It was recently found that Microsoft modifies files that a synced to
their OneCloud system, and places a Universally Unique Identifier (UUID)
code into files that are synced to their cloud system… to read more,
click the link below…
http://www.itnews.com.au/News/383636,microsoft-onedrive-alters-user-files-adds-unique-ids.aspx
Please be aware that this can happen and may have negative repercussions, especially when considering the new privacy law and legal repercussions of using files that have unknowingly been modified by a third party (as per excerpt…)
"... let’s say a file is used as evidence in a court case. How do you prove that the company did not intentionally modify it?" he said.
This has only been discovered on the Microsoft Cloud system a few days ago, and being so, I am sure more IT security experts will be researching the filing methods of other cloud providers to see if any other code is injected into the files as they get synced.
Food for thought and awareness.
http://www.itnews.com.au/News/383636,microsoft-onedrive-alters-user-files-adds-unique-ids.aspx
Please be aware that this can happen and may have negative repercussions, especially when considering the new privacy law and legal repercussions of using files that have unknowingly been modified by a third party (as per excerpt…)
"... let’s say a file is used as evidence in a court case. How do you prove that the company did not intentionally modify it?" he said.
This has only been discovered on the Microsoft Cloud system a few days ago, and being so, I am sure more IT security experts will be researching the filing methods of other cloud providers to see if any other code is injected into the files as they get synced.
To expand on the finding, as Microsoft relies on technology
to do the code injection – it is not unforeseeable that other cloud companies
are doing the same, and that any files placed in the cloud for backup purposes
or otherwise, may potentially be affected or even get corrupted if additional
code is injected into the files e.g. what would happen if an accounting file
such as MYOB, Quicken, Attaché, etc., is backed up to the cloud, and some code
is injected into the file. This could potentially make said file corrupted
and/or unusable due to the additional lines of code which could have been
placed in the file.
It also brings to light that if Microsoft can inject code
into the files, the same technology is potentially able to extract code or
information from said files during the syncing process as well, if used by unsavoury
characters.
Comments