Recently, you may have noticed a number of the tech review sites discussing issues with Dropbox, a service that provides file sharing and storage solutions. The main concern arises from an accusation made that the desktop client created for the Mac operating system seems to circumvent the authorization policies put in place by Apple to protect users, which may make it more vulnerable to the attacks of hackers.
Articles on sites like Hacker News posited that the program may try to phish for passwords for individual or administrator accounts, leading Mac users to become concerned about the security of the program overall. Others have noted that text that comes up in the security dialogs seems to be misleading and that numerous permissions must be granted to the service in able to use the program. While not all of these concerns have been directly addressed by Dropbox, they have released some information in relation to these questions.
Ben Newhouse, the Vice President of Engineering and Infrastructure at Dropbox, released a statement to address the security concerns raised by users, saying:
While this statement offers some insight into the problems faced by users, it isn’t enough to address all of the concerns they’ve presented. It spoke generally to questions regarding permissions, but didn’t include any reassurance against the security risks associated with opening these permissions to the program, leaving many users with concerns that spyware and malware could infect their systems because of the access granted.
I’d love to think that Dropbox has a valid technical arguments to request the kinds of permissions that it does; however, vague response statements, coupled with a lack of transparency in technical terms has caused me to be concerned about using the software until such time as they are better able to address those issues.
If you use a Mac and are also concerned about the responses offered by Dropbox, you can remove Dropbox from the OS X’s accessibility preferences using the simple guide from AppleHelpWriter found here. We’d also love to hear from readers who would like to share their own experiences with Dropbox.