Tuesday, October 7, 2014

Bash Shell Bug Doesn't Affect SendFilesSecurely.com



Over the past couple of weeks, server administrators have been rushing to patch a recently published software bug in the Unix Bash shell (more info). This bug is very serious as it allows an attacker to gain unauthorized access to the server and its resources. This bug is estimated to affect up to 50% of the world's web servers. 

Fortunately, Send Files Securely does not run on any of the affected server operating systems and therefore isn't (and has never been) vulnerable to this issue. Send Files Securely is committed to providing an easy, secure way to send files securely over the Internet and appreciates your support!

Friday, September 26, 2014

New SSL Certificate for SendFilesSecurely.com

There has been a lot of news lately about the use and potential weakness of SHA-1 in SSL Certificates (in part due to this blog posting from Google announcing their intent to sunset SHA-1 in the Chrome browser). In keeping up with the latest security standards and recommendations, Send Files Securely upgraded our SSL certificate today. The new certificate uses the recommended SHA-256 hashing algorithm. By proactively upgrading our SSL certificate, Send Files Securely continues to provide a safe and secure way to send confidential files over the Internet!

Wednesday, April 9, 2014

No Bleeding Hearts Here

Earlier this week, a vulnerability dubbed The Heartbleed Bug was identified in certain versions of the cryptographic library, OpenSSL (see www.heartbleed.com). Although many thousands of servers and websites were affected across the Internet, Send Files Securely was not affected by this since we do not use OpenSSL. 

Thank you for your continual support and use of our service for sending files securely!

Wednesday, April 2, 2014

Gmail Encryption Is Now Mandatory, BUT Is Your Email REALLY Secure?

In recent news, Google announced that it's email service, Gmail, will require all communications to be encrypted using HTTPS (http://www.cnet.com/news/gmail-encryption-is-now-mandatory). So, does using HTTPS mean your email is now secure? The answer is, it depends.

The option to use HTTPS has been a feature of Gmail for some time now. This news simply means that users no longer have an option to opt-out of the secure connections. Using HTTPS with your email provider is a good idea, whether you use Gmail or any other email provider. However, the encryption provided by your email provider usually* ends once the email leaves their servers. At that point, the email travels across the Internet unencrypted.

Despite this news, email is still just as inherently insecure as it's always been. One day that might change. But until then, use Send Files Securely to send secure file attachments.

*Although the technology exists to encrypt email between servers, it's not widely used.

Saturday, February 8, 2014

Don't email your tax documents!

It's that time of year again... time to gather your financial documents and send them to whoever is preparing your taxes. But wait! Don't send them in an email!

Email is inherently not secure. Just as you wouldn't send your social security number and other financial details on the back of a post card, you shouldn't use email for confidential information. Instead, use Send Files Securely to upload your files and send your tax preparer the link to your files. This way your files will be securely encrypted during upload, storage, and download. And don't forget to add a password to the files you upload. This ensures that only they will be able to download the files. Sending the link to your files is ok to do over email, just be sure to give them the password by some other means (e.g. phone, in-person, text message, etc.)

Bonus Tip - If you have many documents, compress them into one .zip archive file so you only have to upload and send one file instead of many!

Visit www.SendFilesSecurely.com to send your files securely for free!