David Kaye wrote:
"Meanie" wrote

I should add, it needs to be easy for the receiving end to open and
view. They are not very computer literate. How exactly does Winrar
work?

Forget Winrar or any other compression program because they don't
compress photos!

Photos are already compressed.

Maybe yes, maybe no. Depends on the file type.

--

dadiOH
____________________________

Winters getting colder? Tired of the rat race?
Maybe just ready for a change? Check it out...
http://www.floridaloghouse.net

In article ,
"Atila Iskander" wrote:

"Smitty Two" wrote in message
...
In article , "Meanie" wrote:

the likelihood of not receiving my USB drive back becomes a
problem

Assuming this is a business and not a hobby, the cost of a USB drive
seems absurdly trivial. Akin to the cost of a cardboard box that you'd
ship a physical item of any value in.

I have stopped using USB drives or sticks for a variety of reasons
I now use (C10) SD cards.
They are much faster to upload download than USB sticks
http://microcenter.com/search/search...tt=class+10+sd

8 gb for $6.00
16 gb for $9.00

Plus if it's a business, just include the cost into your price, label them
and give a rebate if they return it.





Or, get 100 of them private-labeled with your business name by one of
those places that sells promotional items. Then it becomes a frequent
reminder for your customers, to come on back and spend more money with
you.

On Aug 28, 9:52*am, gpsman wrote:
On Aug 28, 2:49*am, "
wrote:



Show us a computer security expert that says that
just using a URL that you then share with someone and
rely on that alone is in any way a safe, secure and
sufficient security protocol.

You don't need an expert to know an unpublished random url is secure
enough for a few hours for data few know exist.

From the description of the usage and requirements
there is nothing to conclude that the photos will only
be up there for a few hours. And any security process
that relies on one human accessing them immediately
and another human taking them down in a timely
fashion to make it secure is a very poor one. Not a
very convenient one for your clients either. Or one
that I would want to explain. "Well, I'm to cheap and
lazy to have decent security, so, here's how I'm going
to go about dealing with YOUR confidential videos...."

He can do what he pleases. But he did say that they
were surveilance photos and videos and that he was
very concerned that they be secure. The above
procedure doesn't meet my definition of secure. For
example, a URL is tracked, stored and visible in plain
sight in your browser. Anyone sitting down at one
of the PC's that accesses it a day later can go right
back there. In the latest version of Explorer, when you
open a new tab, it comes up with a whole page of
suggestions of the last dozen or so visited URLs.
Just click on that tab and bingo, you're there.

And if someone gained unauthorized access, put those
surveillance videos up
all over the web and the party being surveilled sued,
I doubt a court would consider relying on the parties
knowing and sharing a URL, taking the videos down
in some timely fashion as a sufficiently secure
method. Not when there are other far more secure
methods available.

On Aug 28, 10:57Â*am, "
wrote:
On Aug 28, 9:52Â*am, gpsman wrote:

You don't need an expert to know an unpublished random url is secure
enough for a few hours for data few know exist.

From the description of the usage and requirements
there is nothing to conclude that the photos will only
be up there for a few hours.

It seems safe to assume.

And any security process
that relies on one human accessing them immediately
and another human taking them down in a timely
fashion to make it secure is a very poor one.

That puts the anal in analysis.

Not a
very convenient one for your clients either.

Fascinating.

Or one
that I would want to explain. Â* "Well, I'm to cheap and
lazy to have decent security, so, here's how I'm going
to go about dealing with YOUR confidential videos...."

Straw man. Free ‰* insecure.

He can do what he pleases. Â*But he did say that they
were surveilance photos and videos and that he was
very concerned that they be secure. Â* The above
procedure doesn't meet my definition of secure. Â*For
example, a URL is tracked, stored and visible in plain
sight in your browser. Â* Anyone sitting down at one
of the PC's that accesses it a day later can go right
back there.

Couldn't they just access the files...?

In the latest version of Explorer, when you
open a new tab, it comes up with a whole page of
suggestions of the last dozen or so visited URLs.
Just click on that tab and bingo, you're there.

If your machine isn't secure, your machine isn't secure.

