Under review

Restrict access to uploaded files, now they are downloadable freely from the internet.

Dime Nastov 6 years ago updated by Stan Kardach 3 years ago 9

Hi Ryvers!

You have created the most useful communication tool we have ever tested and kudos for making it free!

We have two major concerns:

  • Can’t install it on premise.
  • Uploaded files go to Amazon cloud and are accessible by simply sharing the link even to people that are not members or guests to our Ryver organization.

Solving either of these concerns would resolve the other – if we had on-premise installation we could host our files locally, and if the uploaded files were encrypted or hosted in directories that are not publicly accessable from the internet we would not have issue with Ryver not being on-premise.

I would propose two types of solution that would not require on-premise installation:

  • A quick and dirty fix in the form of a checkbox that allows the administrator to disable all file uploads for everyone (at least untill the second solution is implemented).
  • Some sort of cookie or session authetication that would allow file download from the amazon storage only if the user is currently logged onto our Ryver. This can be further extended to special group file access but I understand that that can take some more time to develop.

You have made communicating and sharing ideas and files so easy that I am sure I would not be able to put forward policies on which files should and shouldn’t be shared in Ryver, so why limit people when we can make it secure and let them communicate freely.

I wish you all the positive energy in the universe and I hope you get the success you deserve!

Under review

While it is true we store files on Amazon S3, please note that we store them in a "Private" S3 bucket, so they are not discoverable just by browsing/searching the internet. Additionally, we prefix each filename with a random string prefix that would make it essentially impossible by today's hardware standards to hack your way into. It's like having a really good username/password on each file. And if you have access to one file, it does not get you any closer to accessing another file.

By doing it this way, it's still easy for you and your teammates to share links to files inside or outside of Ryver, yet retains enough security to prevent outsiders looking at your stuff. Admittedly, if somebody on your team shares the link to somebody outside of your organization, then it can be accessed. Our thought on that was that the same would be true of somebody emailing a file...once that file is out in the wild, you have no control over who is emailing/sharing it with other people.

All that being said, I do understand that some people are not happy with this explanation or approach, and demand authenticated access to files. It's something we have talked about providing in the future, but I don't have a timeline for that option just yet.

We're having a separate internal discussion about what it would take to provide an Admin option to not allow file uploads.

Having the ability to turn off external linking of the file, thus requiring that it be viewed within Ryver (or downloaded on to a members computer/mobile device) would suffice this.

But if I get you right Dime you can not prevent user if he wont to send something out. He will simple download something and then upload it in the wild.

So sad to read this.

A file shared in a team MUST BE closed and access restricted with a login request. It must be protected by link sharing outside the team!

Please team, take in mind this.

Wow! Tested and a surprise! The files are accesible from internet without login request!

This feature it is a stopper to beginning the migration from Slack.

I believe I posted this on another point, but it's similar to this as well. It would be great if all file transfers defaulted to local LAN transfer, maybe cached locally or something, then if the user is in another location, it would use the Amazon S3 as the middleman.

I realize that we're in a unique situation that doesn't affect most where bandwidth is a finite resource here in the Yukon. They put a cap on what they inaccurately measure, and charge extra fees when we go over. That being said, this could be a benefit in security mitigating another layer of risk.

Yes, indeed this is an issue... I've started putting sensitive customer files to share with the team but if anyone on the internet. Will need to revert that ASAP.

IMO should be a gateway that will send ryver credentials to validate them because even on ryver the access should be restricted by user/team

So what is the status on the administrative option for direct file uploads?

It's possible to disable uploads from all other services (Google drive, Box.com and Dropbox) but not into AWS. This makes absolutely no sense and is a backward logic considering content security. All the services that one can disable offer access right management and Ryver accesses them via its own OAuth (as far as I can see). This is HEAPS better than just relying on random naming on an AWS instance. If link to a file somehow leaks (may happen) then which version of file sharing is more secure?

How is it that it takes 3 years and nothing is done about it? There's not even an option to mass-remove files from a Ryver instance.