Dropbox tries shutting down open source project

Dropbox sure has been in the news a lot lately. Two weeks ago Neowin reported that a major security flaw in the service can expose customer files to anyone on the Internet. Now it appears that the company has been trying to shutdown an open source project called Dropship, a tool that allows Dropbox users to share private files using only the hash of a file.

According to Dan DeFelippi, Dropbox has been sending out emails to anyone hosting a mirror of the Dropship product. In addition, the company put a freeze on his account claiming a DMCA violation due to hosting a copy of the project in his account. Although they claimed this was an “accident” and have since removed the freeze, it’s still curious that Dropbox would be so adamant in trying to shut down the open source project.

Apparently Dropbox is concerned about “their proprietary client-server protocol and that it could be used for piracy,” but it seems that this is simply another attempt to cover up a flaw in the way Dropbox handles their files. Similar to the report from two weeks ago where a user can “pretend” to be part of someone else’s mesh, in this case an attacker can potentially take an individual file from an unsuspecting customer if they were able to identify the hash.

Poll

What do you think about Dropbox?

Report a problem with article
Previous Story

Microsoft lets slip new features in Windows Phone 7.5

Next Story

WP7 developer interest: Different perspectives, one set of data

16 Comments

Commenting is disabled on this article.

"completely bogus.

the file was taken down because it was a TOS violation (the script talks to our servers in an unauthorized manner). I used a new support tool that bans public sharing by file hash (to prevent resharing). unfortunately, I didn't realize that the tool was only for DMCA use (i.e. it sends an email claiming we got a DMCA takedown and the file was taken down). as a result, the guy freaked out and blogged about it and now every article is becoming increasingly inaccurate. "
Taken from the dropbox forums, written by Arash Ferdowsi (one of the founders of dropbox)
http://forums.dropbox.com/topi...&replies=15#post-314222

bmdixon said,
"completely bogus.

the file was taken down because it was a TOS violation (the script talks to our servers in an unauthorized manner). I used a new support tool that bans public sharing by file hash (to prevent resharing). unfortunately, I didn't realize that the tool was only for DMCA use (i.e. it sends an email claiming we got a DMCA takedown and the file was taken down). as a result, the guy freaked out and blogged about it and now every article is becoming increasingly inaccurate. "
Taken from the dropbox forums, written by Arash Ferdowsi (one of the founders of dropbox)
http://forums.dropbox.com/topi...&replies=15#post-314222

"Violation of TOS" is pretty much the same thing as, "Protecting our protocol," which in turn is still pretty bogus. This from the same company that says, "It's not a security issue, that's what cookies did in 1997!"

blahism said,
I've grown to enjoy live mesh It just works finally

If they ever plan on opening up access to more of the 25GB Skydrive space (currently only uses 5GB) and remove the file upload limit, I will switch. But until then, I plan on continuing to enjoy my free 8GB on dropbox without restrictions.

BetaAddict said,

If they ever plan on opening up access to more of the 25GB Skydrive space (currently only uses 5GB) and remove the file upload limit, I will switch. But until then, I plan on continuing to enjoy my free 8GB on dropbox without restrictions.
Live Mesh P2P sync with no limit for the win.

BetaAddict said,

If they ever plan on opening up access to more of the 25GB Skydrive space (currently only uses 5GB) and remove the file upload limit, I will switch. But until then, I plan on continuing to enjoy my free 8GB on dropbox without restrictions.

While I agree it would be nice, even if they had a paid upgrade (say $5/month) to lift the max file size limit or open up the 25 GB side of SkyDrive to P2P sync I'd be even happier.
I still would rather use SkyDrive, though. The integrated support within Office 2010 is second-to-none, the Office Web Apps are exceptional when you're in a pinch and have to use a computer that doesn't have Office 2010, and the OneNote syncing with Windows Phone 7 and iPhone is awesome!

As far as DropBox goes, I don't know how you squeezed 8 GB out of them without paying for it. When I signed up they gave me something like 1 GB, and wanted me to either pay for more or send out a bunch of spam invites promoting DropBox to my friends in order to get another 1 GB. I said no to that, stayed on SkyDrive, and haven't looked back since.

Edited by xpxp2002, Apr 27 2011, 4:06am :

xpxp2002 said,

As far as DropBox goes, I don't know how you squeezed 8 GB out of them without paying for it. When I signed up they gave me something like 1 GB, and wanted me to either pay for more or send out a bunch of spam invites promoting DropBox to my friends in order to get another 1 GB. I said no to that, stayed on SkyDrive, and haven't looked back since.

Dropbox allows you to refer friends. Each time a friend signs up for Dropbox, both you and him /her get 250mb extra space. You can get a maximum of 8GB out of referals, add that to the 2GB default free plan, and you have a 10GB account! Problem is, too many people use Dropbox, so getting extra space is not so easy.

Krome said,
lol I love the poll, especially the last choice.

Kinda poor choice of placement for a pool, I didn't even realize it was in context to the news article