This is a staging forum for AgileBits, not an official support forum. Visit http://discussions.agilebits.com instead.
Security: Dropbox Authentication
I'd love to hear someone from Agile WS comment on this article that's currently making the rounds:
http://dereknewton.com/2011/04/dropbox-authentication-static-host-ids/
If this is correct, and the hostid is just an md5 hash, then it seems like someone with a hash generator and a bit of spare cpu could start connecting to lots of Dropbox accounts at random. By this method one could, in a very short time, hypothetically collect a large and varied sample of 1password vaults against which to attempt intrusion. Should we be worried about this? Do you recommend that users leave their files on Dropbox, given this information?
I don't want to incite panic but I'm very concerned about the security of my data. Please advise.
http://dereknewton.com/2011/04/dropbox-authentication-static-host-ids/
If this is correct, and the hostid is just an md5 hash, then it seems like someone with a hash generator and a bit of spare cpu could start connecting to lots of Dropbox accounts at random. By this method one could, in a very short time, hypothetically collect a large and varied sample of 1password vaults against which to attempt intrusion. Should we be worried about this? Do you recommend that users leave their files on Dropbox, given this information?
I don't want to incite panic but I'm very concerned about the security of my data. Please advise.
Flag
0
Comments
-
Welcome to the forums, fahrv242, and thanks for asking about this.
I think one of the commenters on your aforelinked post nails it with a series of his comments. Check out the comments from Dwayne Litzenberger there. The short version is there is no need to panic. <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/skype_smile.png' class='bbc_emoticon' alt=':-)' />
I'll pass this along to Jeff, our Chief Defender Against the Dark Arts, to see what he can add here.
Thanks again for bringing this up. It is always good to be thinking about these things.Flag 0 -
Thank you, fahrv242, for pointing this out.
If Dropbox authentication is based solely on a replayable host ID hash stored on your local disk then the worries in that article are, in my opinion, significant. However there isn't reason to worry about "a hash generator and a bit of spare cpu" as the bit spare CPU needed would exceed all the computing power on Earth.
The concern is that the host-id hash could be stolen my any one or thing that gets temporary access to your computer. It should be noted that if someone does gain that access they will also have access to what is in your Dropbox folder anyway. The difference here is that they could save the host-id information for later use, so that they would continue to have read and write access to your Dropbox account.
I have not yet researched this more thoroughly; so I haven't looked at Dropbox's response nor have I attempted to use the host-id in an attack from another system.
Another thing that remains to be seen is how things work on different platforms. Mac OS X and iOS have a built-in keychain technology which is designed for storing secrets of this sort. To get at those secrets you need either an authorized app specific to that secret or the user's login password. Windows does not have this kind of mechanism, so it may be that Dropbox's authentication mechanism from Windows is different than what is used on other platforms.
Many people (me included) sync data using Dropbox across many platforms, including Windows, so even if this issue were limited to Windows it is something we need to look at.
I'll be following this issue closely and depending on what I learn we may have to revise what we recommend.
Do keep in mind that from the beginning we designed our data format to withstand sophisticated attack even if your computer with your 1Password data were stolen. You can read more about this here
http://help.agile.ws/1Password3/cloud_storage_security.html
Thanks!
-jFlag 0 -
Just a note there is also a discussion on this in the Dropbox forums. Arash has made a post about the security of Dropbox.Flag 0
-
After reading this post about [url="http://dereknewton.com/2011/04/dropbox-authentication-static-host-ids/"]security weaknesses with Dropbox[/url], I became quite worried about my 1password files. If somebody gets access to my 1password files, how easy for them it would be to crack the files and gain access to all my passwords and secure notes?
Seems that on Mac, for example, user can -without hacking- copy the Dropbox credentials of any other user on the computer and gain read/write access to their files.
There doesn't seem to be any useful alternatives for Dropbox when using combined Windows/Mac/iPhone/iPad environment?
SamiFlag 0 -
Just read an article: [url="http://dereknewton.com/2011/04/dropbox-authentication-static-host-ids/"]Dropbox authentication: insecure by design[/url] in which it is claimed that Dropbox has a serious security flaw. Do those of us who sync 1P on computers and hand-helds via Dropbox care about this?Flag 0
-
Welcome to the forums, Sami! I have moved your post along with NovaScotian's to the appropriate thread. I am glad that we have such vigilant users.
Please see Jeff's post above and let me know if you have any further questions or concerns. We are investigating further, but Jeff articulates well what we know at this point.Flag 0 -
Just a quick follow up based on what I've learned today.
