undefined | Better HN

0 pointsusaphp9y ago0 comments

But if he already owns your box what prevents him from accessing your data anyway?

0 comments

gcr9y ago

Usually you don't want to give any attackers the ability to destroy all your backups of the server they hacked.

S3's "upload-only" API keys are a solution here: you send the backups into a black hole but the attacker can't delete them.

Looks like Dropbox might not have something like that, giving the attacker read-write access to backups if they can get that API key.

j / k navigate · click thread line to collapse

gcr9y ago

Usually you don't want to give any attackers the ability to destroy all your backups of the server they hacked.

S3's "upload-only" API keys are a solution here: you send the backups into a black hole but the attacker can't delete them.

Looks like Dropbox might not have something like that, giving the attacker read-write access to backups if they can get that API key.

j / k navigate · click thread line to collapse