Researchers Dhiru Kholia and Przemyslaw Wegrzyn have discovered a method to reverse-engineer Dropbox, which may open the door for open-source clients, but also gives attackers a way to intercept encrypted content and bypass the file sharing service’s two-factor authentication. The discovery has broader implications for the Internet, as the same methods could be used against any proprietary app built using the Python language. A Dropbox spokesperson said that while they “appreciate the contributions of these researchers,” the discovery “does not present a vulnerability in the Dropbox client.” Dropbox argues that the exploit will not work unless the user’s computer is already compromised. follow link
Find Photos in iPhoto in the Finder
Looking for the file associated with a photo in iPhoto? In iPhoto, to view a photo's file in the Finder, Control-click it and choose Show File from the contextual menu that appears. You can then drag the file's icon into an Open dialog to upload it to a photo-sharing service, for instance, but whatever you do, don't move or rename that file!
- ExtraBITS for 2 September 2013 (02 Sep 13)
Dropbox Reverse-Engineered, Other Python Apps at Risk