Anything that involves some kind of automated login of your machine to some server somewhere faces the same kind of design puzzle that Dropbox faces. Unless you are prompted for a password each time the system needs to authenticate, some authentication token needs to be stored on your system. [There are a handful of special case exceptions, but let's set those aside.]
The headline [i]Dropbox authentication: insecure by design[/i] is hyperbolic. It greatly overstates the danger. On the other hand, there are things that Dropbox could have done and should do better. If Dropbox acknowledges these (while of course pointing out that the described threat is not nearly as bad as some people are taking it) and takes steps to improve systems, I personally will be happy to continue to use it. (And I am paranoid by profession.)
At the moment, the people at Dropbox are overwhelmed with queries and "helpful suggestions" which aren't at all practical. So we will need to give them some time to sift through things (and also consider the "helpful" suggestions that I've offered).
Tommy has pointed out that there is a discussion thread about this on the Dropbox forums. Some of the things posted in that thread are downright silly, but on the whole that is a good resource for discussion. It is also where the Dropbox developers have been participating.
At the risk of sounding like a broken record, remember that 1Password is designed to withstand sophisticated attacks even if your computer is stolen. This doesn't mean that we shouldn't care about Dropbox security; we need to care, but I'd like to write in big friendly letters (hey, maybe Comic Sans does have a place) on the cover of this discussion: Don't Panic.
Cheers,
-jFlag 0 -
Here is what Dropbox has to say
[quote]
hi all,
we definitely appreciate all the thoughtful discussion on this thread and understand the various viewpoints. as I stated earlier, we believe that at the point someone gains access to your computer (whether physically or via a virus) the security battle is over. at this point there's no way around the fact that your all most precious data is vulnerable. this is the case whether you have dropbox installed or not. one of best things you can do to prevent against the types of attacks mentioned in these discussions is to password protect your computers <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/skype_smile.png' class='bbc_emoticon' alt=':-)' />.
that said, there are ways (some hinted at on this thread) that we can make it difficult (albeit not impossible) for an intruder to gain an authentication token to your dropbox account (better guised/more complex authentication tokens, better permissions on the file system, etc). we'll think carefully about possible security improvements (as we always do) and introduce them in newer versions of the client.[/quote]
That post can be found on their forums at http://forums.dropbox.com/topic.php?id=36146&page=2&replies=57#post-309175
I am particularly encouraged by the second paragraph there. There certainly are things that they can improve, and I'm glad that they are looking into it.
Cheers,
-jFlag 0 -
I just wish to point out a few things here. I agree it's best not to panic, because your 1Password file isn't less secure then before. However this Dropbox insecurity isn't a new thing. It's been known (in smaller circles) since the linux CLI client (see the [url="http://wiki.dropbox.com/TipsAndTricks/TextBasedLinuxInstall"]wiki entry[/url] for the step-by-step install step 6). So in order to get your host_id, someone would only need to perform a man in the middle attack with SSLStrip or similar software to get this at the first setup. This host_id is communicated with every request to the Dropbox service as well. In the future we might even see malware sending back this host_id or the Config.db file somewhere to Russia or China for instance.
I have always been hesitant to use Dropbox for secure transfers, but it works well enough for day-to-day use. Would I transfer my 1Password file over it ? No, but that's because I'm not the one that controls the Dropbox service. I'd rather rsync it over a VPN connection myself because that's less of a public target.Flag 0 -
Hi Martijndeb,
Thanks for adding this information.
[quote name='martijndeb' timestamp='1303042750' post='25058']
I just wish to point out a few things here. I agree it's best not to panic, because your 1Password file isn't less secure then before.[/quote]
That is the most important lesson here.
[quote]However this Dropbox insecurity isn't a new thing. It's been known (in smaller circles) since the linux CLI client (see the [url="http://wiki.dropbox.com/TipsAndTricks/TextBasedLinuxInstall"]wiki entry[/url] for the step-by-step install step 6). So in order to get your host_id, someone would only need to perform a man in the middle attack with SSLStrip or similar software to get this at the first setup.[/quote]
Indeed you are correct that the actual blog post that started this discussion reported nothing new; it's just that it caught the public eye. I can imagine simpler and more plausible attacks to get the host-id. For example a run of the mill web browser exploit that allows an attacker to read the Drobpox configuration file is what first came to my mind. I do hope and that the people at Dropbox take steps to make those sorts of things more difficult now that this has reached so much public attention.
