The behavior was noticed after a file-tracking service was used to watch several files uploaded to Dropbox
Dropbox takes a peek at some kinds of uploaded files. That’s normal, the Web storage service says.
The disclosure comes after a test of the service found that several “.doc” files were opened after being uploaded to Dropbox.
[ Also on InfoWorld: Box, Dropbox vie for developers’ loyalties. | Stay on top of the state of the cloud with InfoWorld’s “Cloud Computing Deep Dive” special report. Download it today! | Also check out our “Private Cloud Deep Dive,” our “Cloud Security Deep Dive,” our “Cloud Storage Deep Dive,” and our “Cloud Services Deep Dive.” ]
Dropbox’s behavior was detected using HoneyDocs, a new Web-based service that creates a log showing when and where a document was opened, according to a blog post at WNC InfoSec.
The experiment involved uploading to Dropbox “.zip” HoneyDocs folders with embedded “.doc” files. HoneyDocs lets users set up a “sting,” or a notification that is sent by SMS or email when a file has been viewed. Where the file has been viewed from is plotted on a map.
The callback, or as HoneyDocs calls it a “buzz,” is an HTTP Get request with a unique identifiers assigned to a sting. The data on when and where the file has been opened is sent over SSL port 443, according to HoneyDocs.
WNC InfoSec wrote the first buzz came back within 10 minutes after a file was uploaded with the IP address of an Amazon EC2 instance in Seattle. Dropbox uses Amazon’s cloud infrastructure.
Of the submitted files, only “.doc” files had been opened, WNC Infosec wrote. HoneyDocs also pulled information on the type of application which accessed the document, which in this case was the open-source productivity suite LibreOffice.
“So now I’m curious,” WNC InfoSec wrote. “Are the files being accessed for de-duplication purposes or possibly malware scanning? If so, then why are the other file types not being opened?” read more