A lot of people use Dropbox as a convenient way to transfer large files from one person’s computer to another. I find it to be extremely helpful for podcasters who need to send an audio file of their voice track to an editor who puts everything together. Today, I learned something rather unexpected about who, exactly, can see the files that are in my Dropbox.
My husband and I are both podcasters. We have a podcast that we do together. I do a couple of other podcasts without him. He edits some of the podcasts that I do and some podcasts that I am not a part of. As such, both of us use Dropbox to move audio files around.
The computer I use, and the one that my husband uses, are on a home network. He has admin level access to my computer. We find this to be helpful for many reasons – one being that it makes it easier for him to grab the audio file of my voice track for a podcast that he will be editing. Obviously, he and I are both aware that his admin status means that he can access anything on my computer.
It turns out that the admin status also allows him to access my Dropbox. He discovered today that he can use his admin status to gain access to my computer and that it also allowed him to access my Dropbox. He was able to open folders, look at the contents, and remove files.
Now, some of the folders that I have been invited to are the same ones that he has been invited to. For example, today he was editing a podcast that I am involved with. He and I already had access to that particular folder. He could access that one from his own computer.
Surprisingly, he was also able to access folders that he had never been invited to. There is a podcast that I do with a friend of mine. That friend does the editing. My husband has no need to be invited to that particular folder. Even so, my husband was able to open that folder, look at the contents and remove files. He could have put files into that folder if he chose to do so.
Typically, people are very careful about who they allow to access their computer. Admin status should never be given out on a whim. We only give that to people we trust. Before this little experiment, I had no idea that giving a person admin status to your computer also gave that person complete access to your Dropbox.
For me and my husband, this isn’t really an issue. We trust each other. Our network is at home and secure. That being said, it made us both wonder about the potential risks involved with work computers that are accessible by multiple people within one company or business.