“With Dropbox Infinite, we’re going deeper: into the kernel—”
May 26, 2016 5:49 PM Subscribe
Dropbox Wants More Access to Your Computer, and People Are Freaking Out [Motherboard] [Vice] On Tuesday, Dropbox published more details about upcoming changes to the company's desktop client that will allow users to access all of the content in their account as if it is stored on their own machine, no matter how small the hard-disk on their computer. In other words, you can browse through your own file system and have direct access to your cloud storage, without having to go and open a web browser nor worry about filling up your hard-drive. Sounds great, but experts and critics have quickly pointed out that Dropbox Infinite, as the technology is called, may open up your computer to more serious vulnerabilities, because it works in a particularly sensitive part of the operating system.
The day that former US Secretary of State Condoleezza Rice joined DropBox’s board of directors is the day I deleted their app from my computers:
Previously.
posted by davel at 6:04 PM on May 26, 2016 [35 favorites]
Previously.
posted by davel at 6:04 PM on May 26, 2016 [35 favorites]
What would someone recommend instead of Dropbox? How about Hubic?
posted by Brandon Blatcher at 6:06 PM on May 26, 2016
posted by Brandon Blatcher at 6:06 PM on May 26, 2016
Hm. I'm not instantly hating this, but it definitely warrants being watched closely. I'd rather not move to Google Drive or *cough* MS OneDrive.
posted by chimaera at 6:08 PM on May 26, 2016
posted by chimaera at 6:08 PM on May 26, 2016
What would someone recommend instead of Dropbox?
A dedicated NAS appliance chained to your bedpost running ssh and sshfs on your clients.
posted by RonButNotStupid at 6:16 PM on May 26, 2016 [21 favorites]
A dedicated NAS appliance chained to your bedpost running ssh and sshfs on your clients.
posted by RonButNotStupid at 6:16 PM on May 26, 2016 [21 favorites]
The reaction to this is kinda weird to me, and more or less looks like non-technical reading and repeating scary dramatic headlines.
So, I understand not wanting Dropbox in your kernel for security reasons - this is a sensible position to take.
However:
1) If you use any hardware that has non-default drivers (i.e. some but-not-all webcams, printers, anything more exotic) that code will almost certainly be worse than what Dropbox will create, or has created and also runs in the kernel.
2) If you have a non-Linux, non-Microsoft brand, non-Apple computer (i.e. a lenovo, hp, dell, etc Windows box) the bundled drivers will run in the kernel and almost certainly be worse than Dropbox.kext
3) If you run linux or bsd, and run any third party services as root (which to get this behavior you would almost certainly need to do) that application will have read/write access to /dev/mem, which means it's effectively running inside the kernel anyways.
4) It's not like the Apple kernel (where they would install this) has a stellar kernel security track record anyways. In fact, it's pretty awful.
5) For the vast majority of computers, I cannot think of what this would give Dropbox access to that they wouldn't already have. Dropbox running in userland could already read all of your files, even if they're not in your Dropbox if they wanted to. For most people, all the data they care about lives in /Users/Alice/* or the equivalent, which Dropbox, running as Alice, would have the ability to read.
Basically, kernels are responsible for a few things: networking, memory mgmt, processes, and most relevantly file systems. Implementing a filesystem driver for the kernel is exactly where they would have had to have implemented it to avoid seriously patching userland in way more invasive ways which would have caused way more problems.
You could theoretically avoid this problem I guess in a microkernel, but none of their target audience uses a microkernel that would allow this.. You -might- be able to avoid this by writing a FUSE filesystem for linux, but the percentage of people using linux on the desktop is low enough and Im not sure if android supports it.
Basically, the outrage to this shows a lack of understanding in where a new file system should be implemented, and what people are already running inside their kernels. It's entirely sensible to say no to Dropbox for security reasons relating to this, but to get this level of functionality and integration it's not like there are other good places they could have implemented this. Furthermore, you probably already have worse code running there, so ¯\_(ツ)_/¯
posted by yeahwhatever at 6:20 PM on May 26, 2016 [77 favorites]
So, I understand not wanting Dropbox in your kernel for security reasons - this is a sensible position to take.
However:
1) If you use any hardware that has non-default drivers (i.e. some but-not-all webcams, printers, anything more exotic) that code will almost certainly be worse than what Dropbox will create, or has created and also runs in the kernel.
2) If you have a non-Linux, non-Microsoft brand, non-Apple computer (i.e. a lenovo, hp, dell, etc Windows box) the bundled drivers will run in the kernel and almost certainly be worse than Dropbox.kext
3) If you run linux or bsd, and run any third party services as root (which to get this behavior you would almost certainly need to do) that application will have read/write access to /dev/mem, which means it's effectively running inside the kernel anyways.
4) It's not like the Apple kernel (where they would install this) has a stellar kernel security track record anyways. In fact, it's pretty awful.
5) For the vast majority of computers, I cannot think of what this would give Dropbox access to that they wouldn't already have. Dropbox running in userland could already read all of your files, even if they're not in your Dropbox if they wanted to. For most people, all the data they care about lives in /Users/Alice/* or the equivalent, which Dropbox, running as Alice, would have the ability to read.
Basically, kernels are responsible for a few things: networking, memory mgmt, processes, and most relevantly file systems. Implementing a filesystem driver for the kernel is exactly where they would have had to have implemented it to avoid seriously patching userland in way more invasive ways which would have caused way more problems.
You could theoretically avoid this problem I guess in a microkernel, but none of their target audience uses a microkernel that would allow this.. You -might- be able to avoid this by writing a FUSE filesystem for linux, but the percentage of people using linux on the desktop is low enough and Im not sure if android supports it.
