1. errole's Avatar
    Just read a article on how hackers can access your cloud. No matter if OneDrive, google drive, box, etc is all vulnerable.

    The research paper details a new technique called MITC (Man in the Cloud), which allows attackers to intrude popular cloud storage services like Box, Dropbox, Google Drive, and OneDrive.

    MITC attacks don't rely on vulnerabilities in the syncing applications themselves, nor on security holes in the cloud storage server, but act on a design flaw.

    Because of the way these services were built, not requiring a password every time a file is synced, a token is used instead to authorize these operations without constantly hampering the user.

    This token is stored on each of the devices a user connects to their cloud storage device, and even if encrypted, it can be broken into and stolen by attackers.

    Read more Link: Attackers Can Access Dropbox, Google Drive, OneDrive Accounts Without the User's Password - Softpedia
    08-05-2015 09:29 AM
  2. Pete's Avatar
    This article neatly raises and then ignores the fact that any attacker would need physical access to the users device in order to steal the authentication token.

    Needless to say, if you leave your computer unlocked among people you don't trust, what's going to happen...?
    libra89, rhapdog, ZKnowN and 2 others like this.
    08-05-2015 09:44 AM
  3. rhapdog's Avatar
    This article neatly raises and then ignores the fact that any attacker would need physical access to the users device in order to steal the authentication token.

    Needless to say, if you leave your computer unlocked among people you don't trust, what's going to happen...?
    And if you're extremely paranoid, you can do what I do. I use OneDrive for convenient access to files I use often, but for files I want to keep secure and safe from everyone, I keep those on an encrypted portable Hard Drive that uses 3 layers of encryption, each with their own 50 character minimum password. The hard drive is stored in a lead-lined, fireproof media safe that is covered in 3 feet of concrete and buried 12 feet below my cellar. I keep the secure passwords stored in a separate location (because I can never remember that many random characters) 27 miles away and locked inside a water-tight safe in the cabin of a sunken yacht at the bottom of a large lake. The passwords are useless without the USB security key, which is kept in a safe deposit box at a bank 96 miles away. Even with all these precautions, I've had to set up a series of booby-traps like what you might find in an old Indiana Jones adventure movie, just in case someone finds the location of any one of the three items and decides to attempt to access them. One can never be too careful.

    Even with all that, I'm still not sure my data is safe.

    Truth is, if your data is ever really truly secure, than you'll never be able to use and enjoy it. (And for those of you that couldn't tell, my story above is just that. A story. Yeah, I made it up on the spot.)
    08-07-2015 08:45 AM
  4. LockOnTech's Avatar
    And if you're extremely paranoid, you can do what I do. I use OneDrive for convenient access to files I use often, but for files I want to keep secure and safe from everyone, I keep those on an encrypted portable Hard Drive that uses 3 layers of encryption, each with their own 50 character minimum password. The hard drive is stored in a lead-lined, fireproof media safe that is covered in 3 feet of concrete and buried 12 feet below my cellar. I keep the secure passwords stored in a separate location (because I can never remember that many random characters) 27 miles away and locked inside a water-tight safe in the cabin of a sunken yacht at the bottom of a large lake. The passwords are useless without the USB security key, which is kept in a safe deposit box at a bank 96 miles away. Even with all these precautions, I've had to set up a series of booby-traps like what you might find in an old Indiana Jones adventure movie, just in case someone finds the location of any one of the three items and decides to attempt to access them. One can never be too careful.

    Even with all that, I'm still not sure my data is safe.

    Truth is, if your data is ever really truly secure, than you'll never be able to use and enjoy it. (And for those of you that couldn't tell, my story above is just that. A story. Yeah, I made it up on the spot.)
    The best response to a post I've read today, Well done sir.
    08-07-2015 02:20 PM
  5. TheJackah's Avatar
    And if you're extremely paranoid, you can do what I do. I use OneDrive for convenient access to files I use often, but for files I want to keep secure and safe from everyone, I keep those on an encrypted portable Hard Drive that uses 3 layers of encryption, each with their own 50 character minimum password. The hard drive is stored in a lead-lined, fireproof media safe that is covered in 3 feet of concrete and buried 12 feet below my cellar. I keep the secure passwords stored in a separate location (because I can never remember that many random characters) 27 miles away and locked inside a water-tight safe in the cabin of a sunken yacht at the bottom of a large lake. The passwords are useless without the USB security key, which is kept in a safe deposit box at a bank 96 miles away. Even with all these precautions, I've had to set up a series of booby-traps like what you might find in an old Indiana Jones adventure movie, just in case someone finds the location of any one of the three items and decides to attempt to access them. One can never be too careful.

    Even with all that, I'm still not sure my data is safe.

    Truth is, if your data is ever really truly secure, than you'll never be able to use and enjoy it. (And for those of you that couldn't tell, my story above is just that. A story. Yeah, I made it up on the spot.)
    Gave me a chuckle. :P

    Posted via the Windows Central App
    08-07-2015 04:00 PM
  6. rjedge54's Avatar
    An easy way to thwart any auch attack is to enable multi-factor authentication. It's now supported on most popular, email and clouds services. I have done a on all of my accounts.
    bonskibon37 likes this.
    08-08-2015 03:18 PM
  7. fatclue_98's Avatar
    Rhapdog, I have your map. I know where you live. I'm a certified scuba diver and your data is toast. BTW, I'm not afraid of snakes.
    OwenDL, anon(5650876) and jmshub like this.
    08-09-2015 10:52 AM
  8. rhapdog's Avatar
    Rhapdog, I have your map. I know where you live. I'm a certified scuba diver and your data is toast. BTW, I'm not afraid of snakes.
    I didn't use snakes anyway. I've got Nessy guarding the yacht. I borrowed her from Loch Ness. Good luck with that one. ;)
    fatclue_98 and csd_images like this.
    08-11-2015 06:26 PM
  9. Great deal's Avatar
    Boxcryptor - works well.
    08-15-2015 08:19 AM

Similar Threads

  1. Can I install my Windows 10 Preview to my Microsoft Lumia 640XL dual sim?
    By Windows Central Question in forum Microsoft Lumia 640 XL
    Replies: 2
    Last Post: 08-06-2015, 01:50 AM
  2. How can I Track My Kids activity on the phone ?
    By KarateDad in forum General Phone Discussion
    Replies: 1
    Last Post: 08-05-2015, 11:05 AM
  3. How long can take to start the process after the request of Windows 10?
    By Windows Central Question in forum Ask a Question
    Replies: 0
    Last Post: 08-05-2015, 08:51 AM
  4. EA shows off more footage from gorgeous puzzle-platformer Unravel at Gamescom
    By WindowsCentral.com in forum Windows Central News Discussion
    Replies: 0
    Last Post: 08-05-2015, 05:20 AM
  5. Tablet mode on desktop without touch display
    By Rasetech in forum Windows 10
    Replies: 0
    Last Post: 08-05-2015, 05:19 AM
LINK TO POST COPIED TO CLIPBOARD