You might see that the Dropbox Community team have been busy working on some major updates to the Community itself! So, here is some info on what’s changed, what’s staying the same and what you can expect from the Dropbox Community overall.
Forum Discussion
Threlly
5 years agoCollaborator | Level 8
Why So Much Telemetry ?
Hi All,
My Pi Hole is blocking an INCREDIBLE amount of DropBox telemetry, even more than Windows telemetry, and by a large margin.
So I have a few questions.
1. What is this telemetry for ?
2. What information is in there ?
3. Who gets to see it (ie, is it shared in any way with, let's say, advertisers)
4. Why is it being blocked by my standard Pi Hole list, what threat could it be ?
5. Where do I turn it off if I wish to ?
Cheers,
Threlly
- anforowiczNew member | Level 2
Hello,
I am a Chrome Engineer, working for the Chrome Security team. In Chrome 85, a security feature called CORS-for-content-scripts has shipped - after Chrome 85 content scripts can no longer bypass CORS, even if an extension has permission to the target host. The Chrome 85 changes have been announced in March 2020 on chromium-extensions@ discussion list, as well as in Chrome Enterprise Release notes.
The "Dropbox for GMail" Chrome Extension has been identified as affected by Chrome telemetry in earlier Chrome versions. An email notification to CWS@dropbox.com (the email registered in Chrome Web Store) was sent out in June 2020. To avoid disruptions, the extension has been put on a temporary "allowlist" that exempts the extension from Chrome 85 changes (as we've announced earlier, the "allowlist" is being removed in Chrome 87). Our manual testing indicates that the "Dropbox for GMail" Chrome Extension has not yet migrated to the new security model and will stop working in Chrome 87 (starting with version 87.0.4266.0, currently in the Chrome Canary channel).
Please migrate the "Dropbox for GMail" Chrome Extension to the new security model as soon as possible. The tentative Chrome 87 release schedule is to ship to the Beta channel on 2020-10-15 and to start rolling out the Stable channel on 2020-11-17. More details about the changes and migration guidelines are available at https://www.chromium.org/Home/chromium-security/extension-content-script-fetches.
Best regards,
Lukasz Anforowicz
- WalterDropbox Staff
Hi anforowicz; thanks for the extensive report and welcome to the Dropbox Community!
As I'd like to get this under the attention of one of our experts, would it be OK if I used the email address that's connected to your profile here on our Community to further investigate?
Thanks a bunch, Lukasz.
- anforowiczNew member | Level 2
RE: would it be OK if I used the email address that's connected to your profile here on our Community to further investigate
Sure, that should be totally ok. Thank you for asking.
-Lukasz
- edie828Helpful | Level 5
I read the "fix" script. No way am I equipped to figure this out. Is there a plain English version that I can access? My business is being severely affected by what I think this problem is.
When I try to download the attachment to the dropbox using the chrome extension (in ANY of my gmail accounts), nothing happens. Everything was seamless and problem-free until a few days ago.
- ThrellyCollaborator | Level 8
Ok,
So Dropbox will not address the problem of data being siphoned from our machines & devices, the options in the client do NOT stop this.
Their privacy statement does not address this issue and it remains seemingly illegal within GDPR regulations.
Why has this not been addressed ?
- ThrellyCollaborator | Level 8
- WalterDropbox Staff
Hi Threlly; welcome to our Community!
I'm not aware of this exact domain and as a matter of fact is not listed within our official domains. Can you let me know some additional information about the device you're seeing this on, such as if you're running the desktop application and/or if you're using a web browser to access a Dropbox account etc.?
Regarding your last queries, I'd suggest getting in touch with the 3rd party app you mentioned directly as they might have more information.
In any case, please let me know what you find, Threlly.
- ThrellyCollaborator | Level 8
Hi,
I'm using the Windows 10 desktop app v106.4.368.
I rarely access dropbox in the browser.
Even if I quit the client the DropBox service (DbxSvc) remains active in my task list, as does "DropBox Update 32bit".
Gary
- ThrellyCollaborator | Level 8
Hi All,
My Pi Hole is blocking an INCREDIBLE amount of DropBox telemetry, even more than Windows telemetry, and by a large margin.
So I have a few questions.
1. What is this telemetry for ?
2. What information is in there ?
3. Who gets to see it (ie, is it shared in any way with, let's say, advertisers)
4. Why is it being blocked by my standard Pi Hole list, what threat could it be ?
5. Where do I turn it off if I wish to ?
Cheers,
Threlly
- JingleDjangoHelpful | Level 6
I'm following this thread with interest.
- ThrellyCollaborator | Level 8
So,
Pi-Hole users, are you still seeing Dropbox siphon off enormous amounts of your personal data to their servers with no option to stop it?
Are dropbox still refusing to address the issue correctly and to the satisfaction of their paying customers?
Do we know who Dropbox's GDPR Data Protection Officer is in the U.K/E.U?
About Integrations
Find solutions to issues with third-party integrations from the Dropbox Community. Share advice and help members with their integration questions.
Need more support
If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.
For more info on available support options for your Dropbox plan, see this article.
If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!