![]() What does worry me is that there's not a lot that can be done about the fact that DropBox starts syncing with my account as soon as I log on/open my computer back up from suspend. A thief that gets into my laptop account immediately has access to my DropBox. Sure, everything that matters is separately encrypted in some fashion, but that doesn't stop him just deleting the whole damned lot, or, perhaps more scarily, just my keychain. If I'm unlucky, a few seconds later, the file will be gone from all my devices. He could then unlink all my devices just to make things extra awkward.Īt some point soon, I'm going to realise that I've had my laptop stolen, and start trying to lock things down. ![]() Then I'm going to see that I no longer have a keychain anywhere, so I can't find any of my logins to start the process. And then I'm going to realise that my only route out of this is to login to the DropBox website, using a password that is only in my keychain, to which I no longer have access! Aaaaargh. ![]() What's the recommended recovery/prevention strategy here? I can see a few possible options: I assume that the AgileBits guys have thought about this scenario. Perhaps 1Password stores some local backups of the keychain on each device?.I could just write down my DropBox password, but I can't say I'm hugely keen on that.I'm a bit reluctant to do that, however, as it significantly constrains my options when it comes to things like Prey/LowJack/etc that might enable me to actually recover the machine Is there something I'm missing about how DropBox works that makes it actually a bit more secure than this? Does it at least make use of the login keychain so just resetting my login password as root won't allow an attacker to start controlling my DropBox?.Do people perhaps use alternative encryption approaches that work a bit more like old FileVault, locking down enough of my user files to stop DropBox from functioning, but not so much of the system that it's basically unbootable without a valid login (like FileVault 2)?. 1Password does store backups locally on each Mac.I'm glad the blog post made you think more about your data. ![]() We do not recommend moving your Backups into the Dropbox folder as each Mac should have its own redudent copies of your backups. Do you have 1Password on a mobile device or you don't have any mobile devices at all? A sudden removal of the data file via Dropbox shouldn't remove the database on the iOS devices.Imagine if the backup was damaged, you wouldn't want to sync it to the other Macs as well. Don't use Filevault if you're worried about that.We do recommend storing a copy of your data file on your USB drive and keep it in a safe place. Instead, use Disk Utility's Encrypted Images or our product, Knox, to create virtual volumes that mounts after you enter your passwords for them. That way, you may still use your recovery tools along with localized encryptions. You may also use something like BoxCryptor which works to encrypt your Dropbox folder. We're not yet familiar with their app but we've heard of it many times. Once somebody has access to your hardware and manage to reset your account password, he can get into your Dropbox folder. Your files are copied locally when you sync it, so once you unlink the account or remove all access to it, it doesn't change the fact that the files are still left behind. If you're careful about which data you want encrypted, people usually use encryption tools or images to store the data within.The thief simply won't get updates made to it once you unlink the computer. ![]() If the passwords aren't given, the images won't mount. It also won't matter if the OS X account or keychain was broken into as the passwords aren't stored anywhere for those images. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |