Academic researchers say they’ve uncovered weaknesses in dozens of the most popular file hosting sites that allow people to gain unauthorized access to data that’s supposed to be available only to those selected by the user, reports Dan Goodin writing on Theregister.
“The services, which include sites such RapidShare, FileFactory, and Easyshare, allow users to upload large files and make them available to anyone who knows the unique URI (or Uniform Resource Identifier) that’s bound to each one. Users may post the link on websites or forums available to the public or share it in a single email to prevent all but the recipient from downloading it. RapidShare, for instance, says it can be used to “share your data with your friends, colleagues or family.”
But according to academics in Belgium and France, a “significant percentage” of the 100 FHSs (or file hosting services) they studied made it trivial for outsiders to access the files simply by guessing the URLs that are bound to each uploaded file. What’s more, they presented evidence that such attacks, far from being theoretical, are already happening in the wild.”
Read more: http://www.theregister.co.uk/2011/05/08/file_hosting_sites_under_attack/
