You are here: » Software Testing » Yet Another Example of the Need for Software Testing

Yet Another Example of the Need for Software Testing

This is yet another post in my ongoing campaign to let the world know about the criticality of software testing, especially “quality” testing that incorporates ISEB & ISTQB best practices.  This time, one of my favorite services, DropBox, basically dropped the ball!

Here’s what happened.  The company made a code update which resulted in the introduction of a major authentication bug.  Specifically, for almost 4 hours the defect caused the authentication mechanism to fail, which essentially allowed anyone to access anyone else’s account without the proper log-in credentials!

If you’ve never heard of DropBox, it is a tool that allows you to “drop” your computer files into an icon on your desktop so that they can be stored / backed-up on a remote server.  Once backed up, the user can log-in to his/her account to access or share the files as he/she sees fit.  The company claims to have about 25 million users, and it is not a stretch to assume that a good percentage of them keep personally identifiable information and other sensitive data stored in their accounts.  Yikes!

Although ‘only’ up to 1% of all user accounts were impacted, 1% of 25 million is still a whopping 250,000 people!  I sure hope the company’s public relations’ staff is ready to engage in some heavy-duty damage control!

Although the issue has been resolved, you have to wonder how vulnerable a service like DropBox is to future security breaches, whether caused by a bug or a hack.  In this case, it is obvious that the company’s software testing efforts epically failed, and hence it is reasonable to assume that something like this will happen again sooner or later.  I sincerely hope that DropBox is now committed to better software testing, because if something like this does ever happen again due to their negligence, they’ll be looking at a mass exodus of users and a rapid erosion of their brand and reputation.  Let’s hope that they now “get it”!


Related posts:

  1. News Roundup: 3 Examples of Recent Software Testing Bugs
  2. Not All Software Testing Defects should be Reported

Filed Under: Software Testing

Leave a Reply