Basically, the outrage to this shows a lack of understanding in where a new file system should be implemented, and what people are already running inside their kernels. It's entirely sensible to say no to Dropbox for security reasons relating to this, but to get this level of functionality and integration it's not like there are other good places they could have implemented this. Furthermore, you probably already have worse code running there, so ¯\_(ツ)_/¯
posted by yeahwhatever at 6:20 PM on May 26, 2016 [77 favorites]
A profoundly terrible idea, at best Dropbox will become an attack vector that makes Flash seem like nothing whilst at worst Dropbox will crash wiping out your entire disk :(
posted by fallingbadgers at 6:21 PM on May 26, 2016 [2 favorites]
posted by fallingbadgers at 6:21 PM on May 26, 2016 [2 favorites]
If only Windows had FUSE, eh? File system drivers don't necessarily have to be kernel-level.
posted by wierdo at 6:21 PM on May 26, 2016 [3 favorites]
posted by wierdo at 6:21 PM on May 26, 2016 [3 favorites]
If only Windows had FUSE, eh?
Windows has had Installable File System for decades.
posted by Talez at 6:24 PM on May 26, 2016 [2 favorites]
Windows has had Installable File System for decades.
posted by Talez at 6:24 PM on May 26, 2016 [2 favorites]
Instead of coding it inside the kernel, as FAT was, Microsoft developed a "driver-based" filesystem API that could allow them and other developers to add new filesystems to the kernel without needing to modify it.posted by Talez at 6:24 PM on May 26, 2016
As a sysadmin that has 100 Dropbox enterprise* users and has to deal with "selective sync" I welcome this with open arms.
* when all of your users are using it anyway, expensing it, might as bite the bullet and get admin features.
posted by wcfields at 6:27 PM on May 26, 2016 [2 favorites]
* when all of your users are using it anyway, expensing it, might as bite the bullet and get admin features.
posted by wcfields at 6:27 PM on May 26, 2016 [2 favorites]
Oh lol, I totally forgot about antivirus. If you're complaining about this and you have antivirus installed, you should probably reconsider your priorities.
Talez: Interesting, didn't know about that. MS is doing, and has done some really cool stuff at the kernel level, it's just so much daunting history to learn to get involved with it...
posted by yeahwhatever at 6:28 PM on May 26, 2016 [3 favorites]
Talez: Interesting, didn't know about that. MS is doing, and has done some really cool stuff at the kernel level, it's just so much daunting history to learn to get involved with it...
posted by yeahwhatever at 6:28 PM on May 26, 2016 [3 favorites]
A profoundly terrible idea, at best Dropbox will become an attack vector that makes Flash seem like nothing whilst at worst Dropbox will crash wiping out your entire disk :(
Man, and I thought I was a pessimist. More like, 'at best, nothing will go wrong, and everyone will forget they even heard about this in the same amount of time it took to forget that Diaspora was a thing'. If anyone can find an expert willing to say more than '#tweet oh no kernel mode! that's risky!' that'd be some interesting reading.
posted by the agents of KAOS at 6:29 PM on May 26, 2016 [2 favorites]
Man, and I thought I was a pessimist. More like, 'at best, nothing will go wrong, and everyone will forget they even heard about this in the same amount of time it took to forget that Diaspora was a thing'. If anyone can find an expert willing to say more than '#tweet oh no kernel mode! that's risky!' that'd be some interesting reading.
posted by the agents of KAOS at 6:29 PM on May 26, 2016 [2 favorites]
So Dropbox can help itself into my kernel - whatever the hell that is - but apparently I gotta engineer a damn boot disk just so I can delete System32. Fucking computers, man.
posted by turbid dahlia at 6:34 PM on May 26, 2016 [3 favorites]
posted by turbid dahlia at 6:34 PM on May 26, 2016 [3 favorites]
Oh lol, I totally forgot about antivirus. If you're complaining about this and you have antivirus installed, you should probably reconsider your priorities.
Yup. Your antivirus is already parsing files in your kernel
posted by BungaDunga at 6:40 PM on May 26, 2016 [3 favorites]
Yup. Your antivirus is already parsing files in your kernel
posted by BungaDunga at 6:40 PM on May 26, 2016 [3 favorites]
Doesn't seem all that different from Google Drive which I've been running for ages without problem.
posted by octothorpe at 6:43 PM on May 26, 2016 [1 favorite]
posted by octothorpe at 6:43 PM on May 26, 2016 [1 favorite]
So Dropbox can help itself into my kernel - whatever the hell that is - but apparently I gotta engineer a damn boot disk just so I can delete System32. Fucking computers, man.
The Windows kernel has an API specifically for making filesystems a thing. System32 is protected because so many idiots try to delete it.
But this is all moot (no pun intended) because the article specifically references how this works on OS X.
posted by Talez at 6:45 PM on May 26, 2016
The Windows kernel has an API specifically for making filesystems a thing. System32 is protected because so many idiots try to delete it.
But this is all moot (no pun intended) because the article specifically references how this works on OS X.
posted by Talez at 6:45 PM on May 26, 2016
OK. So on further analysis of pretty pictures, Dropbox is using VFS which is OS X's analogue to the Win32 IFS. So yeah, it's basically how Apple envisions developers adding this sort of thing, they're being good citizens by the looks of it. It's pretty overblown all around.
posted by Talez at 6:50 PM on May 26, 2016 [13 favorites]
posted by Talez at 6:50 PM on May 26, 2016 [13 favorites]
This is pretty low on the level of things I need to be panicked about. My panic energy is limited.
posted by naju at 7:12 PM on May 26, 2016 [5 favorites]
posted by naju at 7:12 PM on May 26, 2016 [5 favorites]
Anything running under Windows that attempts to integrate itself into the filesystem can just go die in a fire. Tortoise (svn or git) is a great example of this - that being said,that Windows has such a poor user experience (or stability) for something that should be easy to do makes it a damming indictment of file systems under Windows.
posted by combinatorial explosion at 7:25 PM on May 26, 2016
posted by combinatorial explosion at 7:25 PM on May 26, 2016
I have an off-brand storage service that I connect to via WebDav in Windows Explorer. Can someone explain what this Dropbox feature is going to do that I can't with my WebDav connection? (I have no interest in automatic 'syncing'; in general as in iTunes the term scares me, and it's not like "Dropbox for iOS" is syncing my Dropbox stuff to my iPad, so the conceptual muddiness I can do without.)
posted by sylvanshine at 8:34 PM on May 26, 2016 [1 favorite]
posted by sylvanshine at 8:34 PM on May 26, 2016 [1 favorite]
nickrussell: "
Every now and then though, I don't mind dropping my kernel in a box, however.
posted by symbioid at 9:39 PM on May 26, 2016
Things I don't want: #Dropbox up in my kernel.Well-said."
Every now and then though, I don't mind dropping my kernel in a box, however.
posted by symbioid at 9:39 PM on May 26, 2016
5) For the vast majority of computers, I cannot think of what this would give Dropbox access to that they wouldn't already have.
Yeah, this is it. I've been considered deleting it from my system for a long time now, just because of the intrusiveness. I'll keep the storage (a moderately fair deal) but upload stuff manually, and delete the desktop app.
posted by mrgrimm at 10:00 PM on May 26, 2016
Yeah, this is it. I've been considered deleting it from my system for a long time now, just because of the intrusiveness. I'll keep the storage (a moderately fair deal) but upload stuff manually, and delete the desktop app.
posted by mrgrimm at 10:00 PM on May 26, 2016
Yup, total FUD. Also totally relevant to my interests! As long as Dropbox is careful and minimal about what they put in kernel space, and test it carefully then they should be fine. It's quite hard to implement the features they've done any other way, and those features do have value.
yeahwhatever nailed the high points, but I'll can add some trivia.
Anything running under Windows that attempts to integrate itself into the filesystem can just go die in a fire.
Not exactly, the shell interfaces are different from installable file systems and file system filters. IFS might actually be better from an integration perspective. They're not doing that though in Windows - they're almost certainly using file system filters. They're hard to get right, but not impossible. What they're doing in OS X looks similar, I'm just not familiar with it.
Dropbox is using VFS which is OS X's analogue to the Win32 IFS.
Both are dynamic loaders and standard interfaces for the kernel, not some magic sauce that makes the system more secure. It's more about not having to rebuild your kernel to add a kernel-mode component and being able to upgrade the kernel without forcing your vendors to issue updates. Execution level remains the same.
Yup. Your antivirus is already parsing files in your kernel
Anti-virus vendors are literally the worst. Friends don't let friends use AV. Also, vote John McAfee!
posted by temancl at 10:08 PM on May 26, 2016 [5 favorites]
yeahwhatever nailed the high points, but I'll can add some trivia.
Anything running under Windows that attempts to integrate itself into the filesystem can just go die in a fire.
Not exactly, the shell interfaces are different from installable file systems and file system filters. IFS might actually be better from an integration perspective. They're not doing that though in Windows - they're almost certainly using file system filters. They're hard to get right, but not impossible. What they're doing in OS X looks similar, I'm just not familiar with it.
Dropbox is using VFS which is OS X's analogue to the Win32 IFS.
Both are dynamic loaders and standard interfaces for the kernel, not some magic sauce that makes the system more secure. It's more about not having to rebuild your kernel to add a kernel-mode component and being able to upgrade the kernel without forcing your vendors to issue updates. Execution level remains the same.
Yup. Your antivirus is already parsing files in your kernel
Anti-virus vendors are literally the worst. Friends don't let friends use AV. Also, vote John McAfee!
posted by temancl at 10:08 PM on May 26, 2016 [5 favorites]
Now my kernel is pegging 99% cpu usage! How do I force quit my kernel?
posted by davemee at 11:03 PM on May 26, 2016
posted by davemee at 11:03 PM on May 26, 2016
By all accounts the fears here are overblown, but I can't imagine anyone serious about security arguing that increasing your attack surface isn't an issue because other kernel-mode code is worse. Total vulnerability is
posted by invitapriore at 1:16 AM on May 27, 2016 [1 favorite]
(reduce + vulnerabilities)
, not (reduce max vulnerabilities)
.posted by invitapriore at 1:16 AM on May 27, 2016 [1 favorite]
Dropbox for Paranoiacs, or how to set up a jailed Dropbox in an auto-starting Virtualbox VM accessed through NFS.
posted by acb at 1:27 AM on May 27, 2016 [8 favorites]
posted by acb at 1:27 AM on May 27, 2016 [8 favorites]
I frequently deal with people for whom Dropbox is Just Too Complicated. Good luck getting those guys to log into your homegrown NAS system with a one-time login, because you're clutching your bed linen and screaming "heavens to murgatroyd" about a potential problem with kexts!
On a related note, have you seen the low cost of USB sticks now?
posted by The River Ivel at 4:19 AM on May 27, 2016
On a related note, have you seen the low cost of USB sticks now?
posted by The River Ivel at 4:19 AM on May 27, 2016
Talez, to highlight part of your quote from Wikipedia there:
So if it were implemented with FUSE on Linux (or on other Unices including OS X and Android according to the Wikipedia article, though I'm guessing it's not a standard part of the OS in those cases?), this Dropbox Infinite thing wouldn't need the "moving from userland to kernel-land" elevated system access which the OP link is talking about, so that their own third-party code is running in the same security context as the rest of the operating system's kernel.
