Dropbox Addresses Security Concerns for New Initiative’s Kernel Access

Dropbox has responded to security concerns regarding one of its new technology’s abilities to obtain kernel access.

Back in April, the secure file sharing and storage service announced “Project Infinite,” an initiative which will help revolutionize the way Dropbox interfaces with a user’s computer.

Dropbox software engineer Damien Deville provides more information in a blog post.

“Traditionally, Dropbox operated entirely in user space as a program just like any other on your machine. With Dropbox Infinite, we’re going… into the kernel—the core of the operating system. [We’re] evolving from a process that passively watches what happens on your local disk to one that actively plays a role in your filesystem.”

Dropbox currently overlays a green check icon on all files that are available locally. Project Infinite will add a cloud icon as a second overlay that indicates a file is available online but not yet locally. Users can therefore download that file and interact with it as they would any other file.

To view a video of how this new initiative works, please click here.

Dropbox designed Project Infinite to grant users access to all of their saved files regardless of how much space they have available locally on their hard drives.

While this explanation might appeal to end users, Sam Bowne, who teaches Ethical Hacking at City College San Francisco, is worried about the level of access the new initiative would require. Per Bowne’s conversation with Motherboard:

“By moving from userland to kernel-land, Dropbox will take on a large responsibility. The way Dropbox works now, it’s like a vendor setting up a cart outside your home selling hot dogs. But they are now proposing to copy the keys to your house, move in, and live with you.”

Bowne and other security experts are worried that if flaws existed in Project Initiative, attackers could use those vulnerabilities to escalate their access and assume control of a user’s computer.

In light of these concerns, Deville has released the following update from Dropbox:

“We wanted to address some comments about Project Infinite and the kernel. It’s important to understand that many pieces of everyday software load components in the kernel, from simple device drivers for your mouse to highly complex anti-virus programs. We approach the kernel with extreme caution and respect. Because the kernel connects applications to the physical memory, CPU, and external devices, any bug introduced to the kernel can adversely affect the whole machine. We’ve been running this kernel extension internally at Dropbox for almost a year and have battle-tested its stability and integrity.

“File systems exist in the kernel, so if you are going to extend the file system itself, you need to interface with the kernel. In order to innovate on the user’s experience of the file system, as we are with Project Infinite, we need to catch file operation events on Dropbox files before other applications try to act on those files. After careful design and consideration, we concluded that this kernel extension is the smallest and therefore most secure surface through which we can deliver Project Infinite. By focusing exclusively on Dropbox file actions in the kernel, we can ensure the best combination of privacy and usability.

“We understand the concerns around this type of implementation, and our solution takes into consideration the security and stability of our users’ experience, while providing what we believe will be a really useful feature.”

Dropbox is currently in the process of testing Project Infinite. It intends to roll out the initiative to a broader set of users soon.

News of this announcement comes two years after the file-sharing service confirmed the existence of a vulnerability that allowed sensitive files associated with shared links to be exposed and turn up in search engine results on Google

Via: tripwire


Save pagePDF pageEmail pagePrint page

Leave a Reply

Your email address will not be published. Required fields are marked *