I know I'm probably the last one here to have heard of this, but...
-
Basefolder[^] is bluddy cool! No storage limits (it's on your HDD!), no nags, way less risk, etc. than DropBox, gdrive, or (security horror of horrors) onedrive. Just set up a new, ne'er to be used elsewhere e-mail address for it, install it on a machine you never switch off, and Bob's yer mascot! Hopefully, the android ES File Manager boys will add it as a "share to" destination, soon, but its own android app is usable enough.
I wanna be a eunuchs developer! Pass me a bread knife!
Another option: Any one use BitTorrent Sync? (I do.) Cloudless, fast, secure (as if there were such a thing), mobile clients, sharing. What's not to love (i.e. why is BitTorrent Sync evil too)?
-Man of Code
-
And what's the difference between installing this and setting up an FTP service on your machine? It sounds to me as if basefolder is just a (much) simplified FTP service.
d.shapiro wrote:
It sounds to me as if basefolder is just a (much) simplified FTP service.
And not even SFTP.
-
d.shapiro wrote:
And what's the difference between installing this and setting up an FTP service on your machine?
I would imagine that the FTP server is under your own control and not reliant on a third party website.
-
Another option: Any one use BitTorrent Sync? (I do.) Cloudless, fast, secure (as if there were such a thing), mobile clients, sharing. What's not to love (i.e. why is BitTorrent Sync evil too)?
-Man of Code
This looks like a snoopers dream. Get access to several computers with the full assistance of the user. No need to set up an expensive cloud storage system to lure them in. What's to say they aren't renting out space on your machine as cloud storage. I like to keep my stuff private thank you very much. Can't beat an air gap.
I may not last forever but the mess I leave behind certainly will.
-
And what's the difference between installing this and setting up an FTP service on your machine? It sounds to me as if basefolder is just a (much) simplified FTP service.
d.shapiro wrote:
And what's the difference between installing this and setting up an FTP service on your machine?
The difference? All your files don't go through a third party's servers on the way to your computer, where they can be conveniently snooped or duplicated without your knowledge. They go though the ftp server, but you control that and the machine it runs on. Also, there's no convenient third party that somebody can coerce into providing them access to your files without your knowledge. From a security perspective, there's a big difference between the two.
We can program with only 1's, but if all you've got are zeros, you've got nothing.
-
This feature can be turned off. Go to the OneCloud systray icon - check settings - "Let OneDrive fetch all files on my computer"
I know. But the reasoning behind it being on by default is...?
I wanna be a eunuchs developer! Pass me a bread knife!
-
Mark_Wallace wrote:
There's no background app/service (google drive requires two, for god-only knows what "not evil" reasons).
Oh elephant crap. If you're able to go to www.somewebsiteyoudontown.pwndyou and download files off your home computer there has to be at least one application running on your home computer to send you the files. The fact that they don't say anything about how it works in their FAQ has my paranoia flag running up the flagpole next to _Maxxx_'s. The biggest question I've got is if they store an index of all the files you're sharing on their site or not. They say they don't store any personal data; but when they explicitly list what personal data they don't store names/metadata of your files isn't listed...
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, waging all things in the balance of reason? Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful? --Zachris Topelius Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies. -- Sarah Hoyt
Dan Neely wrote:
If you're able to go to www.somewebsiteyoudontown.pwndyou and download files off your home computer there has to be at least one application running on your home computer to send you the files.
Yeah. It's called an Internet browser. When you close the window/tab, the site is closed. This isn't like DropBox, in that it copies all files to all machines. I repeat: There is no background app/service. I looked for one, and if I didn't find it, then it doesn't exist. They cannot do anything that cannot be executed by a web browser, and I don't know about you, but I have three separate programs that keep an eye out for suspicious web-page activity.
Dan Neely wrote:
The biggest question I've got is if they store an index of all the files you're sharing on their site or not
Of course they do, so that they can present it to you when you open the site in a web browser. If you think that a list of files attached to an (anonymous) e-mail account is somehow dangerous, then you probably ought to stop drinking so much coffee. And let's bear in mind what the other options are, eh? The google drive thing, for example, retains the content of your files, attaches them to an account (which you have to verify, by providing your telephone or credit-card number), which stores way too much information about you, and links them to just about everything you do on the Internet. It also requires you to install a number of programs on your system, at least two of which are running constantly, doing whatever the Hell they like, because, well, because you installed them, so it's your fault if they do things you don't like. BaseFolder doesn't even try to find out who you are; all it asks for is an e-mail address and a user-name, neither of which have to be connected to your off-line life or to any other thing you do/have on the Internet.
I wanna be a eunuchs developer! Pass me a bread knife!
-
Mark_Wallace wrote:
There's no background app/service (google drive requires two, for god-only knows what "not evil" reasons).