But as yeahwhatever and others point out, for anyone who runs an antivirus or various other sorts of similarly deep-tentacled third-party software anyways, this is just a boring irrelevant technical detail and represents no material difference in risk if you trust Dropbox as much as you trust your antivirus vendor.
posted by XMLicious at 4:19 AM on May 27, 2016
FUSE stands for "filesystem in userspace"—unless I'm missing your point, it's not about dynamically loading kernel modules or drivers or anything like that, it's actually running the code for a virtual filesystem with normal user privileges rather than admin privileges.Instead of coding it inside the kernel, as FAT was, Microsoft developed a "driver-based" filesystem API that could allow them and other developers to add new filesystems to the kernel without needing to modify it.
So if it were implemented with FUSE on Linux (or on other Unices including OS X and Android according to the Wikipedia article, though I'm guessing it's not a standard part of the OS in those cases?), this Dropbox Infinite thing wouldn't need the "moving from userland to kernel-land" elevated system access which the OP link is talking about, so that their own third-party code is running in the same security context as the rest of the operating system's kernel.
But as yeahwhatever and others point out, for anyone who runs an antivirus or various other sorts of similarly deep-tentacled third-party software anyways, this is just a boring irrelevant technical detail and represents no material difference in risk if you trust Dropbox as much as you trust your antivirus vendor.
posted by XMLicious at 4:19 AM on May 27, 2016
It could be worse, it could be box.com (shudders at the remembrance. The horror, the horror)
posted by Yowser at 4:23 AM on May 27, 2016
posted by Yowser at 4:23 AM on May 27, 2016
Isn't Dropbox already visible as a folder in your regular filesystem?
My read on this is that they wanted to make files available locally that were actually never stored locally, so you could store them only on Dropbox but access them as if they were on your disk. (Hope you have Google fiber!) This would be like NFS except I assume they want to allow a mix: some files stored on the disk and synced, some only on Dropbox but still available. This would be great, actually, you could have a workstation at the office with a huge drive, then a portable out in the world with a small one, but have the same Dropbox folder on both. On the small drive essential files fur whatever you're working on right now would be stored locally but the rest would be on Dropbox but appear to be there locally (although slow to access) in case you need them.
posted by dis_integration at 4:46 AM on May 27, 2016 [1 favorite]
My read on this is that they wanted to make files available locally that were actually never stored locally, so you could store them only on Dropbox but access them as if they were on your disk. (Hope you have Google fiber!) This would be like NFS except I assume they want to allow a mix: some files stored on the disk and synced, some only on Dropbox but still available. This would be great, actually, you could have a workstation at the office with a huge drive, then a portable out in the world with a small one, but have the same Dropbox folder on both. On the small drive essential files fur whatever you're working on right now would be stored locally but the rest would be on Dropbox but appear to be there locally (although slow to access) in case you need them.
posted by dis_integration at 4:46 AM on May 27, 2016 [1 favorite]
Well and also for older files you could just store them on Dropbox and not have them locally on any machine. So you could have infinite backups available as if they were right on your drive but they would take no space. It's a good idea, and for the paranoid: you're giving them your data already. They don't want anything else.
posted by dis_integration at 4:50 AM on May 27, 2016
posted by dis_integration at 4:50 AM on May 27, 2016
One example was that you could have a movie on your desktop, and it would be listed with a size and you could double click to open it, but it wouldn't actually be using any disk space until you opened it.
posted by smackfu at 5:01 AM on May 27, 2016
posted by smackfu at 5:01 AM on May 27, 2016
I use Dropbox a lot, not for storage or backup, but for collaboration - which is where it shines. I edit a file. My colleagues all immediately see the edited file. Everyone is happy, and we aren't emailing mismatched conflicting versions constantly.
I'm not sure about the long term implications of the new change, but I'm not super upset I suppose.
I am a bit concerned about system integration though. On a somewhat related note, I did sign up for Lima when it went on Kickstarter, advertised as a sort of "roll your own Dropbox", and have received the little dongle that allows me to use the service, but I haven't ever unboxed it. Between the announcement and the delivery, they seem to have changed the method, so that the device deeply integrates with the OS and takes over the file system, presenting itself as the physical system to the OS, to transparently handle inclusion of files that are not physically on the disk and make it appear as if they are. I love the concept of "I can access all my stuff from anywhere" but I am just not ready to find out what this specific approach means in terms of my system stability and integrity. A single folder that gets synced? Sure. The entire OS? Um... Not ready for that...
posted by caution live frogs at 5:08 AM on May 27, 2016 [1 favorite]
I'm not sure about the long term implications of the new change, but I'm not super upset I suppose.
I am a bit concerned about system integration though. On a somewhat related note, I did sign up for Lima when it went on Kickstarter, advertised as a sort of "roll your own Dropbox", and have received the little dongle that allows me to use the service, but I haven't ever unboxed it. Between the announcement and the delivery, they seem to have changed the method, so that the device deeply integrates with the OS and takes over the file system, presenting itself as the physical system to the OS, to transparently handle inclusion of files that are not physically on the disk and make it appear as if they are. I love the concept of "I can access all my stuff from anywhere" but I am just not ready to find out what this specific approach means in terms of my system stability and integrity. A single folder that gets synced? Sure. The entire OS? Um... Not ready for that...
posted by caution live frogs at 5:08 AM on May 27, 2016 [1 favorite]
Bittorrent Sync (a roll-your-own dropbox) already has a feature like this, but it's not transparent. You can remove a file from one computer and it will replace itself with a stub file with a .bts extension (or something like that). If you open the stub file, it will download the real file. To actually delete something, you have to delete the real file and then the stub file.
I guess this is like that but the stub file acts as if it was the real file and downloads the goodies on request, through the magic of the kernel extension?
(Git Annex, another roll-your-own Dropbox clone, has a similar system too.)
posted by edheil at 5:20 AM on May 27, 2016
I guess this is like that but the stub file acts as if it was the real file and downloads the goodies on request, through the magic of the kernel extension?
