Create, upload, and share
Find help to solve issues with creating, uploading, and sharing files and folders in Dropbox. Get support and advice from the Dropbox Community.
Hi, I just came across this blog post detailing some, shall we say, unorthodox ways Dropbox is circumventing OS X security features and tricking users into sharing their admin password:
http://applehelpwriter.com/2016/07/28/revealing-dropboxs-dirty-little-security-hack/
I found the same happened on my system (OS X 10.11.6), Dropbox v9.v.49). Can you explain why you do this?
Tricking users into giving up their admin password is unethical hacking. Dropbox needs to respond and remove this hack.
+1
You better have a really good [removed by moderator] explanation for doing this, Dropbox.. I don't pay you to steal my login password.
Kim,
Please watch your language on these public forums or your posts could be removed or your account suspended. Your post has been edited. Thank you.
Cross-linking for reference:
This reply will be updated with other posts as they are closed and redirected here.
[Mod update December 11, 2019: updated and removed old links]
A person claiming to be a dropbox employee responded to this on the original post downplaying the thing. I think an official statement would be nice.
I don't believe the "employee" who responded. One of the things he said was accessibility is required for badges. I removed Dropbox's accessibility access, but the badges show up just fine. I've not noticed any functionality missing.
I removed Dropbox's accessibility access, but the badges show up just fine. I've not noticed any functionality missing.
The badge appeared, but did you test its full functionality? If not, then it wasn't a valid test of the accessibility requirements.
I'm not arguing for or against either side. I'm only stating that simply seeing the badge show up is not a valid indicator that it's working properly.
Good point. One feature is not a complete test. However, I continue to use Dropbox for syncing, app access (i.e. native API access from the app) and finder/pathfinder integration all seem to work fine. Anything else I should test?
BTW, it was stated by the person claiming to be a Dropbox employee that accessibility was needed for badges. It seems reasonable to expect Dropbox to explain what access is truly required, why and how this unusual authentication process works.
Hi there!
If you need more help you can view your support options (expected response time for a ticket is 24 hours), or contact us on X or Facebook.
For more info on available support options for your Dropbox plan, see this article.
If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!