Oh elephant crap. If you're able to go to www.somewebsiteyoudontown.pwndyou and download files off your home computer there has to be at least one application running on your home computer to send you the files. The fact that they don't say anything about how it works in their FAQ has my paranoia flag running up the flagpole next to _Maxxx_'s. The biggest question I've got is if they store an index of all the files you're sharing on their site or not. They say they don't store any personal data; but when they explicitly list what personal data they don't store names/metadata of your files isn't listed...
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, waging all things in the balance of reason? Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful? --Zachris Topelius Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies. -- Sarah Hoyt
OK, looking on the "server" machine into services that aren't running (because it does seem pretty weird that it manages to do everything using only the browser), I found upload/download/sync services, and a bunch of XML config files. Three of the config file are just file listings, and I presume that they are copied to/from their server to display the file listings. The fourth one contains all the personal information. Here's its (redacted) content:

<BaseFolderPath value="[redacted]" />
Note that I didn't have to redact the e-mail address, because it wasn't there, and the user and computer IDs were numeric. I have yet to find anything at all on "client" machines -- I've accessed files from Windows, Android, and iOS machines. Nothing is installed on them, I've found nothing copied into them, other than the files I copied, and everything is done exclusively through the web-app, in a browser window. And, just like the "server", all the web-app asks for is an e-mail address and a user name/password combo.
I wanna be a eunuchs developer! Pass me a bread knife!
-
OK, looking on the "server" machine into services that aren't running (because it does seem pretty weird that it manages to do everything using only the browser), I found upload/download/sync services, and a bunch of XML config files. Three of the config file are just file listings, and I presume that they are copied to/from their server to display the file listings. The fourth one contains all the personal information. Here's its (redacted) content:

<BaseFolderPath value="[redacted]" />
Note that I didn't have to redact the e-mail address, because it wasn't there, and the user and computer IDs were numeric. I have yet to find anything at all on "client" machines -- I've accessed files from Windows, Android, and iOS machines. Nothing is installed on them, I've found nothing copied into them, other than the files I copied, and everything is done exclusively through the web-app, in a browser window. And, just like the "server", all the web-app asks for is an e-mail address and a user name/password combo.
I wanna be a eunuchs developer! Pass me a bread knife!
Mark_Wallace wrote:
Three of the config file are just file listings, and I presume that they are copied to/from their server to display the file listings.
That was what I was getting at. Depending on what they are, your file names/directory structure in and of themselves could be an information disclosure; so if they upload/store the list is a potential concern. From the other direction, if you have a lot of files (especially if in a flat structure) pulling a full listing from your home PC to the remote one if not cached on their server could add noticeable latency over a slow connection. One that didn't occur to me earlier is that when you get a file off your home PC from a remote one, are you establishing a direct connection between your two PCs for the transfer; or is their server man-in-the-middling the transfer. The fact that they didn't realize that some privacy conscious people would care about these things enough to put them in their faq makes me worry that they only gave lip service to privacy in their implementation and six months from now we'll be reading about a presentation in a major security conference that pwned the platform a dozen ways over.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, waging all things in the balance of reason? Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful? --Zachris Topelius Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies. -- Sarah Hoyt
-
I know. But the reasoning behind it being on by default is...?
I wanna be a eunuchs developer! Pass me a bread knife!
They're optimizing the user experience for customer service reps who'd otherwise have to help Joe "where's the anykey" Sixpack make it work. Or more likely Joe calling after drinking a sixpack to curse them out before going to a competitor instead.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, waging all things in the balance of reason? Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful? --Zachris Topelius Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies. -- Sarah Hoyt
-
Mark_Wallace wrote:
Three of the config file are just file listings, and I presume that they are copied to/from their server to display the file listings.
That was what I was getting at. Depending on what they are, your file names/directory structure in and of themselves could be an information disclosure; so if they upload/store the list is a potential concern. From the other direction, if you have a lot of files (especially if in a flat structure) pulling a full listing from your home PC to the remote one if not cached on their server could add noticeable latency over a slow connection. One that didn't occur to me earlier is that when you get a file off your home PC from a remote one, are you establishing a direct connection between your two PCs for the transfer; or is their server man-in-the-middling the transfer. The fact that they didn't realize that some privacy conscious people would care about these things enough to put them in their faq makes me worry that they only gave lip service to privacy in their implementation and six months from now we'll be reading about a presentation in a major security conference that pwned the platform a dozen ways over.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, waging all things in the balance of reason? Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful? --Zachris Topelius Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies. -- Sarah Hoyt
Dan Neely wrote:
Depending on what they are, your file names/directory structure in and of themselves could be an information disclosure
Sure, but -- I can't speak for you, obviously -- not many of us run Bloomberg, and the kind of "information disclosure" someone could get from the filename "Nipper's fourth birthday.mpg" ain't gonna ruin your life.
