Boxcryptor security issues
Two problems classified as “low” and further observations
#Boxcryptor security issues code#
In response to the audit, this redundant part of the code was removed. In practice, however, this code was never used by Boxcryptor, so there was no danger for Boxcryptor users at any time. Theoretically, the operators of such cloud storage providers could have tried to inject code into Boxcryptor for Windows. The problem rated as medium is a part of the code that affects the connection to cloud providers using the WebDAV protocol.
![boxcryptor security issues boxcryptor security issues](https://thecustomizewindows.com/wp-content/uploads/2012/11/Encrypt-Files-on-Dropbox-Cloud-Guide.jpg)
If Kudelski had found a serious security vulnerability, they would not have held it back until the final report, but would have reported the problem immediately. The audit process started at the beginning of May with short communication lines to the developers and managers in the Boxcryptor team.
#Boxcryptor security issues software#
With software that is so security relevant, it is understandable that users want to be sure that the software is flawless.” Robert Freudenreich, CTO of Boxcryptor, about the benefits of an audit: “For private users, Boxcryptor is a means of digital self-defense against curious third parties, for companies and organizations a way to achieve true GDPR compliance and complete control over business data. The goal of the audit was to give all interested parties an indirect insight into the software so that they can be sure that no backdoors or security holes are found in the code. It is important to note that the codebase we audited was not showing any signs of malicious intent.” The goal of the audit “All these components were logically correct and did not show any significant weakness under scrutiny. The audit verified whether this protection is guaranteed.ĭuring the audit, Kudelski was given access to the source code of Boxcryptor for Windows and to the internal documentation.
![boxcryptor security issues boxcryptor security issues](https://4.bp.blogspot.com/-K-p3Z2HBA0g/Wl07OdOq-fI/AAAAAAAARSE/auvW9iED8k4oyEWXpwH_8knZGwLy0ODSQCLcBGAs/s1600/maxresdefault%2B%25285%2529.jpg)
Cloud providers and their staff, as well as potential hackers are reliably excluded.
![boxcryptor security issues boxcryptor security issues](https://topbestalternative.com/wp-content/uploads/2019/10/box-cryptor-logo.png)
Boxcryptor ensures that nobody but authorized persons have access to the data. More and more companies, self-employed and private customers are using Boxcryptor to protect sensitive data – primarily in the cloud.