Dropbox is in for another round of user anger thanks to Dropbox Reader
It wasn’t that long ago, even by Internet time, that everyone who used the Dropbox; a file storage in the cloud service, got into a great big huff when the company changed their Terms of Service (ToS) so that law enforcement officers could help themselves to the contents of your Dropbox account as long as they had a warrant.
This of course was after Dropbox had built up a really nice user base because of their statement that individuals using the Dropbox service were the only ones who would be able to see the files in their private folder.
Now it seems that never mind about cops with warrants all anyone needs to be able to see anyone’s private files on Dropbox is a handy set of small Python scripts called Dropbox Reader.
Dropbox Reader is actually a series of six command line Python scripts which parse the configuration and cache files of a Dropbox account, including the user’s registered e-mail address, dropbox identifier, software version info and list of recently changed files stored in config.db, the information about shared directories and files marked for sync stored in filecache.db.
According to the readme file accompanying Dropbox Reader, the Python scripts operate on SQLite3 Dropbox database files which are typically stored in the ~/.dropbox directory on Linux and OS X machines, and in %AppData%\Dropbox on Windows machines.
You just have to know that once word of this spread that the proverbial poop is going to hit the fan, and given the past reaction to the change of Dropbox’s ToS this isn’t going to end well.