And if someone gained unauthorized access, put those
surveillance videos up
all over the web

I think you're venturing into exhaustive hypotheses.

No outside party is aware of the existence of the files.

You seem to assume surveillance videos contain something worth
watching. I imagine they'd have a hard time getting any hits posted
to YouTube or Panoramio.

Surveillance photo/video is most often people coming and going or just
being together, eating at a restaurant, meeting at a motel, etc.

and the party being surveilled sued,
I doubt a court would consider relying on the parties
knowing and sharing a URL, taking the videos down
in some timely fashion as a sufficiently secure
method. Â*Not when there are other far more secure
methods available.

Perfect solution fallacy. There are always going to be more secure
methods.

Hosting a secure server invites attack, doesn't it?

I don't think hosting a server and/or creating a website is
practical. Hiding photo/video files with a private url among millions
if not billions of other photo/video files can be very secure with
little effort of any party and convenient for all concerned.
-----

- gpsman

dadiOH wrote:
David Kaye wrote:
"Meanie" wrote

I should add, it needs to be easy for the receiving end to open and
view. They are not very computer literate. How exactly does Winrar
work?

Forget Winrar or any other compression program because they don't
compress photos!

Photos are already compressed.

Maybe yes, maybe no. Depends on the file type.

What normal photo file type yields a significantly reduced file size when
compressed?

On Tue, 28 Aug 2012 01:05:31 -0700, "David Kaye"
wrote:

Exactly. This is why FTP is really the only way to go.

Not always true. The FTP protocol uses plain text for passwords sent
--- not encrypted. They can be captured with a snifter.

OP could use remote desktop connections, he could set up Team Viewer
or other similar application.

Free for private use:

http://www.teamviewer.com/en/index.aspx
--

On Aug 28, 11:50Â*am, gpsman wrote:
On Aug 28, 10:57Â*am, "
wrote:

On Aug 28, 9:52Â*am, gpsman wrote:

You don't need an expert to know an unpublished random url is secure
enough for a few hours for data few know exist.

From the description of the usage and requirements
there is nothing to conclude that the photos will only
be up there for a few hours.

It seems safe to assume.

It doesn't seem at all reasonable to me. You'd have to
tell your client "I'm going to put your files up for 2 hours
starting at 2PM....." Not the way I'd deal with customers.





And any security process
that relies on one human accessing them immediately
and another human taking them down in a timely
fashion to make it secure is a very poor one.

That puts the anal in analysis.

IDK what your point is here.




Not a
very convenient one for your clients either.

Fascinating.

So, you don't care about the clients, how convenient
it is for them, what message it sends to them about
how you do business. Figures.




Or one
that I would want to explain. Â* "Well, I'm to cheap and
lazy to have decent security, so, here's how I'm going
to go about dealing with YOUR confidential videos...."

Straw man. Â*Free ‰* insecure.

I never said that free is the same as insecure. I just said
relying on a URL as your security is insecure. And it's
not unusual for a solution that provides real security
to take some time to find, perhaps some work to
implement and it may not be free.




He can do what he pleases. Â*But he did say that they
were surveilance photos and videos and that he was
very concerned that they be secure. Â* The above
procedure doesn't meet my definition of secure. Â*For
example, a URL is tracked, stored and visible in plain
sight in your browser. Â* Anyone sitting down at one
of the PC's that accesses it a day later can go right
back there.

Couldn't they just access the files...?

Not necessarily, no. The OP might have the actual
files he's uploading on his camera or a USB drive
and not on the PC.
The client might download them to a USB, portable
drive, DVD, etc. Or he might just look at them online,
conclude they are of no interest to go further and
leave them there.




In the latest version of Explorer, when you
open a new tab, it comes up with a whole page of
suggestions of the last dozen or so visited URLs.
Just click on that tab and bingo, you're there.

If your machine isn't secure, your machine isn't secure.

BS. I can access my bank account, credit card
accounts, stock accounts, etc from my PC. If someone
comes by after I've logged off, they cannot gain access
without the username and password. If I forget to log off, in
about 5 mins, the websites automatically log me off
and no one can get back in again without the username
and password.

Under the proposed URL
scenario, all someone sitting down a half hour later
would have to do is open the browser and
it presents them with an array of the last dozen or so
websites visited. Click on the tab offered for the
videos and they have the surveillance video.




And if someone gained unauthorized access, put those
surveillance videos up
all over the web

I think you're venturing into exhaustive hypotheses.

No outside party is aware of the existence of the files.

And how do you know that? Clairvoyant?




You seem to assume surveillance videos contain something worth
watching.

We don't know exactly what the security videos do or don't have.
We do know that the OP clearly stated:

"Therefore, I
thought of a photo website and the possibility of making a "private"
section
with the photos they need. For obvious reasons again, it's imperative
they
don't fall onto the eyes of others and thus, they would be the only
one to
gain access.

I use Flickr but haven't checked to see if that's possible, but I'm
also
very concerned about photos on a website period, being seen by others
and
overall, apprehensive to even put them up there. "






Â*I imagine they'd have a hard time getting any hits posted
to YouTube or Panoramio.

Surveillance photo/video is most often people coming and going or just
being together, eating at a restaurant, meeting at a motel, etc.

You have no way of knowing what any surveilance video
does or does not have. The very fact that the OP is
doing the surveilling for someone would suggest to me
that it's probably not just a 24/7 video running at a
convenience story.




and the party being surveilled sued,
I doubt a court would consider relying on the parties
knowing and sharing a URL, taking the videos down
in some timely fashion as a sufficiently secure
method. Â*Not when there are other far more secure
methods available.

Perfect solution fallacy. Â*There are always going to be more secure
methods.

Uh huh, so why start at the bottom of the barrel?




Hosting a secure server invites attack, doesn't it?

I don't think hosting a server and/or creating a website is
practical. Â*Hiding photo/video files with a private url among millions
if not billions of other photo/video files can be very secure with
little effort of any party and convenient for all concerned.
Â*-----

- gpsman

Like I said, he can do what he wants. But given his
expressed concern for security, I think using nothing
more than a URL is a poor solution.

HeyBub wrote:
dadiOH wrote:
David Kaye wrote:
"Meanie" wrote

I should add, it needs to be easy for the receiving end to open and
view. They are not very computer literate. How exactly does Winrar
work?

Forget Winrar or any other compression program because they don't
compress photos!

Photos are already compressed.

Maybe yes, maybe no. Depends on the file type.

What normal photo file type yields a significantly reduced file size
when compressed?

"Normal" depends, I suppose but bmp, ppm, raw, tgi and tif all compress a
lot. Maybe others too, don't know. Not jpg or gif though.

--

dadiOH
____________________________

Winters getting colder? Tired of the rat race?
Maybe just ready for a change? Check it out...
http://www.floridaloghouse.net

On Aug 28, 12:49Â*pm, "
wrote:
On Aug 28, 11:50Â*am, gpsman wrote:

On Aug 28, 10:57Â*am, "
wrote:

On Aug 28, 9:52Â*am, gpsman wrote:

You don't need an expert to know an unpublished random url is secure
enough for a few hours for data few know exist.

From the description of the usage and requirements
there is nothing to conclude that the photos will only
be up there for a few hours.

It seems safe to assume.

It doesn't seem at all reasonable to me. Â* You'd have to
tell your client "I'm going to put your files up for 2 hours
starting at 2PM....." Â* Not the way I'd deal with customers.

Straw man. The OP is not dealing with "customers", it's one guy, a
"friend"... then the friend splits into "they" later in the OP's
original post...

And any security process
that relies on one human accessing them immediately
and another human taking them down in a timely
fashion to make it secure is a very poor one.

That puts the anal in analysis.

IDK what your point is here.

Ditto. The human factor is always going to be the weak link.

Not a
very convenient one for your clients either.

Fascinating.

So, you don't care about the clients, how convenient
it is for them, what message it sends to them about
how you do business. Â* Figures.

How is clicking a link and downloading the material inconvenient?

Or one
that I would want to explain. Â* "Well, I'm to cheap and
lazy to have decent security, so, here's how I'm going
to go about dealing with YOUR confidential videos...."

Straw man. Â*Free ‰* insecure.

