- My Top 12 Chrome Extensions
- NewSpring Gets a New Logo and a Lot More
- Give Wikipedia Some Class with WikiWand
- Instagram Saves Your Videos from a Case of the Jitters with New App
- The Best Car Mount for Your Mobile Phone (and It’s On Sale)
- The Best Road Trip App Available
- Track (and Accomplish) Your Goals with the new Full App
- Google Glasses at Church?
- Your New Right Arm
- Doh! The Simpsons Come to Moleskines
Dropbox Patches Vulnerability
The popular storage and sharing service, Dropbox, has patched it’s service and disabled one function as a result of a recently discovered vulnerability. A statement from the company explains the problem…
Dropbox users can share links to any file or folder in their Dropbox. Files shared via links are only accessible to people who have the link. However, shared links to documents can be inadvertently disclosed to unintended recipients in the following scenario:
- A Dropbox user shares a link to a document that contains a hyperlink to a third-party website.
- The user, or an authorized recipient of the link, clicks on a hyperlink in the document.
- At that point, the referer header discloses the original shared link to the third-party website.
- Someone with access to that header, such as the webmaster of the third-party website, could then access the link to the shared document.
While the company doesn’t believe anyone has abused the vulnerability, they took the step of disabling access to any previously shared links in such documents. All shared links created going forward will not have the vulnerability.