Dropbox will soon require Kernel access

Martin Brinkmann
May 26, 2016

Dropbox revealed Project Infinite, a new way of managing files on desktop systems when the Dropbox client is being used, about a week ago.

The main feature that Project Infinite brings along with it is a placeholder mechanic that displays all files on the desktop computer even if they are not synced. This gives you an overview of all of the files stored on Dropbox and improves manageability because of it.

This is similar to what Microsoft's SkyDrive Onedrive offered for some time before the feature was pulled by the company (too confusing to users was the reason I think that Microsoft gave back then).

Dropbox did not reveal all the required information about Project Infinite last week, and has just published another blog post that reveals technical information on how the company plans to make the feature available.

dropbox kernel
by Dropbox

The company invested "the better part of two years" to create the solution. The gist of the article is that Dropbox will require Kernel access for the new feature.

Traditionally, Dropbox operated entirely in user space as a program just like any other on your machine. With Dropbox Infinite, we’re going deeper: into the kernel—the core of the operating system.

With Project Infinite, Dropbox is evolving from a process that passively watches what happens on your local disk to one that actively plays a role in your filesystem.

Current versions of Dropbox operate in the user space only, and while that limits what Dropbox can do with the program somewhat, it is safer for a variety of reasons.

A Dropbox client with kernel access can theoretically see and access everything on the system. While that may not be a problem on its own, you do trust Dropbox enough to store some of your files on their servers after all, it can have serious security or performance implications.

Bad code could cause crashes or performance issues, and security vulnerabilities could wreak havoc on the system thanks to kernel access.

Dropbox is not the only program to require kernel access, but access for the most part is limited to security solutions and system drivers.

We don't know yet if there will be a switch in the Dropbox client to turn kernel access on or off. If I had to guess, I'd say it will be implemented without such a switch meaning that Dropbox will require kernel access going forward.

If you feel uncomfortable giving the program these access rights, you may want to consider one of the following options:

  1. Use Dropbox exclusively on the website. This is not very practical as it does away with the comfortable syncing and making available of files, but is more secure from a security point of view.
  2. Use a third-party sync client such as Multi Cloud instead which gives you access to your Dropbox files on the desktop without using the Dropbox client.
  3. Drop Dropbox, and switch to another cloud synchronization service instead.

Now You: Do you mind giving Dropbox kernel access?

Dropbox will soon require Kernel access
Article Name
Dropbox will soon require Kernel access
Dropbox's upcoming Project Infinite will require operating system kernel access. Read on to find out what that means, and what you can do about it.
Ghacks Technology News

Tutorials & Tips

Previous Post: «
Next Post: «


  1. Don Gateley said on May 29, 2016 at 10:30 pm

    As a one time kernel level coder this makes perfect sense to me. You hook into the file system as early as you can for performance but you do so very, very carefully. Done right, with adequate specification this is not a problem. I’ll trust they get it right if I can gain this new view of my wider filesystem. The sooner the better.

    If they can get in at the right level they can push off most of the system security functions and leave that to what the OS already employs. Excellent strategy for security.

  2. insanelyapple said on May 27, 2016 at 3:27 am

    I stopped using Dropbox mainly because they wanted kind of “better” file scanning, high-res file thumbnails and introduced arbitrary way of solving user problems; not mention that Condoleezza Rice was invited aboard… Which itself says that service isn’t any more safe.

    1. Tony said on May 28, 2016 at 11:05 am

      Yes, once Dropbox announced that Condoleezza Rice would be joining their Board of Directors, many informed people stopped using their service and will likely never touch it again.

  3. Microceph 10 said on May 27, 2016 at 12:08 am

    Kernel access? It’s funny that people think Chinese companies are untrustworthy backdoor hackers, because the most trusted and biggest western tech companies are hacking in plain sight through the frontdoor, backdoor, and windows, and your smart refrigerator, and your car, and your neighbor’s house. Year’s ago there was a joke about TVs spying on people, tinfoil hats etc., not a joke anymore.

  4. Roman Podolyan said on May 26, 2016 at 6:18 pm

    I do not trust Dropbox to that level, so if they won’t make this feature absolutely optional (you don’t install it = you don’t have it) I’m going to switch to something else.

  5. Jeff-FL said on May 26, 2016 at 6:05 pm

    If they do this, and it isn’t entirely optional, I’m dumping them. There’s no need to give someone kernel access to your PC for a “feature” that very few people need or want.

