Hacker News new | ask | show | jobs
by FascistDonut 2374 days ago
Dropbox is essentially just a cloud synced folder. Anyone who had the shared login credentials had access to the entire production server and fragments of it could be left on any computers that were synced to it. Anyone could also delete or modify anything and it would propagate the changes to everyone else's copies with very little logging or version control. You can restore a previous version of the file, but it isn't like git or anything... just more like recently saved versions.
1 comments
donio 2374 days ago
Is it shared credentials even for business accounts? Surely they must have some kind of team based shared access option for that?
link
FascistDonut 2374 days ago
The post said they had an enterprise account, which I assume could limit access via separate logins, but many of the users were sharing the same single set of credentials (e.g. everyone logging in with the same account), so there was no real access control or knowledge of who all had access using that account.
link