But we also need to recognize that pretty much any service that has an automated login from your computer to their service faces this sort of problem one way or another. So although there are real improvements that they can make, the underlying problem remains to some extent.
[quote]
I have always been hesitant to use Dropbox for secure transfers, but it works well enough for day-to-day use. Would I transfer my 1Password file over it ? No, but that's because I'm not the one that controls the Dropbox service. I'd rather rsync it over a VPN connection myself because that's less of a public target.
[/quote]
I certainly see your point, but I also think that you understand that most of our users are not in a position set something up like this. For those of us how are able to set up own networks to be reached by VPN, that is great. But managing that sort of network structure is not something we actively help people do.
Returning to your point about this not being new, ever since we started pushing "cloud sync" last summer we have been engaged in active discussion and development for how we can make 1Password data file design even more resilient should it fall into the wrong hands.
As I'm fond of saying, security is a very dynamic business and we must always be looking at how the landscape shifts and modify what we do accordingly.
Again, thanks for posting.
Cheers,
-jFlag 0 -
At the very least:
[code]chmod 700 ~/.dropbox; chmod 600 ~/.dropbox/config.db[/code]Flag 0 -
[quote name='sjk' timestamp='1303089128' post='25093']
At the very least:
[code]chmod 700 ~/.dropbox; chmod 600 ~/.dropbox/config.db[/code]
[/quote]
Yeah. I was waiting to see whether the folks at Dropbox has a reason for the bizarre permissions on those files before recommending this change. I've tested this myself waiting to see if anything broke, but it works fine for me.
1Password does read your .dropbox/config.db to find out where your Dropbox folder is, but it doesn't need the wide open file permissions for the config data that come with the Dropbox installation.
So to clarify sjk's advice, Mac users can paste that commend he gave into a Terminal window and press RETURN. Terminal.app can be found in the Utilities folder under /Applications. This will put in some restrictions to access to Dropbox configuration information file.
Cheers,
-jFlag 0 -
Hi Johnny,
You know, I've been waiting all day for someone to ask this question <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/skype_smile.png' class='bbc_emoticon' alt=':-)' />
[quote name='JohnnyGTO' timestamp='1303256808' post='25210']
How safe is our .agilekeychain file on Dropbox if they are willing to simply hand over your account un-encrypted to a government? [url="http://www.tuaw.com/2011/04/19/dropbox-under-fire-for-security-concerns"]Dropbox Terms of Service change. TUAW[/url]
[/quote]
Dropbox would be removing their own encryption on the data. But no one (not even us) can remove our encryption on your 1Password data without your master password. Keep in mind that we designed the 1Password data format to withstand sophisticate attack if your 1Password.agilekeychain falls into the wrong hands. So if your home computer is stolen or the data are revealed by Dropbox, your secrets within your 1Password data remain secure.
For more details on this, I've just updated
http://help.agile.ws/1Password3/cloud_storage_security.html
to include discussion of this.
It should be no surprise that Dropbox's privacy terms say that they will comply with the law. There is nothing at all surprising, or particularly alarming, in that. With the appropriate warrant law enforcement officials could confiscate and search your home computer. Again, no one will get at the data encrypted by 1Password without your master password.
Now it is the case that the standards of suspicion (probable cause) for searching your home computer are higher than the standards for search your data on something like Gmail or Dropbox, so my comparison to a search of your home computer isn't entirely fair. But my point is that legal authority is legal authority, and that 1Password does its own encryption with your master password.
What I find most worrying about the privacy terms from Dropbox is that it appears to contradict something that they've suggested earlier about their ability to decrypt the data.
Here is the crucial paragraph from the document that I link to above.
[quote]
The Dropbox security FAQ states that “dropbox employees aren’t able to access user files, and when troubleshooting an account they only have access to file metadata (filenames, file sizes, etc., not the file contents).” However, we know that Dropbox as a whole can undo their own encryption from this statement in their privacy policy: “If we provide your Dropbox files to a law enforcement agency as set forth above, we will remove Dropbox’s encryption from the files before providing them to law enforcement. However, Dropbox will not be able to decrypt any files that you encrypted prior to storing them on Dropbox.” So while Dropbox may limit what individual employees can get at, thus dramatically reducing the scope for an insider attack, we do need to keep in mind that user data files stored on Dropbox are in principle accessible.
[/quote]
I have asked for a clarification of what is meant by "dropbox employees aren’t able to access user files", but I don't expect an answer any time soon.
I hope that this helps.
