![]() Only the recipient’s private key can decrypt it. The sender of a file uses the recipient’s public key (viewable by anyone) to encrypt it. This creates its own security and usability issues.Īsymmetric (public key) cryptography is more complex but also more secure because it uses two digital keys for each user – a private (secret) one that is never sent via any channel, and a public (non-secret) one. Instead, they either need to meet in person to share the secret, or share it through an alternative channel like a text message or phone call. The sender can’t securely send the secret and the file via the same channel because an eavesdropper could intercept both the file and the secret. The problem with password protecting files is that it’s a form of symmetric encryption, where the sender and recipient of a file use the same secret to access the file. It would need to be done correctly, though. End-to-end encryption would stop anyone other than the sender and recipient of a file from seeing it. While it’s obviously trying to promote its own service, it has a point. This wouldn't have happened if they used end-to-end encryption (see thread).- Tresorit June 24, 2019 In the recent #WeTransfer security incident, they were sending user files to the wrong recipients for two days. Rival service Tresorit was quick to jump on the incident: However I’m sure others are not so relaxed about it, bearing in mind the way the service is used! Thankfully we mostly use WeTransfer for sending and receiving brand photos for use on – so they’re mostly heading into the public domain anyway, and the worst that might happen is an embargo being broken for an upcoming event. “Almost certainly” won’t exactly fill people with confidence.īrown told Naked Security that the incident affected a batch of photos that a client had sent him on 16 June 2019. Our records show that these files have been accessed, but almost certainly by the intended recipient. We have learned that a transfer you sent or received was also delivered to some people it was not meant to go to. Not a good look from WeTransfer /Dh5Eu37Rwm- Jamie Brown June 21, 2019 The same day that the security notice appeared, Jamie Brown, CEO of fashion site Chicmi, tweeted a direct notification that WeTransfer had sent him: WeTransfer had blocked the links and logged users out of their accounts, it said. We are currently informing potentially affected users and have informed the relevant authorities. The issue began on 16 June 2019, the notice said, adding:Į-mails supporting our services were sent to unintended e-mail addresses. On 21 June 2019 WeTransfer posted a security notice warning of an incident it had discovered five days earlier on Monday 17 June 2019. It also offers a paid ‘Plus’ service that lets users password protect their files. The service, which became profitable in 2013, provides its free version through an advertising model. It has 50 million users sending a billion files each month, amounting to a Petabyte (1,000 Terabytes) of data. It’s an alternative to email services, which typically place limitations on file size. In the mean time, all we read about from day to day is 'This company hacked!' 'That company hacked!' 'This site hacked! 'That site hacked!' 'NSA hacked here!' 'NSA hacked there!' 'Trojan here!' 'Trojan there!' 'China hackers infiltrated here!' 'China hackers infiltrated there!'.Popular file transfer service WeTransfer faces embarrassment this week after admitting that it has mailed file links to the wrong users.įounded in 2009, WeTransfer enables users to transfer large files between each other for free. > Would you just listen to this! How many times have we heard this boastful claim over the past 3 decade I always imagine a New York mob enforcer proclaiming in a Brooklin accent 'Trust me. > HA HA HA HA HA HA HA HA HA HA HA HA HA HA! In the mean time, all we read about from day to day is 'This company hacked!' 'That company hacked!' 'This site hacked! 'That site hacked!' 'NSA hacked here!' 'NSA hacked there!' 'Trojan here!' 'Trojan there!' 'China hackers infiltrated here!' 'China hackers infiltrated there!'. Would you just listen to this! How many times have we heard this boastful claim over the past 3 decade? I always imagine a New York mob enforcer proclaiming in a Brooklin accent 'Trust me. ![]() HA HA HA HA HA HA HA HA HA HA HA HA HA HA! ![]() > Here's some copy from the Tresorit webpage: > You can also get an email notification once the file has been This has been working quite well with zero glitches. > However, I 7zip and password protect my files before uploading them The files are encrypted before being sent. I have been trying out the free service at Tresorit to send files
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |