[liberationtech] Is Dropbox opening uploaded documents?
Lodewijk andré de la porte
l at odewijk.nl
Tue Sep 17 16:05:32 PDT 2013
2013/9/16 Kyle Maxwell <kylem at xwell.org>
> I also suspect they're doing some level of malware screening. If so,
> it didn't work too well here - not that this is malware (the author of
> the original service that created these docs is a personal friend) but
> it has a lot of similar code / functionality.
>
Are you suggesting they pull external resources to scan them too? This'd be
quite proactive.
It remains quite unusual.
Some variations of the experiment with:
* non suspicious/interesting documents - should trigger well-intended
automation as well as interesting documents
* boring file formats (like txt) and URLs - do all URLs get pulled or only
automatically requested ones?
* files that won't load for rendering but would load for a crawler that
tries to find malware
* you own server so that you may examine all the data send along with the
request, like the headers!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1566 bytes
Desc: not available
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20130918/c32ba986/attachment-0001.txt>
More information about the cypherpunks
mailing list