Two recent security breaches may be a blessing in disguise for our most used and well known online services as companies quickly shift blame to third party applications.
We’ve all read the warnings. “Only use trusted apps”, “We can not verify the integrity of 3rd Party applications and your data may not be safe.” And for the most part, we ignore them (I know I have). Every day, people access popular online services such as Facebook and Twitter using 3rd Party applicaions. Whether it be because of aggravation with the stock client (*cough* Facebook *cough*), or a way to consolidate several services into a single portal, these apps are becoming increasingly more popular…. and an ever increasing headache to the services they access.
Of the two, the Dropbox leak poses to be more damaging. It’s one thing to have those nude selfies you took in the bathroom leaked, it’s another to have someone rifle through your virtual filing cabinet. Many people use cloud sites like Dropbox, OneDrive and Google Drive as safe, secure online storage for documents that could contain valuable personal and financial data, tax returns, bank statements, etc. And while these sites encrypt your data, that encryption is all but useless if the snooping party comes in as a fully authenticated user.
So these services view third party apps like someone making copies of their shop keys and handing them out like Halloween candy. Facebook, Google, they spend a tremendous amount of time, money and effort fending off direct attacks and the fact that a hacker can exploit a third party app and waltz right in as a validated user must drive them nuts. And it is also why they must have all cheered when both Snapchat and Dropbox announced that their recent breaches were not due to their mistakes, but because of a failure of a third party app.
Where do they go from here? It’s becoming ever more clear that security, not content, will be what dominates the online community in the near future. Short term, it gives the major content services ammunition to win back users who have moved off their native applications. But this may ultimately give companies like Facebook the justification to close off their services and force users to access their sites via approved channels only…. spelling the end of apps like DropSync and limiting the functionality of popular utilities such as DashClock, which has extensions that connect to most major services.
So what price will we ultimately pay to keep our information safe? Where do you think this will lead? Let us know in the comments below, or on Facebook, Google+, or Twitter!