‘Extremely weak’ security in file hosting sites
A research carried out by the Katholieke Universiteit Leuven in Belgium and France’s Institute Eurecom reveals that the private files stored on cloud sites are extremely vulnerable to attakers. After examining 100 file hosting services, the researchers concluded that the unique URIs(Uniform Resource Identifiers) were too predictable and easy to crack.
The service providers claim that these URIs are secret and cannot be guessed, but the research results prove to be otherwise. The research reveals that the ‘secret’ URIs are generated in a predictable fashion; thereby making it easy for the attackers to guess and get access to the content.
The report did not point out any particular service provider specifically. However, during a month’s testing they could extract more tha 168,000 private files.