Breaking

Thursday, February 14, 2019

Security: Best ways to share files securely

Keep your files safe when sharing online


The internet is made for sharing and it’s perfectly understandable that the moment you snap a picture of a new addition to the family, or some other unmissable photo, you want to show it to your loved ones. Or you might want to share critical documents with work colleagues.

How can you make sure that whatever you share is seen only by the people you choose? Simply placing a password on files won’t always do – as you’d need a way of sending the password to the recipient securely in the first place!

In this article, we’re going to explore some quick and simple options for sharing your files safely over the net. These are not exclusive so don’t be afraid to combine them if necessary, or look into other ways to share files safely, too.

We’ve picked out the best cloud storage providers of 2019

1. pCloud


A cloud storage solution is one convenient way to share your files online, and our pick of the bunch is pCloud. There doesn’t appear to be any limit to the size of files you can upload to pCloud, so that makes it ideal not just for syncing files, but syncing large ones – and sharing them with whoever you want.

In terms of security, you need to pick up the pCloud Crypto feature which costs $4.99 per month and provides client-side encryption to password protect files as they speed across the net.

Another strength here is the wide range of supported devices, including Windows, macOS, Linux, iOS and Android hardware, plus there’s a web platform to boot. With pCloud, you get 10GB of free storage to kick-off, plus more can be obtained via referrals (up to 20GB), and naturally, there are premium subscription plans on offer (including a lifetime option).

You can sign up for pCloud here

2. Password protection


Many applications such as the cross-platform word processor LibreOffice Writer contain an option to password protect documents. Usually, you’ll be asked to type in the password twice to make sure it’s entered correctly. Note it down carefully.

The specific steps you need to follow plus the strength of the encryption used will vary depending on the piece of software in question. Check with the developer (look for the support section of the website) if you need help with anything. Ideally, documents should be protected with at least 128-bit AES encryption.

You will, of course, need a way to send the password to the recipient securely after sending the file.

3. PGP/GPG


 PGP and GPG are two programs which make use of public key cryptography to send files securely.

They get around the problem of having to send someone the password of a file you’ve encrypted by using a ‘public key’ to encrypt documents and a ‘private key’ to decrypt them. Your private key never leaves your computer but anyone can use your public key to send you files.

Setting this up can be tricky for less tech-savvy types. The easiest way is probably to install the cross-platform email client Mozilla Thunderbird, then use the free add-on Enigmail which has a handy step-by-step wizard.

You can download Mozilla Thunderbird here and Enigmail here

4. OTR


OTR (Off the Record) messaging is a feature that can be added to a number of messaging programs such as the cross-platform app Pidgin.

Messages are encrypted before leaving your machine, so you can safely send files to your correspondent. You can also use security codes to make sure no one is sitting between you and them, intercepting your messages (known as a ‘man-in-the-middle’ attack).

OTR messaging is available as a plug-in for Pidgin, as mentioned, but is also built into other messenger clients such as Signal for Android and iOS.

You can download Signal here

5. One-Time Pad


To use a One-Time Pad, first, you must create a list of random numbers by rolling dice or using a computer. Your correspondent does the same, then you both meet and give each other a copy of the pads.

When you want to send your correspondent a file, you can then combine the random data in the pad with it, and send. The recipient can then use their copy of your pad to take away the random data to reveal the file.

This is tricky to get right, but theoretically, it’s perfectly secure. There are a few programs as listed here, such as the Paranoia plug-in for the Pidgin messaging app, which can automate the process for you.

See our guide on using a One-Time Pad on the Raspberry Pi here.

You can download Pidgin here and the Paranoia plug-in here

6. LastPass


LastPass is an excellent service which stores all of your usernames and passwords in one place. One of its niftiest features is that you can choose to share a login – say, for Google Photos – via email.

Part of the beauty of LastPass is that if you choose you can allow your correspondent to log in and access files without them seeing the password. Your connection is also protected by SSL so there’s very little chance anyone could connect to your data in the same way. In short, this is one of the most respected password managers out there, and with good reason.

You can download LastPass here

7. Snapchat


Snapchat users will be aware that photos sent over the app theoretically self-destruct after a certain length of time. The recipient can take a screenshot of important information, however, and you’ll receive a notification that this has been done.

Snapchat updated its terms and conditions in 2014 to say that the firm may store copies of images you send. Ideally, you should use this app in combination with another of the methods listed here – for instance, you could encrypt a spreadsheet and send via email, then transmit the password separately via Snapchat. Splitting the file and the key in this way means only your correspondent will be able to view the data.

You can download Snapchat here

8. Resilio Sync


Resilio Sync (formerly BitTorrent Sync) synchronizes files using the BitTorrent protocol. The advantage of this is that instead of having to share files via a cloud service like Dropbox, files can be synced directly between two devices.

Provided both your device and your correspondents are online, files can be shared in real-time and the connection is secured by 128-bit AES. BitTorrent is particularly good for sharing large files and folders as it was originally designed for that purpose. More devices can be added to share files with others if you wish.

The app is available for Windows, macOS, Linux, Android, and iOS. The client is not open source so there’s no easy way for security experts to check the code used for any vulnerabilities.

You can download Resilio Sync here

9. SSH


SSH (Secure Shell) is a network protocol which establishes an encrypted tunnel allowing people to log in to a computer remotely. It can be used to upload and download files as well as run commands on the target computer.

If you have a server, you can give your correspondent their own username to log in and access files you’ve uploaded. Alternatively, you could create an account for them on your own machine so they can connect to you.

Mac and Linux users will be pleased to hear they can use SSH directly from the Terminal app. Windows users can download the free program Putty to do the same.

You can download Putty here

10. SFTP


Continuing the trend of obscure acronyms, SFTP (Secure File Transfer Protocol) is an extension of the SSH protocol used specifically for transferring files. In order to make use of it, you need to have access to a server, for instance by renting one from a provider like Hosted FTP.

You’ll be supplied with a username and password that you can use to connect and upload/download files. Most operating systems integrate FTP into the file explorer so you can move, edit and copy files onto the server just as you would with an ordinary folder. Although the connection is encrypted, documents stored on the server aren’t, so consider protecting them with a password before uploading.

We also show you the best ways to share big files

No comments:

Post a Comment