(Git Annex, another roll-your-own Dropbox clone, has a similar system too.)
posted by edheil at 5:20 AM on May 27, 2016
Dropbox for Paranoiacs, or how to set up a jailed Dropbox in an auto-starting Virtualbox VM accessed through NFS.
Sweet mammajamma. tl;dr:
User: "I like being able to talk to my friends, but I'm afraid someone might overhear us talking about something sensitive."
TFA: "To avoid that, find an abandoned phone booth, and squeeze into it with your friend. Then, wrap it in 400 layers of aluminum foil, dig a hole 30 feet deep in the earth, drop the phone booth in, and have someone string barbed wire in a 30-foot perimeter. Detonate a low-yield nuclear device to generate an EMP wave that will disable all local listening equipment. Now your conversations are perfectly secure."
User: "But no one would ever possibly join me in that phone box, because it would take four days to set up every item I wanted to talk to them, and it would me look pants-on-head-crazy."
TFA: "Perfectly. Secure."
posted by Mayor West at 5:36 AM on May 27, 2016 [8 favorites]
Sweet mammajamma. tl;dr:
User: "I like being able to talk to my friends, but I'm afraid someone might overhear us talking about something sensitive."
TFA: "To avoid that, find an abandoned phone booth, and squeeze into it with your friend. Then, wrap it in 400 layers of aluminum foil, dig a hole 30 feet deep in the earth, drop the phone booth in, and have someone string barbed wire in a 30-foot perimeter. Detonate a low-yield nuclear device to generate an EMP wave that will disable all local listening equipment. Now your conversations are perfectly secure."
User: "But no one would ever possibly join me in that phone box, because it would take four days to set up every item I wanted to talk to them, and it would me look pants-on-head-crazy."
TFA: "Perfectly. Secure."
posted by Mayor West at 5:36 AM on May 27, 2016 [8 favorites]
This seems like it would only be useful if your Dropbox has more space than your hard drive. I guess they're doing something analogous to box.net's unlimited storage?
posted by LogicalDash at 5:42 AM on May 27, 2016 [1 favorite]
posted by LogicalDash at 5:42 AM on May 27, 2016 [1 favorite]
FUSE exists for both Linux and OS X. People use it all the time, eg: to write NTFS (Windows) filesystems on Macs. Dropbox's explanation of why they don't want to use it don't make much sense:
So, I'm not sure what's going on here. I guess a lot of the time they'll have cached the file, so they don't need to go over the network?
posted by vasi at 6:03 AM on May 27, 2016 [3 favorites]
While context switches are usually quite inexpensive, this extra overhead for every file operation unfortunately leads to a degraded performance that we didn’t want our users to experience when interacting with their files in Dropbox.It's true that a context switch takes a little bit of time, maybe a couple of microseconds. But remember that Dropbox is a network filesystem, much of the time it needs to go over the internet to fetch a file. Even the fastest network request will take tens of milliseconds—that's ten thousand times slower than a context switch.
So, I'm not sure what's going on here. I guess a lot of the time they'll have cached the file, so they don't need to go over the network?
posted by vasi at 6:03 AM on May 27, 2016 [3 favorites]
It could be worse, it could be box.com (shudders at the remembrance. The horror, the horror)
I work for an IT security reseller, and one of our vendor partners recently emailed us (and other resellers) a link pointing us to a whole directory of fairly sensitive product and sales-incentive documents (the kind of stuff you wouldn't want to fall into a competitor's -- or a customer's -- hands, basically), which they had stored on an unsecured Box.com account. I can't even type that without feeling deep, deep fremdschamen.
posted by Strange Interlude at 6:04 AM on May 27, 2016 [1 favorite]
I work for an IT security reseller, and one of our vendor partners recently emailed us (and other resellers) a link pointing us to a whole directory of fairly sensitive product and sales-incentive documents (the kind of stuff you wouldn't want to fall into a competitor's -- or a customer's -- hands, basically), which they had stored on an unsecured Box.com account. I can't even type that without feeling deep, deep fremdschamen.
posted by Strange Interlude at 6:04 AM on May 27, 2016 [1 favorite]
It's true that a context switch takes a little bit of time, maybe a couple of microseconds. But remember that Dropbox is a network filesystem, much of the time it needs to go over the internet to fetch a file. Even the fastest network request will take tens of milliseconds—that's ten thousand times slower than a context switch.
A lot of caching but the other thing is that going out to FUSE isn't just a context switch, it's that it's two context switches and two trips to kernel mode every 128KB (it used to be worse, it used to be 4KB). Doing it as a kext only requires a mode switch (thank you K64).
posted by Talez at 8:27 AM on May 27, 2016 [2 favorites]
A lot of caching but the other thing is that going out to FUSE isn't just a context switch, it's that it's two context switches and two trips to kernel mode every 128KB (it used to be worse, it used to be 4KB). Doing it as a kext only requires a mode switch (thank you K64).
posted by Talez at 8:27 AM on May 27, 2016 [2 favorites]
I'm not worried about the security exposure. But does the world really need yet another fucking distributed filesystem? NFS and SMB are largely disasters because distributed is not local. The whole brilliance of Dropbox is it provided some of the benefits of a remote filesystem while actually functioning entirely as a local filesystem (with deferred synchronization).
posted by Nelson at 8:34 AM on May 27, 2016 [4 favorites]
posted by Nelson at 8:34 AM on May 27, 2016 [4 favorites]
About a month ago, Dropbox decided I'd shared a link to some malware and turned off my ability to share links. The file in question wasn't malware. The ongoing support ticket on the matter has been tragically unimpressive. Links still don't work.
I can't really complain, because I'm not paying them anything. At this rate, I probably never will.
The existing dropbox client is already a little heavy on context switches. Maybe because (on my machine at least) it's running 90 threads.
