Hey #Dropbox, y'all need to rein in your marketing and web development team(s). I go to my Dropbox once every two or three months--and each time I end up having to learn how to use your website again because there has been so many changes. Please give me a basic file manager button, so I can by pass all of the BS website bloat FFS. Oy... :/
#psa Okay, learned a lesson today. I either missed this or the setting changed in an update. Both #OneDrive and #Dropbox have a setting for keeping all the files in the cloud rather than on your Mac, downloading them as you need them. This means that if you need them and the service is responding poorly, or you have no connectivity, you can't get to your files. If you use #scrivener, for example, which syncs through dropbox, this can cause sync errors between devices!
Both services appear to set all files online only. Both services have a way to change this to ensure all files are downloaded for offline use.
#Writers, #authors, as well as #artists, I strongly suggest you keep your files on disk as well as in the cloud. Change these settings now!
Okay. Interesting. Moving files from Dropbox creates placeholder files that are empty but take up space. There's a little cloud symbol beside the files in the dropbox directories, but they refused to download. Sheesh. Luckily, the files exist online. I've logged on to the online dropbox and downloaded all my files to my hard disk in a separate directory as a backup. I'm trying bypassing the dropbox refused to sync issue by signing out of dropbox and orphaning the current directories. Signing on again, but creating new dropbox directory tree on disk that must be downloaded again from the #dropbox#cloud.Hoping that this fixes the #sync problems I'm having between platforms, at least from the Mac perspective.
And Bam! Less than 10 minutes later, #dropbox has laid down all the files from the #cloud in the new directories. #Scrivener opens the previously damage project (because dropbox had refused to download things) with everything consistent with the iPhone version. Yay!
Here's another rant about a large corporation bending us over a chair with a huge security breach. But first the bits emailed to me from Dropbox:
"We can confirm that Dropbox Sign customer information such as emails, usernames, phone numbers, hashed passwords, multi-factor authentication, and general account settings were obtained."
Me: Fuck you Dropbox
"At Dropbox, our number one value is to be worthy of trust. We hold ourselves to a high standard when protecting our customers and their content. We didn’t live up to that standard here, and we’re deeply sorry for the impact it caused our customers."
Super weird to me that Dropbox has told Dropbox Sign customers to "delete your existing entry and then reset it" if they use app-based MFA. I have never seen "delete your MFA and create new tokens" in post-compromise account hygiene advice before.
I suspect two things:
1.) Dropbox was storing plain text MFA seeds right next to their password hashes
2.) We're going to hear a lot more about this soon.
If you use Dropbox you should probably change your password.
Headline: #Dropbox Hacked! Threat Actor Accessed Passwords and Phone Numbers
Snippet: A quick analysis revealed that a threat actor had broken in to access customer information such as emails, usernames, phone numbers and hashed passwords, as well as general account settings and certain authentication information (API keys, OAuth tokens, and multi-factor authentication).
@sigh_d It appears so, and as somebody who isn't a DropBox user I'm not sure if "DropBox Sign" accounts are the same as DropBox storage accounts, or if they're separate. I would assume they are the same, so if you had an account with DropBox Sign and it became compromised, that probably grants access to files stored in your DropBox account as well.
@gerowen@sigh_d Dropbox Sign is the rebranded Hellosign product that Dropbox acquired in 2019. According this post on their site their infrastructure is largely isolated from the rest of Dropbox. (And as far as a I know the account for hellosign/dropbox sign to sign or request signatures - I’ve only used it in the past to sign things - is separate from my main Dropbox account and has different credentials.
vi ricordiamo che da 1 anno tutti gli utenti di #MastodonUno possono fare richiesta di un account Nextcloud da 25GB per poter conservare e condividere file senza le limitazioni presenti su mastodon.
Nextcloud è un progetto open source e permette di importare automaticamente tutti i file dall'account #dropbox.
Questo è il modulo di richiesta per ricevere i dati di accesso:
@gmarcosanti@informapirata Se tu hai una bicicletta, ed io non te la porto via ma ho duplicato ogni singola chiave di ogni singolo lucchetto, tu quella bici non potrai più parcheggiarla senza cambiare tutto
E se dentro il borsello avevi le chiavi di casa, tra una settimana sarai vittima di un furto
Cloud storage company #Dropbox reported that a hacker breached company systems on April 24 and gained access to sensitive information like passwords and more.