Cheers,
-jFlag 0 -
Well, some people might be this paranoid to think that eventually the government could crack the file. But you must be hiding some dark secret stuff if they are willing to go that far <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/wink.gif' class='bbc_emoticon' alt=';)' />.
In other talks, in the Netherlands there is talk about forbidding encryption on files because a pedophile stored his pictures in a TrueCrypt which they weren't able to crack. I wish them good luck at accomplishing that. But this is a good measure at how adequate encryption can be, the police and government weren't able to crack it, so they want to forbid it. This should be a good measurement of encryptionlevel and thus indicate that your 1Password file would be save as well, even if the government gets the unencrypted files from your Dropbox account.
If you don't agree with Dropbox's policy, find another method to sync. The earlier solution (vpn+rsync) which I mentioned isn't all that hard to set up, as setting up an encrypted vpn connection is just pressing next a few times on most internet devices. When I have some time left I might be able to write up a full step-by-step howto for this using 1Password. Note that setting up a vpn is different per device/router/network structure so that part would be quite generic.
Keep your files safe, and more important, use a safe and secure master password.Flag 0 -
Hi!
[quote name='martijndeb' timestamp='1303285801' post='25225']
Well, some people might be this paranoid to think that eventually the government could crack the file. But you must be hiding some dark secret stuff if they are willing to go that far <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/wink.gif' class='bbc_emoticon' alt=';)' />.[/quote]
If the government has some unimagined technology that allows them to crack these files, then all bets are off. We need to remember that unless they can do so for less than a few tens of thousand dollars, it's far easier for them to break into your house and plant whatever they want either on your computer or a camera or van Eck phreaking device near by.
What we need to remember is that the encryption is the strongest part of the system. Because it's fun to think about, we imagine threats against that, but when we think seriously about security for practical matters we need to remember that it is very unlikely that an attacker who knows what they are doing would go after the strongest part.
[quote]
In other talks, in the Netherlands there is talk about forbidding encryption on files because a pedophile stored his pictures in a TrueCrypt which they weren't able to crack. I wish them good luck at accomplishing that. But this is a good measure at how adequate encryption can be, the police and government weren't able to crack it, so they want to forbid it. This should be a good measurement of encryptionlevel and thus indicate that your 1Password file would be save as well, even if the government gets the unencrypted files from your Dropbox account.[/quote]
That is an extremely good point. Governments have a history of seeking to limit cryptographic tools to to public and those limits are good indications of what they can and can't break.
[quote]
If you don't agree with Dropbox's policy, find another method to sync. The earlier solution (vpn+rsync) which I mentioned isn't all that hard to set up, as setting up an encrypted vpn connection is just pressing next a few times on most internet devices. When I have some time left I might be able to write up a full step-by-step howto for this using 1Password. Note that setting up a vpn is different per device/router/network structure so that part would be quite generic.[/quote]
If you would be willing to write that up, that would be great! It is exactly because some parts of the set-up would depend on local conditions that we can't provide direct help to users in setting up and maintaining such systems, but having guides of this nature would certainly be useful.
I don't know if you are including Windows in your mix. I've never tried to install and use rsync on Windows, but what you describe should work well for Macs and home and a Mac on the move.
[quote]
Keep your files safe, and more important, use a safe and secure master password.
[/quote]
Indeed.
Thanks again for posting.
Cheers,
-jFlag 0 -
[quote name='martijndeb' timestamp='1303285801' post='25225']
If you don't agree with Dropbox's policy, find another method to sync. The earlier solution (vpn+rsync) which I mentioned isn't all that hard to set up, …[/quote]
There's are also services like [url=http://www.wuala.com/]Wuala[/url] that encrypt data locally before uploading.Flag 0 -
[quote name='jpgoldberg' timestamp='1303322133' post='25241']
If the government has some unimagined technology that allows them to crack these files, then all bets are off. We need to remember that unless they can do so for less than a few tens of thousand dollars, it's far easier for them to break into your house and plant whatever they want either on your computer or a camera or van Eck phreaking device near by.
What we need to remember is that the encryption is the strongest part of the system. Because it's fun to think about, we imagine threats against that, but when we think seriously about security for practical matters we need to remember that it is very unlikely that an attacker who knows what they are doing would go after the strongest part.
[/quote]
Yes, I was pointing that out with a little bit of sarcasm to people thinking the government would even go as far as putting this effort in a single file. I complete agree here, but guess my sarcasm didn't translate too well in plain text <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/smile.gif' class='bbc_emoticon' alt=':)' />.