90 threads - what in the hell?! etc.
I can see why ambitious changes to their software might make someone nervous.
posted by and for no one at 9:25 AM on May 27, 2016 [2 favorites]
I can't really complain, because I'm not paying them anything. At this rate, I probably never will.
The existing dropbox client is already a little heavy on context switches. Maybe because (on my machine at least) it's running 90 threads.
90 threads - what in the hell?! etc.
I can see why ambitious changes to their software might make someone nervous.
posted by and for no one at 9:25 AM on May 27, 2016 [2 favorites]
The IT industry has almost reached conceptual saturation point - by which I mean that it's almost got to the state where most of the work that's now being done involves re-inventing "modern" solutions to problems already dealt with a generation ago; problems for which no perfect solutions can exist due to fundamental physical limitations, and for which the good-enough solutions developed decades ago have since disappeared down the memory hole.
There really is no fundamental difference between what computers spend most of their time doing now and what they spent their time doing when I first got involved with computing in the late Seventies. The scale, speed and ubiquity is all that's really changed; the vast bulk of the work that gets done still consists of shovelling bits from place to place without doing much to them along the way that's complex or novel or even particularly technically interesting.
As my good friend Don used to observe in the form of a wry email sig: those who fail to understand networking protocols are doomed to re-implement them - poorly - over port 80.
To which I would add only the following: My name is JavaScript, king of things; look upon my frameworks, ye IT, and despair!
posted by flabdablet at 9:29 AM on May 27, 2016 [3 favorites]
There really is no fundamental difference between what computers spend most of their time doing now and what they spent their time doing when I first got involved with computing in the late Seventies. The scale, speed and ubiquity is all that's really changed; the vast bulk of the work that gets done still consists of shovelling bits from place to place without doing much to them along the way that's complex or novel or even particularly technically interesting.
As my good friend Don used to observe in the form of a wry email sig: those who fail to understand networking protocols are doomed to re-implement them - poorly - over port 80.
To which I would add only the following: My name is JavaScript, king of things; look upon my frameworks, ye IT, and despair!
posted by flabdablet at 9:29 AM on May 27, 2016 [3 favorites]
distributed is not local
...and the industry kind of sloshes back and forth between forgetting that and discovering it as if for the first time ever, over and over and over and over and over.
posted by flabdablet at 9:34 AM on May 27, 2016 [5 favorites]
...and the industry kind of sloshes back and forth between forgetting that and discovering it as if for the first time ever, over and over and over and over and over.
posted by flabdablet at 9:34 AM on May 27, 2016 [5 favorites]
I was astonished to the paper I linked (Waldo's "A Note on Distributed Computing") is now 22 years old. There's like a whole generation of Javascript/cloud kids who have never even heard of that paper.
posted by Nelson at 9:50 AM on May 27, 2016 [2 favorites]
posted by Nelson at 9:50 AM on May 27, 2016 [2 favorites]
The problem is I love Dropbox. I have it on multiple machines at home and some of the folders synced at work. I don't have to worry about carrying a USB stick everywhere or emailing stuff to myself, or buying a big NAS thing with raid storage or constantly backing everything up all the time. Stuff is just where I need it to be, when I need it to be. When my Windows drive crashed forever on my main home desktop, I just bought an SSD down the street, installed Windows again plus Office and a couple games, and then installed Dropbox and resynced everything. Boom. So easy ... given that email is insecure and websites track everyone everywhere, etc. I'm not as concerned about this particular thing. But maybe I should be?
Also what do people recommend as an alternative to running a virus scanner (Win 7)? I don't love McAfee but wasn't excited by a couple of alternatives I tried back in the day.
posted by freecellwizard at 10:18 AM on May 27, 2016
Also what do people recommend as an alternative to running a virus scanner (Win 7)? I don't love McAfee but wasn't excited by a couple of alternatives I tried back in the day.
posted by freecellwizard at 10:18 AM on May 27, 2016
The IT industry has almost reached conceptual saturation point - by which I mean that it's almost got to the state where most of the work that's now being done involves re-inventing "modern" solutions to problems already dealt with a generation ago; problems for which no perfect solutions can exist due to fundamental physical limitations, and for which the good-enough solutions developed decades ago have since disappeared down the memory hole.
....
To which I would add only the following: My name is JavaScript, king of things; look upon my frameworks, ye IT, and despair!
A total derail, but this is basically the only way I can explain why Slack is so highly valued. "We forgot IRC existed, then rewrote it in javascript. Now we're rich!"
posted by dis_integration at 10:30 AM on May 27, 2016 [5 favorites]
....
To which I would add only the following: My name is JavaScript, king of things; look upon my frameworks, ye IT, and despair!
A total derail, but this is basically the only way I can explain why Slack is so highly valued. "We forgot IRC existed, then rewrote it in javascript. Now we're rich!"
posted by dis_integration at 10:30 AM on May 27, 2016 [5 favorites]
The day that former US Secretary of State Condoleezza Rice joined DropBox’s board of directors is the day I deleted their app from my computers
It's not like Condi and every director and intern and janitor at Dropbox didn't already know what you were downloading and viewing and storing anyway.
posted by blucevalo at 11:07 AM on May 27, 2016
It's not like Condi and every director and intern and janitor at Dropbox didn't already know what you were downloading and viewing and storing anyway.
posted by blucevalo at 11:07 AM on May 27, 2016
I think a better characterization of Slack would be "some of us nerds like IRC but it's really awkward and ugly and old. So we made a nice modern version with good clients and sell it to companies as a reliable service!" Also these days Slack does a lot more than IRC can do, with the file-sharing and the reacjis and the voice chat and the archives and the ... Yeah you can do all that stuff with free Unix tools, some 20+ years old, but it's all pretty hacky. Slack is a coherent well designed product.
