PSA: Security of Folder Downloader for Dropbox

I received this inquiry via email:

Could this app leak my Dropbox password? With the recent news that 6.9million Dropbox passwords have been stolen, I am now wondering how secure this app is.

I think it’s better to repost my answer here, with some additional information for semi-technical people.

The app does not know your password at all, because it uses the official Dropbox app or website to delegate authentication. This method generates a token associated with your account that can be used and accessed only by this app.

That said, an hypothetical attacker could steal the application’s secret key to trick Dropbox into thinking the he is using the app, but then he would have to also steal the token issued to each individual user, and that is obviously impossible as the tokens are stored solely on user’s devices, and Android itself prevents other apps from accessing that kind of data. If the phone is rooted, or is connected via USB in debug mode, then the token becomes accessible, but in that case the attacker would have your device in his hands, which becomes your primary problem.

Moreover, the app does not communicate with anything on the internet except Dropbox. Obviously, this a promise on my side – a gentlemen’s agreement, if you like – but any tech person could verify that with a network sniffer.

A few suggestions to keep your data safe:

  • check apps connected to your Dropbox account and revoke those you don’t need (this is done in the Dropbox’s settings)
  • change the Dropbox password often
  • last but not least, enable two-factor authentication, which makes a password leak ineffective by all practical means (unless the attacker has your phone).

Hope this is a sufficient explanation.

New Android App: Silent Mode Bypass

I’ve just published a new tiny, free Android app: Silent Mode Bypass.

This app does just one thing: disabling Silent or Vibration mode when you receive a phone call from a selected list of contacts. It’s useful for emergency calls that you must be absolutely sure to receive, typically at night, while still keeping everything else silent.

It’s very lightweight and does not affect battery life. There’s a background service always running, but it only uses around 3 MB of RAM and hardly any CPU time, because it does not run any code except when it gets a phone call broadcast intent.

On a side note, I’m specializing in writing niche apps that no one except me uses… On the plus side, I don’t get many complaints from users!

FDfD Extremes

There have been a few reports about stuck downloads with Folder Downloader for Dropbox, so I added some logic to better handle network read timeouts. The main problem is with Java’s method, which is blocking and has no timeout setting. I ended up using Eclipse’s TimeoutInputStream (see update below).

That said, such timeouts were very sporadic, although I experienced a couple myself. As you can see from these screenshots, FDfD is reliable both for both large and small files.

365 MB 2,000 Files

I tested these downloads on my Galaxy Nexus over a slowish DSL connection. The problem is that there’s no obvious way to test this kind of errors. The latest update (1.2.5), at any rate, should handle timeouts gracefully without hanging the entire background service.

Update 2012/10/19: it seems that TimeoutInputStream corrupts data. I don’t know the reason or the circumstances but for now I removed it. I decided to opt for Java’s built-in Future<T> and ExecutorService (mandatory example on Stack Overflow). Making it work is very tricky, but it looks much more stable.

On Object-Oriented Programming

Object-oriented programming, or OOP, is a programming paradigm that uses “objects” – usually instances of a class – consisting of data fields and methods together with their interactions – to design applications and computer programs.

In practical terms, to build a program, you define objects that contain data and expose operations (called methods). A typical, boring-to-death example is a Car class, with a Color property and TurnEngineOn() and TurnEngineOff() operations.

This model, despite being used by most software developers, has something wrong in an increasing number of scenarios. Take web applications: you usually have a model layer that represents – or models – the information that the application handles, and then you have a business logic layer, often implemented as a set of controllers. You see, each data class exposes properties, but no methods. Each controller exposes methods but very little, if any, properties. It’s still OOP, but it’s starting to look like something different.

When you work with distributed/parallel architectures this phenomenon gets even worse, as you have classes that only do data/events/jobs storage, classes that only implement business logic, and classes that only hold data (aka entities). In a way, each single piece is simpler to allow scalability, entities become read-only to avoid side-effects in parallel environments and there are huge blocks of code loading-crunching-saving data.

I suspect that most OOP goes into building frameworks (.NET, Java, RoR, etc.), and we just leverage them to build not-so-OO programs.

I don’t have a solution for this – I’m not sure it actually needs a solution (functional languages anyone?) – but when your only tool is a hammer, everything looks like a nail.

Eating Your Own Dog Food

Eating your own dog food, or dogfooding, is a term coined adopted by Microsoft indicating that a software company should use its own products internally.

It’s true, and Microsoft does it. Internally, the company runs on its own products, and each team even uses pre-release versions of their products, such as Office, Exchange, Windows, whatever. Dogfooding is a way to ensure that what you build works reasonably well. It doesn’t replace proper testing, but it is still very important.

The problem is, dogfooding is not always possible. In fact, it’s seldom possible. How can you expect Autodesk to use AutoCAD or 3ds max internally? If you build a platform/framework/operating system, then it’s reasonable to assume that you can use it, but if you build an application, perhaps a very vertical one, it’s close to impossible that someone in your company will actually use it for other than testing.

It might sound silly, but that is why I’m reluctant to add features to Folder Downloader for Dropbox. Many users have asked for very useful additions, but I’m not going to use them, so I won’t be able to test them properly, thus I won’t implement them. FDfD works well and has a solid 4.7/5 average rating, more than 100 +1s and very few complaints and error reports. It would be a pity to bloat it with half-baked pieces.

Oh, and I’m going to forge a new motto: “Eat it or drop it.”