Dropbox employee’s password reuse led to theft of 60M+ user credentials
Kate Conger, reporting at TechCrunch:
Dropbox disclosed in 2012 that an employee’s password was acquired and used to access a document with email addresses, but did not disclose that passwords were also acquired in the theft. Because Dropbox stores its user passwords hashed and salted, that’s technically accurate — it seems that hackers were only able to obtain hashed files of Dropbox user passwords and were unable to crack them. But it does appear that more information was taken from Dropbox than was previously let on, and it’s strange that it’s taken this long for the breach to surface.
Don’t reuse passwords folks. Find a password manager and learn to love it. There’s 1Password, LastPass, Dashlane and many others. That means there’s no excuse for you to keep using your dog’s name combined with your college graduation year or whatever terrible password you’re using for everything.
Dropbox isn’t a feature, it’s an infrastructure
Collin Fletcher of The Tech Block makes the solid case that the acquisition of iOS email app Mailbox by Dropbox signals the latter company’s push to build a “windowed ecosystem” on top of its core file syncing service. It’s worth reading the whole article, but I’d go a step further.
Victoria Barret of Forbes reported in October 2011 that, as Dropbox CEO Drew Houston told her in an interview, Steve Jobs called the company a “feature, not a product” when Houston rebuffed Jobs’ acquisition offer.
Steve was wrong, though. Dropbox isn’t a just product (although plenty of people pay for its core sync functionality), nor is it merely a feature (although it can be integrated into many different types of apps and services).
Dropbox is, at its most fundamental level, an infrastructure. What the Mailbox acquisition really signals is that Dropbox is confident enough in its core service that it is time to invest in ways to add value to that service. The Dropbox file storage and syncing infrastructure already undergirds the daily workflows of millions of people.
Email is the perfect product to build on that infrastructure. So is a personal music storage and player product. So is a task manager. So are innumerable other products that benefit from a powerful, reliable file synchronization mechanism that can functions flawlessly at scale.
Shawn Blanc explores Simplenote alternatives
The Simplenote/nvALT sync issues recently scared me away from Simplenote sync. I use Byword on the Mac and iPad, and Epistle on Android to sync notes with my Dropbox account. PlainText is also very good for this. I haven’t had any problems since going Dropbox-only.
If you’re a plaintext geek, read Mr. Blanc’s post to get a good overview of options from someone who knows the subject very well.
Nilay Patel on what we agree to when we use cloud services
Nilay Patel at The Verge reads some Terms of Service and drops some knowledge bombs. It’s definitely a must-read if you’re a Google, Dropbox, iCloud, or Skydrive user. So, if you’re on the internet at all, basically.