“Bilby wants security types to focus on tools such as whitelisting, hardware security keys and dynamic access rights efforts like Google’s Beyond Corp internal project. Whitelisting is the opposite of how antivirus apps work. It only allows apps to run from a list of approved apps. Anything else is denied execution. “
“Antivirus does some useful things, but in reality it is more like a canary in the coal mine. It is worse than that. It’s like we are standing around the dead canary saying, ‘Thank God it inhaled all the poisonous gas,'” he said.
To protect data in transit between Dropbox apps and our servers, Dropbox uses Secure Sockets Layer (SSL)/Transport Layer
Security (TLS) for data transfer, creating a secure tunnel protected by 128-bit or higher Advanced Encryption Standard (AES) encryption. File data in transit between a Dropbox client (currently desktop, mobile, API, or web) and the hosted service is
always encrypted via SSL/TLS. For end points we control (desktop and mobile) and modern browsers, we use strong ciphers and support perfect forward secrecy and certificate pinning. Additionally, on the web we flag all authentication cookies as secure and enable HTTP Strict Transport Security (HSTS) with includeSubDomains enabled.