If you want to be reductive, Dropbox is really just rsync. (Or unison, if you're feeling clever.) And yet somehow it's worth $B. Anyone who says they don't understand why is saying something about their own ignorance, not about Dropbox's business.
posted by Nelson at 1:30 PM on May 27, 2016 [2 favorites]
If you want to be reductive, Dropbox is really just rsync. (Or unison, if you're feeling clever.) And yet somehow it's worth $B. Anyone who says they don't understand why is saying something about their own ignorance, not about Dropbox's business.
posted by Nelson at 1:30 PM on May 27, 2016 [2 favorites]
freecellwizard, I can hazard an answer to "how do people maintain security without virus scanners". I've written it into my profile since it felt like I was derailing.
kernel modules make me sad. They could have staved off the criticism by committing to an open-source kernel module. If the module is really being kept minimal for security/auditing, then that should be a no-brainer.
In principle, if we have network filesystems that work at least at hard-drive speeds, I don't see why FUSE has to be any worse. You could even implement it as an NFS server. I'm guessing the answer is that FUSE is relatively new, and NFS's take much development and tuning to get where they are now.
posted by sourcejedi at 1:37 PM on May 27, 2016 [1 favorite]
kernel modules make me sad. They could have staved off the criticism by committing to an open-source kernel module. If the module is really being kept minimal for security/auditing, then that should be a no-brainer.
In principle, if we have network filesystems that work at least at hard-drive speeds, I don't see why FUSE has to be any worse. You could even implement it as an NFS server. I'm guessing the answer is that FUSE is relatively new, and NFS's take much development and tuning to get where they are now.
posted by sourcejedi at 1:37 PM on May 27, 2016 [1 favorite]
what do people recommend as an alternative to running a virus scanner (Win 7)? I don't love McAfee but wasn't excited by a couple of alternatives I tried back in the day.
I recommend running a scanner, but never paying for one. Panda's freebie continues to be quite good enough: once installed properly* it's generally trouble free and both quieter and more competent than Windows Defender. Unusually for a freebie, its licence terms permit free use inside non-profit organizations as well as on individually-owned personal computers.
*The default installation is noisy, invasive and potentially dangerous. Traps for the unwary:
1. Resist the initial upsell to the paid version. The freebie really is as much as you need. That dim, apparently greyed-out "No, thank you" button on the upsell interstitial works just fine.
2. Panda has, for reasons I utterly fail to comprehend, chosen download.cnet.com as their distribution partner. That means that if you're using uBlock Origin, as you definitely should be, you get a big scary warning advising you not to visit the download site. Override that and proceed with caution.
3. Having arrived at download.cnet.com, make sure you only click on the huge green "Download Now" button immediately below the huge black "Panda Free Antivirus 2016" heading. The file you should be offered is called PANDAFREEAV.exe, about 2MB in size. DO NOT click on any other download button, and DO NOT accept any other file. Download.cnet.com is a total hotbed of bullshit foistware, and uBlock Origin warns against it for good and sufficient reasons.
4. Even before your browser starts to download PANDAFREEAV.exe, download.cnet.com will start loading an annoying "how to" video just to chew up a bit more of your bandwidth. Turn that off as soon as possible; just closing the download.cnet.com page once PANDAFREEAV.exe has actually started to download usually works.
5. Once PANDAFREEAV.exe has downloaded and you launch it, you will get a pointless Next button that exists only to condition you into completing the rest of the installation without reading anything. Don't fall for that. On the very next dialog, there are three checkboxes that you absolutely need to turn OFF before proceeding: you DO NOT WANT the Panda Security Toolbar, or to have your search provider hijacked, or to have your home page hijacked. Having declined those generous offers, click "Accept and Install" to proceed.
6. Again comes the upsell. Resist it, and click "Basic protection". This triggers downloading the actual product, with a progress bar accompanied by lots of lovely stock photos of underwater hipsters.
7. At the "Installation complete" screen, click "Open now", then wait for the first-run nonsense to finish doing whatever the hell it does.
8. When you finally arrive at a dialog with "Start v" in the top left corner, click the v (it's a dropdown menu indicator) and choose Settings. Then scroll all the way to the bottom of the resulting Settings pane, and turn "Show Panda news" OFF. If you leave this step out, the product will periodically pester you with upsell toasters.
Having done all the above, you end up with an experience much like the one the original Panda Cloud Antivirus used to offer before Marketing got their hands on it.
posted by flabdablet at 3:04 AM on May 28, 2016 [3 favorites]
I recommend running a scanner, but never paying for one. Panda's freebie continues to be quite good enough: once installed properly* it's generally trouble free and both quieter and more competent than Windows Defender. Unusually for a freebie, its licence terms permit free use inside non-profit organizations as well as on individually-owned personal computers.
*The default installation is noisy, invasive and potentially dangerous. Traps for the unwary:
1. Resist the initial upsell to the paid version. The freebie really is as much as you need. That dim, apparently greyed-out "No, thank you" button on the upsell interstitial works just fine.
2. Panda has, for reasons I utterly fail to comprehend, chosen download.cnet.com as their distribution partner. That means that if you're using uBlock Origin, as you definitely should be, you get a big scary warning advising you not to visit the download site. Override that and proceed with caution.
3. Having arrived at download.cnet.com, make sure you only click on the huge green "Download Now" button immediately below the huge black "Panda Free Antivirus 2016" heading. The file you should be offered is called PANDAFREEAV.exe, about 2MB in size. DO NOT click on any other download button, and DO NOT accept any other file. Download.cnet.com is a total hotbed of bullshit foistware, and uBlock Origin warns against it for good and sufficient reasons.
4. Even before your browser starts to download PANDAFREEAV.exe, download.cnet.com will start loading an annoying "how to" video just to chew up a bit more of your bandwidth. Turn that off as soon as possible; just closing the download.cnet.com page once PANDAFREEAV.exe has actually started to download usually works.
