[Info-vax] Cloud Security - 68M accounts hacked on Dropbox
Kerry Main
kemain.nospam at gmail.com
Sat Sep 3 09:34:59 EDT 2016
> -----Original Message-----
> From: Info-vax [mailto:info-vax-bounces at rbnsn.com] On
> Behalf Of johnwallace4--- via Info-vax
> Sent: 03-Sep-16 5:39 AM
> To: info-vax at rbnsn.com
> Cc: johnwallace4 at yahoo.co.uk
> Subject: Re: [Info-vax] Cloud Security - 68M accounts
> hacked on Dropbox
>
[snip]
>
> And this is the company that some people are pointing to
> as an
> example of the way things should be done.
>
> Even the recently linked whitepaper [1] on how Google no
> longer
> distinguish between internal and external access to
their
> data,
> apps, etc ended with a throwaway paragraph equivalent
> to "this
> works for our DIY stuff but we haven't tried it with any
real
> world use cases."
>
> [1] Sorry, URL forgotten already.
>
I remember reading about this as well. While I agree with
the strategy of no difference between internal/external
users (everyone does multi-factor authentication - even in
office), I think there are better ways to implement this.
This may not be the exact link, but -
http://static.googleusercontent.com/media/research.google.
com/en//pubs/archive/43231.pdf
Regards,
Kerry Main
Kerry dot main at starkgaming dot com
More information about the Info-vax
mailing list