    There are good open-source, decentralized solutions, such as Syncthing and Owncloud.

  6. what said on May 26, 2016 at 4:58 pm

    former Secretary of State and National Security Advisor
    wants load some obscure FUSE module.
    Allow y/n?

    1. Tom Hawack said on May 26, 2016 at 6:09 pm

      Concerning Rice always choose Uncle Ben’s : never sticks.

  7. Tom Hawack said on May 26, 2016 at 3:26 pm

    Here I’m using hubiC free plan with 25GB which is little for power backups but far enough for file sharing including an email client such as Thunderbird with a dedicated add-on to download directly to hubiC too heavy files to be attached.

    All depends if you’re a cloud aficionado or not. Personally I don’t backup to the cloud so no need of an integrated cloud backup desktop client (which is nevertheless available at hubiC). Moreover, being in Europe I tend to prefer EU-located servers, even with encrypted data because encryption toughness seems to be a relative concept when it comes to the skills of electronic ears, to express things with my characteristic innocence.

  8. kalmly said on May 26, 2016 at 2:59 pm

    I briefly had a Dropbox account. I thought they had too much access to my system, so I closed it. Sticking to the local hard drive method.

  9. Nebulus said on May 26, 2016 at 1:16 pm

    I don’t use Dropbox and as a result I don’t care about this too much.

    That being said, I think that using FUSE for an application that needs to manipulate/sync files is not a bad idea. If you want more information on FUSE, you can read here: http://www.linux.org/threads/fuse.6211/

  10. drop said on May 26, 2016 at 12:12 pm

    I don’t understand that diagram..
    So in short giving a program kernel access might break the computer?

    If that’s true I would migrate all my files to Google Drive, it gives larger storage too.

  11. Bree said on May 26, 2016 at 11:23 am

    Don’t forget Condoleezza Rice is still on the board. How much should we trust her? Dropbox can host my files. Nothing to hide there. But stay out of my system.

  12. CHEF-KOCH said on May 26, 2016 at 11:21 am

    I think this increase security because it’s harder to bypass without that you wouldn’t notice it.

  13. Tom Hawack said on May 26, 2016 at 11:14 am

    “With Project Infinite, Dropbox is evolving from a process that passively watches what happens on your local disk to one that actively plays a role in your filesystem.”, quoting the company.

    It’s like going steady with a gal and then start considering to share a flat. Ours in this scenario (her name is Dropbox, she wants more, you know?). You really have to think about it, even if you like the lady, sharing a flat is the true commitment.
    Bachelor speaking.

    1. Jason said on May 30, 2016 at 7:19 pm

      “Considering its size : easily” —> LOL, Tom! ^_^ I must remember this one.

    2. Jason said on May 30, 2016 at 7:17 pm

      For the benefit of a non-Windows user, how exactly would Windows 10 handle this kernel access request? I know there is an administrator password prompt when you try to install software. Would this prompt also grant the installed software access to the kernel, or would the user get a second, more explicit kernel access request at the time of first running the software?

      I know in Linux it would be a two-step process for sure. Actually you would get a password prompt every single time you ran the software. I doubt that’s happening in WIndows – and if it did I’m sure it would annoy the hell out of average users – but I’m curious.

    3. Pants said on May 26, 2016 at 12:13 pm

      Just wait until she gets pregnant, wants to get married, and keeps asking you if her ass looks fat!

      1. Tom Hawack said on May 26, 2016 at 12:59 pm

        So true! I remember a dialog in a famous French novel series called “San Antonio” where the lady asks her lover “How do find my butt?” and him answering “Considering its size : easily”.

        Morality : If you don’t intend to get married with Dropbox don’t start sharing a flat.

  14. Jeff said on May 26, 2016 at 9:49 am

    Yeah why not make use of whatever low level APIs the OS provides and forget about kernel access?

  15. Roebie said on May 26, 2016 at 9:43 am

    If “require” is the keyword Dropbox will loose a paying customer. There is no way I’m going to give any such application kernel access. I could as well give them my administrator password. I also seriously doubt that any serious system administrator would allow usage of Dropbox on any company network if kernel access is a requirement.

  16. Earl said on May 26, 2016 at 8:09 am

    Looks like a solution in search of a problem. Passively watching my files is all I’d want Dropbox to do.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.