This is still an issue in 2023. Dropbox and Google Drive aren't new, and ironically Megaupload is now a Dropbox/Drive competitor Mega + Rapidshare is long dead. But emailing files or physically sharing on a USB drive is still the best way to share files ad-hoc. Dropbox etc does work, but you have to make a new account and mess around with settings and permissions.
WebRTC has been supported in browsers for at least 10 years.
To that end you can use a website like https://www.toffeeshare.com/ to send files directly to another person via your browser via a P2P connection, without an account.
Because its remaining an issue enables "value extraction". Magic wormhole would work if people knew about it but somehow software that promotes itself by honest word-of-mouth has difficulty competing with software that is bundled with Windows or is made by the world's largest advertising corporation.
I would argue the installation of magic wormhole is hard. Python is a pain and usually scares me away from installing it. I dont want python pooping all over my system.
There is no release artifact that I can easily open and run on the github page.
Wetransfer is exactly made for this purpose. Or if you have Apple and the file is not larger than 5GB, it’s sent through Mail Drop which does the same thing but seamless.
I was almost going to mention Drive and OneDrive and iCloud, but I realized that these are not secure sharing methods, unless your target audience also has accounts on the same cloud service. You can share to "anyone with the link", and practice security through obscurity.
This isn't security through obscurity at all, the links contain a random secret and aren't public. You might as well say a password is security through obscurity because it can be guessed...
Anyone who has the link can access the file. There is no authentication. It's only as "secret" as the email you put it in, or the Zoom chat room it was dropped into, or the web page it is published in.
The shared links do not contain a secret at all. The base64-encoded part of the link is the file object's UUID! Look at it as you copy a shared link, vs. seeing it in the URL bar. It doesn't change as you edit the file, move it to another folder, or share it out. It won't go away until you've deleted the file! If you notice that someone has a link and they shouldn't have it, then you'll just have to copy-paste the content into a new document, and throw the compromised one in the Trash. Goodbye, revision history and all metadata.
Common use cases involve sharing to groups of people, you know, more than one person who might keep a "secret"? What if you've shared a link to 30 people, how do you ensure that 31 can't open it?
"Three men can keep a secret, if two of them are dead."
As opposed to passwords, which people know are secret[citation needed], links are shared. I mean, Google Drive literally calls it "Sharing", so who will stop sharing after the intended recipients have got it?
I think this is my biggest issue with the enterprise file sharing solutions; it's way too hard to manage access to files and to do simple sharing. like at face value it seems easy if you just want to drop a file to a friend or coworker, but it gets much more difficult when you want to actually enforce any controls on it.
Sharepoint and Google drive really feel like they have gone out of their way to make the permissions scheme as convoluted as possible, and it's never clear for me whether I've shared it in a way that permissions can propagate from those I shared it with or not. sometimes I can further share a received Sharepoint document without issue, other times I cannot, and I don't know what the difference is. some of my shared docs that are only shared with specific users can be shared freely apparently, other times when it gets shared further I get automated emails with access requests, even though the public access list is disabled/empty on both cases.
I really wish that the user:group:world wide model was the basis for these permission schemes and it was easier to just set people/groups and the specific actions they can take on a shared file/document. I get why the companies call it sharing, but it shouldn't be thought of as sharing, it should be Grant Access. I think it gives a better mindset for what you're actually doing, and the design should be around the idea you're giving access, not sharing, which is not the same thing to me.
At the risk of not fully slaking your thirst for orthogonality, I discovered just now that Google Drive does indeed have user:group:world access control. You can share to specific users with Google accounts. You can also share with a group: https://support.google.com/a/users/answer/13004062?ref_topic...
I was rather shocked to learn that the mechanism for creating groups, in the sense of access control, is the Google Groups product, also known as collaborative forums, or one of Usenet's modern homes. And this feature works for individual users as well as Workspaces for Business. I just created a Google Group consisting of my three personal accounts, and I shared a Doc with them!
The three levels of sharing persmissions on Drive are: "View", "Commenter", and "Editor". The second level also permits "editing suggestions" which will prompt the Doc owner to accept or reject. These also have semantics for folders.
And then, there is a little options-gear where you can twiddle additional permissions for certain levels of access. In my personal account, they're permissive by default. Meh.
