[jk8]

Any news on fixing the exploit? Is the option being considered by dropbox?

[mrud]

> we've fixed the deduplication behavior serverside to prevent "injection" of files you don't actually have, for a variety of reasons.)

Already done.

[gergles]

Doesn't seem to be done, as I just used the code in question to get the example trailer and I did not have the file in advance.

[trotsky]

This is one of the more interesting comments in this thread. Can anyone confirm it still works?

EDIT: I get the following error:

[xxx@xxx laanwj-dropship-464e1c4]$ ./dropship examples/sintel_trailer-1080p.mp4.json ('Oops, blocks are not known: %s', ['lykR7INbdxXNk04IpJUxTvO97GeETwAbobol2283eqY', 'ciZ4YYqkiA9VssSpfmcagRJaYMtD3wNqZ4NTeV9BvOc', '7qe_U9KLL8t1RRH3K01PdTxnEGCnm1nP8S30ZkXK0KI', 'cPJPJ_uch8hJFhKaEeXufETDZ-q6Fqz1cibxoYwL8G8'])

[wladimir]

It calls your bluff now :)