April saw Dropbox announce “Project Infinite”, a “new technology” from the company designed to more closely integrate its cloud storage platform with customer systems. This week Dropbox revealed that Project Infinite is implemented as a kernel extension on OS X, dooming it immediately with IT admins everywhere.
In a post on its technology blog, Dropbox’s Damien DeVille provided more details on Project Infinite and its implementation on Windows and Mac. For Windows, Dropbox will use less-intrusive copy hooks to piggy-back on file system operations.
However, on OS X, the company had to resort to a kernel mode extension to get the integration it wanted.
Unfortunately, any IT administrator worth their salt would never give an application kernel access unless absolutely necessary. It can be justified for anti-virus programs, but a cloud storage app like Dropbox? The risks outweigh the benefits.
There’s a good reason Microsoft adopted its User-Mode Driver Framework (USMF) and Windows Display Driver Model (WDDM) for Windows Vista onwards. The whole point of these technologies was to move code out of kernel space and into user space to limit the damage a poorly-written driver code do.
Even the likes of NVIDIA and AMD, with high-performance graphics drivers, have as much code as possible in user-space. This is why a graphics driver crash on Windows no longer results in a BSOD, but a brief black screen and driver restart in a majority of cases.
I’m sure Dropbox has the best intentions and being closer to the metal is always going to give you more performance, but giving Dropbox kernel access is just a bad idea, one wholly unnecessary considering what it’s used for.
Despite Dropbox’s assurances regarding security and stability, you simply cannot run the risk of having what is mostly a convenience / performance feature bring down the entire system.
Going deeper with Project Infinite [Dropbox]