Dropbox Infinite: Risking security in exchange for Cloud access?

Well-known for storage provider Dropbox has announced some major changes to the way that their desktop client will work in future, which the company claims will allow Dropbox users to access their account’s contents as if the files were already on the user’s computer.

In theory, this sounds like an amazing idea – no need to use an Internet browser to access files, and no more worrying about how much storage space is taken up on your hard drive by files downloaded from the cloud. However, there may be a problem – potentially a serious one.

Dropbox Infinite is designed to work as a kernel module. This means that it will have access to one of the most sensitive areas of your computer’s Operating System. Dropbox software engineer Damien DeVille explains:

We’re going… into the kernel—the core of the operating system. With Project Infinite, Dropbox is evolving from a process that passively watches what happens on your local disk to one that actively plays a role in your filesystem.

However, City College San Francisco Ethical Hacking tutor Sam Bowne warned:

“If Dropbox is in the kernel, it can access everything [on] your whole system. If there’s a flaw in Dropbox, it could be used to take over your system.”

Dropbox have stated on their blog that they approach the kernel with “extreme caution and respect”, adding that Infinite takes the security and stability of their users’ experience into consideration.


What are your thoughts? Would you be prepared to allow Dropbox access to everything on your system? Why (or why not)? Let us know your thoughts in the comments below!

Jon Hunnings

(Step-)father & husband. I code directly on my #BlackBerry devices, in between blogs! Contact me via Twitter: @BrizBerryDevs or via email: brizberrydevs@utbblogs.com

  • Brad

    Uhm… no thank you

    • Canuckvoip

      My exact thought!

  • Reverend Grim

    Hardly safe at all, the amount of people on iOS and Android with security issues they don’t bother about,… what if a hacker can find a way into their PC and then others PC’s via the first one? We all know how (iN)secure these operating systems are. This looks like a catastrophe waiting to happen!

  • Anthony

    Screw Dropbox’s attempt to gain access to the kernel.

    They “approach the kernel with extreme caution and respect” locco_smiley_36

  • fishlove73

    I wouldn’t use it or allow it. Of course, I’m not a huge fan of cloud services anyway. They have their place for sharing and collaboration but I kinda thought the whole purpose of a cloud was to keep things out of one’s computer.

  • Rob_P

    I am never okay with risking security. I had just been comparing Dropbox and Google Drive here http://www.cloudstorageboss.com/dropbox-vs-google-drive/ as I am in the market for cloud storage service but I don’t think anything about this had been mentioned there. I guess this is a more recent development.

    Is Google Drive planning on doing something similar or is this just something Dropbox is doing? Security is my biggest priority and my biggest drawback to using cloud storage so I don’t want to jump into something if that is being compromised in any way.