Dropbox Authentication: Insecure By Design

An anonymous reader writes "Dropbox can be very useful, but you might be a little surprised to learn that by copying one file from a computer running the application, an attacker can access and download all of your files without any obvious signs of compromise. Normal remediation steps after a compromise such as password rotation, system re-image, etc will not prevent continued access to the compromised Dropbox. Derek Newton, a security researcher that published this finding yesterday, discusses the security implications of this by-design security authentication method on his blog."

Re:Dropbox

[Hijacked+Public]

There is a significant difference between a service I find useful for embedding photos on web forums, or similar things, and one I'd store my plain text tax forms on.