Dropbox patches Heartbleed, opens Australian office

Dropbox patches Heartbleed, opens Australian office

Summary: Dropbox has reiterated that it's 275 million users are safe from Heartbleed, following announcing the opening of its first Australian office in Sydney.


To ensure its servicing its four million plus Australian businesses, including 95 percent of the ASX 100 companies, Dropbox has announced the opening of its first Australian office in Sydney. 

Dropbox enterprise strategy vice president Ross Piper said the Sydney team will help bring culture and best practice to the country.

"Given the adoption amongst individuals and businesses, we wanted to build a team close our customers," he said today.

Atalassian, Macquarie Bank, and Mirvac are among a handful of Australian Dropbox customers that will be able to take advantage of this.

Heading the setup of the new office will be co-APAC and Japan leads Tony Huie and Oliver Jay.

Piper confirmed while the office opening will mean the company will be closer to its customers, all customer data will continue to be stored in its US datacentres, with no imminent plans to open a local data centre in Australia. But he reassured that the company is compliant with Australia's new privacy laws.

Piper defended the quiet way that Dropbox disclosed its vulnerability to Heartbleed last week, deciding not to email its users directly, and instead informing its 275 million users via a blog post.

He said while the company is using a version of OpenSSL encryption that was affected by Heartbleed, Dropbox has taken all the necessary precautions to patch its servers to address the problem.

"We notified all of our users that this had occurred and updated that we had patched our services through our blog, and have suggested that users change their passwords," he said.

"We also have Perfect Forward technology, so any of the vulnerabilities that were open don't go into past access. Any past access that a key might have had, it doesn't allow it to be re-used, and that's been one of the technologies that has protected a lot of users.

"But we did patch all of our services, we rotated all of our keys, all of our encryptions, every user-facing aspect of the service."

Further, Piper said Condoleezza Rice's appointment to the board does not change the company's privacy policy, despite recent criticisms.

"It doesn't change our privacy policy. Our reasons for bringing Dr Rice on board centres around her incredible experience managing very large scale organisations...as well as dealing with very highly-talented individuals, which suits our engineering culture very well," he said.

"We think we've built a pretty good and trusting relationship with our users, and we want to maintain that through everything. We've made the decision about Dr Rice based on the reasons that I've described, and we think it's still our responsibility to earn that trust every day and we will continue to do everything to create clearer transparency and conform to the privacy requirements of our users."

In conjunction with the opening of its Sydney office, the company has also announced the launch of Project Harmony, which has been designed to work with Microsoft Office Words, Excel, and Powerpoint.

It will enable users to have real-time conversations and synchronise updates to files, no matter which platform they're working on, said Piper.

Piper said there plans extend its core applications to synchronise with other platforms going forward.

The release of Project Harmony complements the company's Dropbox for Business tool, which was announced last week.

"Dropbox for Business marries the app people use on an individual basis with the controls, transparency, and governance that business and IT expect," Piper said.

Topics: Cloud, Security, Australia


Since completing a degree in journalism, Aimee has had her fair share of covering various topics, including business, retail, manufacturing, and travel. She continues to expand her repertoire as a tech journalist with ZDNet.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Money?

    I guess this is what they're spending their VC money on, but I wonder how they're doing on their own, if they're making a profit. If they're anything like Box, then I would be skeptical, because they're less oriented towards enterprise, and that's where the money is at in the cloud. This news of the Heartbleed issue certainly doesn't help going forward either, although I guess that's not really their fault. As for the last point in the article, I think the biggest problem Dropbox will have in getting people board is how expensive their pricing is. I found from experience that it's just so much higher than the competition that's it's almost not even worth considering.
  • Too Expensive and Not Trustworthy

    While I did go ahead and close my free Dropbox account, I never used it anyway so it was more of a symbolic protest. I don't think they'll miss the $0 in revenue they received from me.

    Google Drive is a far better option for cloud storage in terms of price per GB. For example, Google gives you 15GB for free while Dropbox gives you only 2GB. Dropbox charges $49.99 per month for ½ TB while Google charges $9.99 per month for 1TB, essentially 1/10th the price per GB on Google Drive (these are prices in US$). A small price difference would not be a big deal, but 900% more is a bit much.

    I compared a bunch of the different cloud storage providers and only Box.com and Apple iCloud were more than Dropbox. Microsoft Onedrive, Amazon Cloud Drive, and copy.com are all considerably less expensive than Dropbox as well. And as far as I know, none of these companies have someone as odious as Dr. Rice on their boards of directors.

    Even if Dropbox comes to its senses and drops Dr. Rice I probably would not open an account there until they fix their pricing model.

    What I really would like is the ability to collaborate on Microsoft Office documents rather than on Google Docs documents, and one of Dropbox's new products will have that capability. But the company I work for would never use Dropbox after what they did so I'm stuck with Google Docs. Dropbox doesn't realize that it's not just individuals that are going to not use them because of what they did, but many corporations as well.

    I would say to Dropbox, "get your own house in order and then we'll consider purchasing your product. By appointing Dr. Rice you've made a strong statement that ethics have no place in your company. Yet you expect people to trust you with their data."