Rsync on windows can be done in a few ways. There are some rsync clones/interfaces for windows, but there is also cygwin, and cwrsync. The latter is a complete package of a cygwin port of/with rsync. I'll try to seek out whatever works best and easiest, as I only know rsync on windows from a custom cygwin install, cwrsync might be a better choice for most people.
About Wuala, I'm not familiar with most of these services, it looks secure at first hand, but I'm not able to form an opinion on it without resourcing it. A helpful tip, thank you.Flag 0 -
[quote name='martijndeb' timestamp='1303329797' post='25249']
Yes, I was pointing that out with a little bit of sarcasm to people thinking the government would even go as far as putting this effort in a single file.[/quote]
I did get your point. I think it is best expressed by this comic:
http://xkcd.com/538/
Be sure to check the mouse over text, which is where your point is expressed.
[quote]
Rsync on windows can be done in a few ways. There are some rsync clones/interfaces for windows, but there is also cygwin, and cwrsync. The latter is a complete package of a cygwin port of/with rsync.[/quote]
Good 'ol cygwin. I'm pleased to know that it is still around.
[quote]I'll try to seek out whatever works best and easiest, as I only know rsync on windows from a custom cygwin install, cwrsync might be a better choice for most people.[/quote]
Please don't feel obliged to write things up about a system you're unfamiliar with. Get the basics done and we can add to it later.
Cheers,
-jFlag 0 -
[quote name='jpgoldberg' timestamp='1303337764' post='25253']
I think it is best expressed by this comic:
[url="http://xkcd.com/538/"]http://xkcd.com/538/[/url]
-j
[/quote]
Nice I like that one and oh so fitting. IMHOFlag 0 -
[quote name='martijndeb' timestamp='1303285801' post='25225']
Keep your files safe, and more important, use a safe and secure master password.
[/quote]
One of the things I love about 1Password is that, since I only have to actually remember [i]one[/i] password, I can make a real effort to use a really strong one to access my Vault and then use absolutely [i]ludicrous[/i] passwords for my logins. <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/smile.gif' class='bbc_emoticon' alt=':)' />
I just wanted to pop in and mention that [url="http://blog.agile.ws/2011/04/dropbox-security-questions/"]Jeff has a new blog post up[/url] regarding Dropbox+1Password. I'm still using it, because I know that, despite the mistakes that may have been made regarding implementation and disclosure, 1Password encrypts my sensitive data before it is even stored in the cloud.
Thanks so much for keeping this discussion going, guys. This is immensely important to us at Agile -- both as a company and as individuals sharing the same concerns about privacy and security in the information age. While I am saddened by how the situation has been handled, the increased scrutiny and continued hard work of security-minded folks only serve to empower us with knowledge and ensure that we are more secure going forward.Flag 0 -
[url="http://www.macworld.com/article/159370/2011/04/dropbox_security.html"]Developments today[/url] suggest that DropBox is responding to concerns expressed recently about the security of the data we place there.
One thing that seems to have changed is the wording of just [b]whether[/b] (now [b]how[/b]) their employees have access to files deposited there.
The extent to which this is to do with legal requirements is unclear.
That [i]1P[/i] files are encrypted before going to DropBox is cause for celebration!Flag 0 -
Hi Mark,
I've merged your topic with this one that's been discussing Dropbox security. Thanks for posting it!Flag 0 -
That is an interesting link, Brian. Thanks for sharing that.
Dropbox has made some good improvements in their latest beta versions (1.2.4 is the very latest), and the latest 1Password beta version (3.6.0.BETA-30) adds support for the recent changes in the Dropbox betas. (Say that ten times fast.) <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/skype_smile.png' class='bbc_emoticon' alt=':-)' />
Cheers,Flag 0 -
[quote name='Boru' timestamp='1305330293' post='26928']
I'm really glad for this forum !!
I feel more at ease now syncing with Dropbox.
Speaking of, there is a Federal Trade Commission complaint filed for misleading Dropbox customers:
http://www.wired.com/threatlevel/2011/05/dropbox-ftc/
Cheers,
Brian
[/quote]
Just joined this thread to post the link Boru has found (discovered independently). My take is that my 1P stuff is safe and secure because it carries its own encryption -- it's anything else I have there in unencrypted (raw) form that is not. While several of my documents there are not super-sensitive, they are not public just the same, so I've removed them from my dropbox folder.
What encryption tool to readers of this forum recommend for secure storage of their stuff on Dropbox?Flag 0
This discussion has been closed.