and denounces.

 

I also never have used any toolbars, not only one my live. Yes, they are not out to compromise, dropbox not, too.

But here exxactly is the danger that something could happen at this maybe unsecure point, thats what I want to say.

 

As IT-security is a part of my work, I see people every day getting more and more unworried about their own things,

and from that standpoint are explits starting mainly. And that is a big problem, from my point of view.

 

I hope it is not paranoia, I hope it is common sense :)

  • Like 1

Share this post

Link to post
Share on other sites

mizapf

mizapf
Posted

I hope it is not paranoia, I hope it is common sense :)

 

Not being paranoid does not mean they're not after you. :-D

  • Like 2

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
Go To Topic Listing

  • Recently Browsing   0 members

    No registered users viewing this page.

AtariAge
Forums
Store
General
Follow AtariAge

Copyright ©1998-2021 AtariAge

×
×
  • Create New...