Feeds

Microsoft schtum on Dropbox snags with IE

Possible SmartScreen dislike of Amazon caused hiccups

3 Big data security analytics techniques

Microsoft has so far declined to explain why Internet Explorer this week flagged Dropbox as a phishing threat, in an apparent clash with Amazon’s S3 cloud storage.

Customers manned the Dropbox forums looking for answers after IE started alerting them to the fact Dropbox was an unsafe site to visit and advising against proceeding further.

Microsoft’s browser said Dropbox had been reported to Redmond "for containing threats to your computer that might reveal personal or financial information."

IE9, the latest version of Microsoft’s browser, was singled out twice here and here on a Microsoft TechNet forum, for firing off the false alarm although most people on the Dropbox forum weren’t specific about the version of Microsoft’s browser they were running.

Dropbox told The Reg that Microsoft’s SmartScreen filter had temporarily and mistakenly blocked the site for a short time on Monday. By Tuesday the problem was fixed, and Microsoft spokespeople contacted by The Reg along with techies contacted by Dropbox customers were unable to re-create the problem.

SmartScreen has been an IE feature since version 7.0 and detects and warns users of phishing sites. The service works by checking sites visited against a list of known and reported phishing and malware sites that’s updated every hour.

Asked to explain whether Microsoft had changed SmartScreen to mistakenly flag Dropbox, a Microsoft spokesperson said: “Microsoft has nothing to share at this time.”

Suspicion, however, is falling on some kind of problem between Amazon’s S3 and SmartScreen - Dropbox stores your data in S3. The Dropbox customer who’d contacted Microsoft via Technet, Jenn Lin, posted an error message indicating that the site s3.amazonaws.com hosted by wwf.panda.org had been reported unsafe.

Linn said: “I also saw this error on a partner's site, and we too found that removing references to Amazon AWS fixed the issue.” ®

SANS - Survey on application security programs

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Kingston DataTraveler MicroDuo: Turn your phone into a 72GB beast
USB-usiness in the front, micro-USB party in the back
AMD's 'Seattle' 64-bit ARM server chips now sampling, set to launch in late 2014
But they won't appear in SeaMicro Fabric Compute Systems anytime soon
Brit boffins use TARDIS to re-route data flows through time and space
'Traffic Assignment and Retiming Dynamics with Inherent Stability' algo can save ISPs big bucks
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.