What Do You Use? - Send/Receive Large Files, Securely
-
For a direct send of large files, without anything to install anywhere, https://instant.io/ is really cool
In a more corporate env and keeping files after (shares etc.), owncloud/its new fork.
-
I know the person who hosts this.
All files wiped after 48 hours. Everything encrypted. Surprisingly fast bandwidth too.
-
@Breffni-Potter What do you mean "everything is encrypted?" That site provides zero details. Do you mean they use HTTPS? They encrypt in storage? If so, what type of encryption? What about the keys? etc. It's a pet-peeve of mine when I see something claim it's "secure" without any explanation. I've seen many of these services buy a $10 SSL cert and then claim they are encrypted and therefore secure.
-
@Andy44 said
@Breffni-Potter What do you mean "everything is encrypted?" That site provides zero details.
Sure. I'll ask the creator for the exact specs.
@Andy44 said
It's a pet-peeve of mine when I see something claim it's "secure" without any explanation.
But how can you be worried about the technical security when you recommend a service which has no credibility?
https://www.sendfilessecurely.com/default.aspx
Who are they? Where are they based? Can I trust them? They are saying a lot of the right things technically but like...yikes. They want people to trust them with every confidential record under the sun but there are lots of very big questions.
-
@Breffni-Potter The site I listed is as credible as any other site. At least they have contact info, details about their security (https://www.sendfilessecurely.com/technical-security-overview.aspx), where they are based/hosted (https://www.sendfilessecurely.com/where-are-files-stored.aspx), etc. I get that sites like the one you listed are going for the "minimalistic" look and feel, but come on... no contact info, no details, just a statement that they are fast, easy, and secure.
-
@Andy44 said
@Breffni-Potter The site I listed is as credible as any other site. At least they have contact info, details about their security
The links you have posted don't have any credibility.
Where is the contact info and details about the company?
Any site which wants to take credit card details needs a LOT more credibility than an obfuscated email at the bottom of the site. The site has risky written all over it, from the suggestion you use it for your most confidential data, to it's invisible presence.
@Andy44 said
but come on... no contact info, no details, just a statement that they are fast, easy, and secure.
Yes, a statement from me. It is a free website which lets you use up to 1GB. The owner of said site is a good personal friend of mine. It is available for anyone to use. No one is forcing you to use it.
-
We're using a self-written one-time uploader.
Step 1: User or customer is using a form on a HTTPS protected site to
- Enter his mail address
- The recipients address (restricted to our team) and
- Upload a file
Step 2: Recipient gets a mail with a one-time link
Step 3: Within 7 days the recipient can download the file exactly one time. It will be deleted as soon as the last byte has been sent.
Step 4 (optional): In case the file wasn't downloaded within 7 days, it will be deleted by the system. Sender and recipient will get a notificationWasn't written by me, but should not be too complicated.
-
@thwr said in What Do You Use? - Send/Receive Large Files, Securely:
We're using a self-written one-time uploader.
Step 1: User or customer is using a form on a HTTPS protected site to
- Enter his mail address
- The recipients address (restricted to our team) and
- Upload a file
Step 2: Recipient gets a mail with a one-time link
Step 3: Within 7 days the recipient can download the file exactly one time. It will be deleted as soon as the last byte has been sent.
Step 4 (optional): In case the file wasn't downloaded within 7 days, it will be deleted by the system. Sender and recipient will get a notificationWasn't written by me, but should not be too complicated.
Ah, what I forgot... In case you want to send someone outside the file (so not receiving), you need to send it to yourself. Just forward the mail / link to the intended recipient et voila. Not works as good as a workaround
-
In the past, I've used zend.to to exchange files with clients.
-
@Breffni-Potter Right and no one is forcing you to use the site I mentioned. Iām not sure why you are so hung up on this. I listed multiple options. I mentioned that there are many similar services to choose from. I selected one that from a security perspective appears to be doing everything right (at least as much as one can expect from this type of service).
On the other hand, you said everything was encrypted on the site you mentioned, so I asked what that meant specifically. I assumed you might know since you know the guy. So far, I've heard nothing about it.