Helping people with computers... one answer at a time.
Dropbox recently announced that you could send a web-accessible public link to anything anywhere in your Dropbox. I'll look at the security implications.
Dropbox recently announced that you can now share files and folders already in your Dropbox with a public link.
Previously, you could only share those files and folders you had explicitly placed in a specific public folder within your Dropbox. Now, you can link to any file anywhere in your Dropbox.
Anywhere. And I'll admit that made me nervous.
Until a friend pointed me at something that Dropbox failed to mention in their announcement.
The concept that everything in my Dropbox might have a publicly accessible link was more than a little disconcerting. Even though the links are clearly very obscure - as we'll see momentarily - that would still amount to "security by obscurity" which amounts to simply hiding things in the hope that no one would find it.
Fortunately, that's apparently not what's happening here.
It appears that the process of getting a link to an item that you want to share actually creates the link - meaning that the link simply doesn't exist until you do that.
In other words, the only things that are publicly accessible are those things in your Dropbox for which you explicitly create a link.
And even then, you can later invalidate the link.
Browsing your Dropbox contents on the Dropbox website, you can now right-click an item and click the new "Get link" menu item:
Click that and you'll actually be taken to a link for the item:
The link can then be copied from your browser's address bar.
In the example above, the link is to:
You'll note that the generated link is very obscure - there's no easy way to guess the link. It also uses https, which I appreciate.
In most of the Dropbox applications on PCs, Macs, and mobile devices, a similar Get link option has been added so you don't even need to go to the website. In Windows, for example, just right-click the item and click the Dropbox sub-menu.
(Note: As I was testing this, the Get link option was not available for items in my Photos folder. However, if I viewed the image on the website, then a Get link item was available at the bottom of the page.)
But it gets better.
You can remove the links that you've created. (Big thanks to my friend Steve over at Mac Help For Mom for pointing this out.)
If you view your Dropbox on the web, you'll see a link labeled Links:
Click that and you'll get a list of all of the links that you've created:
Note the Remove link.
Each link can be individually removed.
Once you remove a link, the item is no longer accessible.
In my opinion, a perfect addition to the sharing solution.
As with all online services, uses common sense when sharing - or even choosing what it is you want to place into your Dropbox.
For example, don't share a folder (yes, you can share an entire folder) that contains a bunch of private things in addition to the one picture that you're actually interested in sharing.
Realize that, should your Dropbox account be compromised, the person with access will be able to access everything in it.
But when used sensibly, Dropbox remains a great way to share files and folders between computers, and now even share files and folders with anyone who has internet access.
Share your stuff with a link! - Dropbox Blog, April 23, 2012.