recordere.dk forum     Det danske community for hjemmets elektronik og indhold     Siden 2003
<b>Forside</b> Forside > Generelle emner > PC hardware & software
  Nye indlæg Nye indlæg  Seneste forum emner Seneste   Seneste forum emner (vindue) Vindue   De emner du deltager i Mine emner RSS Feed - Nas til Firma
  FAQ FAQ  Søg i forum   Opret ny bruger Opret ny bruger  Log ind Log ind

Nas til Firma
 Besvar Besvar Side  <1 234
Forfatter
Besked
  Emne Søg Emne Søg  Emne-funktioner Emne-funktioner
BorgHammer Se dropdown menu
Guld medlem
Guld medlem
Avatar

Oprettet: 28-December-2007
Sted: Denmark
Status: Offline
Point: 584 		Funktioner Funktioner   Tak (0) Tak(0)   Citér BorgHammer Citér  BesvarSvar Direkte link til dette indlæg Sendt: 05-Oktober-2012 kl. 23:17
Dropbox skriver selv filerne ligger krypteret.

Hvis alternativet er ingen backup som i dag, mener jeg stadig Dropbox er en bedre/brugbar løsningen for det firma.
Samsung UE46ES7005 + USB HDD rec.
ONKYO TX-NR709 / BOSE / TViX Slim S1 + M6600 / Chromecast
QNAP TS-439PRO 5,4Tb / SONOS / iPad2 / Logitech Harmony 895+RF-iR transmitt
Til top
Brixen Se dropdown menu
Guld medlem
Guld medlem


Oprettet: 19-Juni-2004
Sted: Denmark
Status: Offline
Point: 6683 		Funktioner Funktioner   Tak (0) Tak(0)   Citér Brixen Citér  BesvarSvar Direkte link til dette indlæg Sendt: 06-Oktober-2012 kl. 09:33
Oprindeligt skrevet af BorgHammer BorgHammer skrev:

Dropbox skriver selv filerne ligger krypteret.

Hvis alternativet er ingen backup som i dag, mener jeg stadig Dropbox er en bedre/brugbar løsningen for det firma.

Så har jeg læst lidt mere om Dropbox, det jeg skrev før var efter hukommelsen.
Du har ret i at Dropbox krypterer filerne på deres servere. Men så kan Dropbox ansatte også komme til at læse dem.

Hvis firmaet har personfølsomme oplysninger i deres data, må det ikke bruge Dropbox:

Og Wuala, som jeg nævnte, er åbenbart heller ikke så sikker som jeg troede. Det konkluderer Fraunhofer Institute her:

13. SUMMARY OF FINDINGS


In the past sections, we found the following weaknesses:


CloudMe is open for a wide range of attacks, including username enumeration,

sending unwanted emails, Cross-Side Request Forgery attacks, account

hijacking and incrimination attacks.


CrashPlan uses a self-made, unpublished protocol for transport security, although

SSL/TLS is an established alternative. It is not possible to remove

individual installations.


Dropbox does not verify the email address at registration, hence it is open for

incrimination attacks. Client-side encryption is not supported. It is

unclear which flavor of sharing is used if non-subscribers are included

(closed user group vs. publication).


Mozy encrypts files, but not filenames. The service does not manage crossuser

deduplication in a secure way, thus enabling users to check if

some file is already on Mozy's server. Weak passwords are accepted

without notice.


TeamDrive uses a self-made, unpublished protocol for transport security, although

SSL/TLS is an established alternative. It is not possible to remove

devices again after they have been activated. When participants are

removed from spaces, the cryptographic key used to encrypt the space

is not changed. We also noticed that the password reset was using http

transmission without any encryption, this has been fixed by Team-

Drive after we notied them.


Ubuntu One does not provide any encryption.


Wuala does not verify the email address at registration, hence it is open for

incrimination attacks. The service uses a self-made unpublished protocol,

although SSL/TLS is an established alternative. The encryption

scheme does not protect against attackers that have access to the unencrypted 

files. URLs shared with non-subscribers contain the user

name.






Redigeret af Brixen - 06-Oktober-2012 kl. 09:37
Venlig hilsen
KB
Til top
 
 Besvar Besvar Side  <1 234
 
Skift forum Forum-tilladelser Se dropdown menu