Dan Neely wrote:
From the other direction, if you have a lot of files (especially if in a flat structure) pulling a full listing from your home PC to the remote one if not cached on their server could add noticeable latency over a slow connection.
Um, I don't see that as something to lose sleep worrying about. I sometimes have to wait 10-15 seconds for CP pages to load. C'est l'Interwebs. Looking into the sync executable on the "server", I'm seeing a lot of soap statements (which you'd expect, since it's a web service), but I really don't have the desire to spend energy digging harder to find what transfer protocols or routing they're calling. On the "clients", you just get an aspx file in the browser, so there's not much to see. I don't have full network tracking on this (relatively new) machine, but when I download a file I don't see a new connection coming from basefolder.com, so it's very possible that it's a direct connection (and the speed is really high, too). AFAIK, DropBox et al route everything through their servers, when synching.
Dan Neely wrote:
The fact that they didn't realize that some privacy conscious people would care about these things enough to put them in their faq makes me worry that they only gave lip service to privacy in their implementation and six months from now we'll be reading about a presentation in a major security conference that pwned the platform a dozen ways over.
Oh, come on; that's just daft. It's a minimalist web-site, with a product for "the common man". They ain't gonna go into huge levels of technical detail in an FAQ, because their consumer base won't Ask such Questions Frequently, and, as I imagine you know, getting too techie on mere mortals frightens them away.
I wanna be a eunuchs developer! Pass me a bread knife!
-
They're optimizing the user experience for customer service reps who'd otherwise have to help Joe "where's the anykey" Sixpack make it work. Or more likely Joe calling after drinking a sixpack to curse them out before going to a competitor instead.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, waging all things in the balance of reason? Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful? --Zachris Topelius Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies. -- Sarah Hoyt
I was thinking more "Because the NSA insisted".
I wanna be a eunuchs developer! Pass me a bread knife!
-
I upgraded to Office 2003. It works much better -- no ribbon, twice as fast, and no NSA back doors.
I wanna be a eunuchs developer! Pass me a bread knife!
-
They're optimizing the user experience for customer service reps who'd otherwise have to help Joe "where's the anykey" Sixpack make it work. Or more likely Joe calling after drinking a sixpack to curse them out before going to a competitor instead.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, waging all things in the balance of reason? Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful? --Zachris Topelius Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies. -- Sarah Hoyt
-
Why not paper and pencil? Why not a banana?
I wanna be a eunuchs developer! Pass me a bread knife!
-
Why not paper and pencil? Why not a banana?
I wanna be a eunuchs developer! Pass me a bread knife!
-
Dan Neely wrote:
waging all things in the balance of reason
Did you really mean that, or did you mean "weighing..."? Maybe you are waging war on reason? :laugh:
I lean toward a translation error; but since the original is in a book in a language I can't read I have no way to confirm it. When I set the sig I struck out on finding an English translation of the whole book; and I don't know any Finish speakers who owe me enough a big enough favor to ask them to read an entire book to find the original. I got it from the Introduction[^] to another song[^] on an album. "Waging" is used on the recording, the online lyrics[^], and IIRC the album liner (but I'm not going to dig that out of the box now to post a picture of it).
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, waging all things in the balance of reason? Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful? --Zachris Topelius Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies. -- Sarah Hoyt
-
Basefolder[^] is bluddy cool! No storage limits (it's on your HDD!), no nags, way less risk, etc. than DropBox, gdrive, or (security horror of horrors) onedrive. Just set up a new, ne'er to be used elsewhere e-mail address for it, install it on a machine you never switch off, and Bob's yer mascot! Hopefully, the android ES File Manager boys will add it as a "share to" destination, soon, but its own android app is usable enough.
I wanna be a eunuchs developer! Pass me a bread knife!
y agreeing to our terms of service, you hereby grant basefolder the license: To use, copy, transmit, distribute, store and cache files that you choose to store and/or share. To copy, transmit, publish, and distribute to others the files as you designate, whether through the sharing or public linking features of the Service, in each case solely to provide the Service to you I am not sure about this part of the agreement...
-
Because neither of those give you a similar user interface plus support for modern file formats?
But bananas give you niacin, which we've already established to be the panacea, and writing/drawing manually are good for hand-to-eye co-ordination, so can be instrumental in helping to stave off cerebral problems, but Libre office has absolutely no health-giving properties whatsoever.
I wanna be a eunuchs developer! Pass me a bread knife!
-
y agreeing to our terms of service, you hereby grant basefolder the license: To use, copy, transmit, distribute, store and cache files that you choose to store and/or share. To copy, transmit, publish, and distribute to others the files as you designate, whether through the sharing or public linking features of the Service, in each case solely to provide the Service to you I am not sure about this part of the agreement...
Attn: - "Files that you choose" - "As you designate". They can't send your files to your other machines if you don't give them permission to send your files.
I wanna be a eunuchs developer! Pass me a bread knife!