5. Once PANDAFREEAV.exe has downloaded and you launch it, you will get a pointless Next button that exists only to condition you into completing the rest of the installation without reading anything. Don't fall for that. On the very next dialog, there are three checkboxes that you absolutely need to turn OFF before proceeding: you DO NOT WANT the Panda Security Toolbar, or to have your search provider hijacked, or to have your home page hijacked. Having declined those generous offers, click "Accept and Install" to proceed.
6. Again comes the upsell. Resist it, and click "Basic protection". This triggers downloading the actual product, with a progress bar accompanied by lots of lovely stock photos of underwater hipsters.
7. At the "Installation complete" screen, click "Open now", then wait for the first-run nonsense to finish doing whatever the hell it does.
8. When you finally arrive at a dialog with "Start v" in the top left corner, click the v (it's a dropdown menu indicator) and choose Settings. Then scroll all the way to the bottom of the resulting Settings pane, and turn "Show Panda news" OFF. If you leave this step out, the product will periodically pester you with upsell toasters.
Having done all the above, you end up with an experience much like the one the original Panda Cloud Antivirus used to offer before Marketing got their hands on it.
posted by flabdablet at 3:04 AM on May 28, 2016 [3 favorites]
It's 2016, and antivirus products have become almost as annoying and obnoxious as the things they promise to guard against. Seriously, look at that list of instructions.
posted by JHarris at 10:54 AM on May 28, 2016 [5 favorites]
posted by JHarris at 10:54 AM on May 28, 2016 [5 favorites]
One of the reasons I like Panda compared to a heap of the others is precisely that you can turn all that extra crap off, and once you've done so it doesn't try to sneak back in.
Does Avast still do that thing where they make you jump through a re-licensing hoop every three years in the hope of getting an upsell? I hate that thing. Also not too keen on synthesized voices telling me that the AV has just done something.
I've installed Panda on a lot of machines, and it's caused very little trouble. Twice I've seen it fail to upgrade itself properly, which slows the machine to a crawl (fixed by uninstalling in Safe Mode, then reinstalling) but apart from that it's been really good.
Back on topic: I've played with quite a lot of continuous file sync applications, and Dropbox has consistently been the least troublesome. Given that every modern filesystem has change-notification hooks inbuilt, I can see no reason at all why a file sync app should sit there consuming 100% of a CPU core - yet many of them do. Dropbox's client doesn't; when there's nothing for it to do, it does very little.
Unlike Google Drive, it's good at dealing with sync conflicts from multiple clients, it doesn't lose the plot when you add or remove files from folders nested several deep inside the outermost one it's supposed to be watching, and it recovers gracefully from loss of network connectivity. I've never had to unsync and resync a Dropbox folder just to make it work right.
Also, at least on Linux, you can make it sync stuff that's not actually inside its own folder, just by creating symlinks. I like it a great deal.
My main concerns with Dropbox Infinite is that it looks like a rewrite of something that already works really well, which historically is a pattern that involves a slew of irritating new bugs; and I am quite sure they're going to make it a mandatory upgrade, which means the new bugs will become mandatory as well.
I really like the way the existing Dropbox software works, and I wish they didn't feel the need to screw with it.
posted by flabdablet at 3:42 AM on May 29, 2016 [1 favorite]
Does Avast still do that thing where they make you jump through a re-licensing hoop every three years in the hope of getting an upsell? I hate that thing. Also not too keen on synthesized voices telling me that the AV has just done something.
I've installed Panda on a lot of machines, and it's caused very little trouble. Twice I've seen it fail to upgrade itself properly, which slows the machine to a crawl (fixed by uninstalling in Safe Mode, then reinstalling) but apart from that it's been really good.
Back on topic: I've played with quite a lot of continuous file sync applications, and Dropbox has consistently been the least troublesome. Given that every modern filesystem has change-notification hooks inbuilt, I can see no reason at all why a file sync app should sit there consuming 100% of a CPU core - yet many of them do. Dropbox's client doesn't; when there's nothing for it to do, it does very little.
Unlike Google Drive, it's good at dealing with sync conflicts from multiple clients, it doesn't lose the plot when you add or remove files from folders nested several deep inside the outermost one it's supposed to be watching, and it recovers gracefully from loss of network connectivity. I've never had to unsync and resync a Dropbox folder just to make it work right.
Also, at least on Linux, you can make it sync stuff that's not actually inside its own folder, just by creating symlinks. I like it a great deal.
My main concerns with Dropbox Infinite is that it looks like a rewrite of something that already works really well, which historically is a pattern that involves a slew of irritating new bugs; and I am quite sure they're going to make it a mandatory upgrade, which means the new bugs will become mandatory as well.
I really like the way the existing Dropbox software works, and I wish they didn't feel the need to screw with it.
posted by flabdablet at 3:42 AM on May 29, 2016 [1 favorite]
Capitalism gives us so many great products, but so often it also seems to compel companies to ruin them. And for what? Isn't Dropbox's whole business model to sell sync storage capacity? If it's watching your whole hard drive by implication, what does that do to that?
posted by JHarris at 4:08 AM on May 29, 2016
posted by JHarris at 4:08 AM on May 29, 2016
at least on Linux, you can make it sync stuff that's not actually inside its own folder, just by creating symlinks.
Works on OS X also.
posted by Johnny Wallflower at 7:14 AM on May 29, 2016
Works on OS X also.
posted by Johnny Wallflower at 7:14 AM on May 29, 2016
« Older Rediscovery of the 2nd known African-American... | Seeing the Music Newer »
This thread has been archived and is closed to new comments
posted by nickrussell at 5:54 PM on May 26, 2016 [10 favorites]