Goodbye Privacy. Conventional Security Measures Can Be Neutered By A Careless Programmer

More and more data is stored online by both consumers and businesses. The convenience of using services such as DropboxBoxGoogle DriveMicrosoft Live Skydrive, and SugarSync is indisputable. But, is it safe? All of the services certainly require a user password to access folders, and some of the services even encrypt the stored files. Dropbox reassures customers, "Other Dropbox users can't see your private files in Dropbox unless you deliberately invite them or put them in your Public folder."

The security measures employed by these file-synching and sharing services are all well and good, but they can be instantly, innocently neutered by a distracted programmer. Goodbye privacy. All your personal files, customer lists, business plans, and top-secret product designs become available for all the world to see. How can this happen even though these services are sophisticated authetication and encryption technologies? The answer: a careless bug introduced in the code.

Below is some Java code I wrote for a fictitious file-sharing service called CloudCabinet to demonstrate how this can happen. Imagine a distracted programmer texting her girlfriend on her iPhone while cutting and pasting Java code. Even non-Java programmers should be able to find the error in the code below.



Mike Gualtieri

Fortunately (and hopefully) mature application development teams have rigorous testing processes that find security holes before devastating code like this makes it into production. If, as SugarSync says, "Your peace of mind and the security of your files are our top priority," then don't just tell me about your authentication and encryption for file access, transfer, and storage. Tell me how your testing processes will catch coding errors that could compromise the security of my files.


Yes but ...

As you point out, you'd hope this buggy code is caught by the QA department. But the far more likely cause of security breaches in cloud services has more do with failures in the carbon-based humans who run customer service rather than bad software. This post comes on the heels of Mat Honan's article in Wired magazine about the epic hack of his iCloud and Amazon account, and recent hacks directed at DropBox. In the case of Honan, the real failure was in the sloppy authentication procedures of Amazon and Apple's support desks, which relied exclusively on password or other something-you-know protocols for establishing identity. The lesson learned from these recent attacks against cloud-based services is that two-phase authentication can prevent clever hackers getting beyond the first lines of defense. Of course, it's all software in the end, and nothing can save bad code.