- Alexandria Ocasio-Cortez supports resolution that could lead to Trump’s impeachment Thursday 9:46 PM
- Ricardo Milos dancing memes are the new Rickroll Thursday 9:09 PM
- Laura Loomer sues Twitter, Muslim lobbying group over account ban Thursday 8:15 PM
- Far-right troll Ian Miles Cheong gets flamed for mocking a ‘Star Wars’ fan Thursday 6:17 PM
- Facebook says ‘millions,’ not ‘tens of thousands,’ affected by Instagram password bug Thursday 5:13 PM
- Leading 2020 Democrats mock redactions in Mueller report Thursday 4:04 PM
- 8 weed accessories for stealthy stoners Thursday 4:00 PM
- Super Smash Bros. Ultimate players are now fighting on giant d*cks Thursday 3:37 PM
- Why are Facebook and Google translating this Spanish word into a racial slur? Thursday 3:32 PM
- Instagram page encourages meme creators to join a meme union Thursday 3:24 PM
- 28 smokin’ hot gifts for your stoner friend Thursday 1:33 PM
- The 5 most important conclusions from Robert Mueller’s report Thursday 1:28 PM
- Facebook bans many of the U.K.’s infamous far-right groups Thursday 1:15 PM
- Cersei and Tyrion Lannister learned about respect from Elmo Thursday 12:57 PM
- The Mueller Report includes a footnote about the pee tape Thursday 12:08 PM
A new web app that tracks documents suggests that Dropbox is opening users’ files.
The Infosec user, who posted under the name vintsurf, said that they made the discovery while beta testing a new web application called HoneyDocs. Essentially, HoneyDocs allows users to create files that “buzz home”—in other words, notify the file’s creator—when they are opened.
In an attempt to see whether Dropbox files were really kept private, the user uploaded a trove of documents with different file extensions, and found that those with .doc extensions were being accessed. Since only text-containing documents were opened, vintsurf ruled out the idea that the intrusion was the result of an automated malware sweep of all files uploaded to Dropbox.
“All in all, I made three attempts to upload embedded documents and all appeared to be opened,” vintsurf wrote. “I’d like to know why.”
In the surveillance program known as PRISM, the agency collects private user data from nine Silicon Valley tech giants including Facebook, Google, Yahoo, Microsoft, and Apple. On one PRISM document taken by Snowden, Dropbox was apparently listed as “coming soon.”
“We’ve seen reports that Dropbox might be asked to participate in a government program called PRISM. We are not part of any such program and remain committed to protecting our users’ privacy,” a Dropbox spokesperson told The Verge when the PRISM news first broke.
Update: A spokesperson for Dropbox told the Daily Dot: “Dropbox allows people to open and preview files from their browser. This blog post relates to backend processes that automatically create these document previews, making it easier for people to view docs within their Dropbox.”
Photo by Mark Crossfield/Flickr
Joe Kloc is a former Daily Dot contributor who covered technology and policy. He's contributed to Newsweek and Mother Jones, discussed his reporting on air with WNYC, and written Weekly Reviews for Harper's Magazine.