Sharing files?

ds38432

Hi,

I'm evaluating Boxcryptor vs Spideroak. I really like the concept and flexibility of Boxcryptor, but there are some insurmountable drawbacks.

The main one is that I can't share a file with a non-boxcryptor user. Yesterday I had to send my payslips to a credit card company. Rather than attach them to emails, I used the Spideroak feature to share them, which generated a unique temporary link that expires after 3 days. The recipient just has to click on it and the download starts - no authentication, etc.

I try the same for Boxcryptor, and it says that the user does not exist - I have to create an account for them. This is just not going to happen for anyone who is not already a Boxcryptor user - hence I can't use it.

Similarly sharing folders for download only - I can create sharerooms in Spideroak that anyone can access with a room name, and password - but with Boxcryptor, again, impossible.

Is this likely to change anytime soon, or is a matter of policy that you will not offer this? I imagine it's technically feasible, by creating a temporary internal user for that share URL, and using that user's private key to decrypt the shared folder when someone clicks on the link. It obviously breaks the Zero Knowledge model, but I imagine that's a risk mitigated by the temporary nature of the share.

ds38432

Also - I imagine that if the user account private key is encrypted with the password provided to create the share, then as long as the password is strong, zero knowledge is still maintained. Similarly if the unique URL for authentication-less shares contains a password.

Sorry - I'm starting to get into speculative system design now. What I wanted to know, is whether this is ever going to happen.

Thanks!

ds38432

Bump?

Richard Hess

Hi ds38432,

thanks for your feedback and your feature requests.

We'll discuss your thoughts internally.
Unfortunately we are working on many projects at the moment.
Thus I am not able to name any date on this.

Kind regards,
Richard