It is designed to give the business control over the employee’s data stored within the synced folders. The file stored on Google drive should be an exact byte for byte match with the original file until the user either modifies the cloud file in Google Docs or the locally stored file in a spreadsheet application.
Storage technology researcher Seán Byrne found out by accident that what gets synced to the cloud is generally not the same as what gets synced back from the cloud, even when no one has touched the files online
According to Seán Byrne, "When OneDrive got stuck in an endless loop of trying to sync a few files and the issue returned when I tried clearing its cache as instructed on Microsoft’s discussion forum, I decided to stop syncing the OneDrive folder and backed it up.
I then deleted the original synced folder and got OneDrive to start syncing it again, so it would get a fresh copy from the cloud. In an aim to check if any files got damaged due to the earlier syncing issue, I used a utility called MD5summer to create MD5 hashes for its content and repeated this process for the freshly synced folder.
To my surprise, the vast majority of the files showed ‘Checksum did not match’. Surely most of my files haven’t gone corrupt?I then started opening various files that failed the MD5 check, but could not find any obvious damage to any file. That was until I noticed several PHP files from a website theme that also failed the MD5 check.
When I compared them side by side in Notepad++, I noticed straight away a few pieces of code injected into the header that clearly could not have been caused by any form of data corruption. I knew for sure that neither I nor anyone else would have made these changes as the theme files were from a former website CMS package, so I then tried finding out what was modifying these files."
The following highlighted in red is what OneDrive for Business injected into the HTML file:
While ‘uuid’ stands for Universally unique identifier, this code “C2F41010-65B3-11d1-A29F-00AA00C14882” remains the same in every PHP and HTML file it modified, including with other users.
Word, Excel and Publisher files, these grew by about 8KB. Unlike the web files, these Microsoft Office files had what appears to be uniquely identifiable code added, potentially making it possible to match them to a company and possibly even to a specific user’s account.
WHen Byrne used 7-zip to look inside the two Microsoft Publisher files, the synced Publisher file had a ‘MsoDataStore’ folder added in it, inside which contains 3 folders with gibberish names and 2 XML files inside each.
The same ContentTypeID code inside as the Word file and while it matched, it was different to that in files I compared with other users.
Based on Myce testing, they found that the consumer version of OneDrive does not appear to any modify files, whether synced with the desktop product or through the web interface.
No comments:
Post a Comment