I never said that free is the same as insecure. Â*I just said
relying on a URL as your security is insecure.

Straw man. We're not relying solely on the url. There is no one
dimensional aspect of security.

And it's
not unusual for a solution that provides real security
to take some time to find, perhaps some work to
implement and it may not be free.

False premise. There is no such thing as "real security".

He can do what he pleases. Â*But he did say that they
were surveilance photos and videos and that he was
very concerned that they be secure. Â* The above
procedure doesn't meet my definition of secure. Â*For
example, a URL is tracked, stored and visible in plain
sight in your browser. Â* Anyone sitting down at one
of the PC's that accesses it a day later can go right
back there.

Couldn't they just access the files...?

Not necessarily, no. Â*The OP might have the actual
files he's uploading on his camera or a USB drive
and not on the PC.

And someone might steal his camera or drive!

The client might download them to a USB, portable
drive, DVD, etc. Â*Or he might just look at them online,
conclude they are of no interest to go further and
leave them there.

There is no such "client".

If your machine isn't secure, your machine isn't secure.

BS. Â* I can access my bank account, credit card
accounts, stock accounts, etc from my PC. Â*If someone
comes by after I've logged off, they cannot gain access
without the username and password.

Where do you keep your machine that that someone has access to it?

If I forget to log off, in
about 5 mins, the websites automatically log me off
and no one can get back in again without the username
and password.

In this instance, there's no logging in or username or password to
protect.

Or, there could be and shared between "friend" and "editor". Editor
ups the files, friend accesses, downloads, then deletes.

Under the proposed URL
scenario, all someone sitting down a half hour later
would have to do is open the browser and
it presents them with an array of the last dozen or so
websites visited. Â* Click on the tab offered for the
videos and they have the surveillance video.

If your machine isn't physically secure, and if the files are still
available... and if someone was so inclined...

And if someone gained unauthorized access, put those
surveillance videos up
all over the web

I think you're venturing into exhaustive hypotheses.

No outside party is aware of the existence of the files.

And how do you know that? Â*Clairvoyant?

It is a reasonable assumption the existence of confidential files is
confidential.

You seem to assume surveillance videos contain something worth
watching.

We don't know exactly what the security videos do or don't have.
We do know that the OP clearly stated:

"Therefore, I
thought of a photo website and the possibility of making a "private"
section
with the photos they need. For obvious reasons again, it's imperative
they
don't fall onto the eyes of others and thus, they would be the only
one to
gain access.

I use Flickr but haven't checked to see if that's possible, but I'm
also
very concerned about photos on a website period, being seen by others
and
overall, apprehensive to even put them up there. "

Â*I imagine they'd have a hard time getting any hits posted
to YouTube or Panoramio.

Surveillance photo/video is most often people coming and going or just
being together, eating at a restaurant, meeting at a motel, etc.

You have no way of knowing what any surveilance video
does or does not have.

Now you purport to know things you have no method of having learned.

The very fact that the OP is
doing the surveilling for someone would suggest to me
that it's probably not just a 24/7 video running at a
convenience story.

What does it suggest to you they probably are...?

and the party being surveilled sued,
I doubt a court would consider relying on the parties
knowing and sharing a URL, taking the videos down
in some timely fashion as a sufficiently secure
method. Â*Not when there are other far more secure
methods available.

Perfect solution fallacy. Â*There are always going to be more secure
methods.

Uh huh, so why start at the bottom of the barrel?

An unpublished url is not the bottom, obviously. The friend has been
content with all the security email offers.

Hosting a secure server invites attack, doesn't it?

I don't think hosting a server and/or creating a website is
practical. Â*Hiding photo/video files with a private url among millions
if not billions of other photo/video files can be very secure with
little effort of any party and convenient for all concerned.

Like I said, he can do what he wants. Â*But given his
expressed concern for security, I think using nothing
more than a URL is a poor solution.

Your opinion is based on nothing more than ignorance and paranoia
regarding protecting data of which few have any interest.
-----

- gpsman

On Mon, 27 Aug 2012 18:12:55 -0400, "Meanie" wrote:

to allow what I need or have a better
solution for my dilemma?

Check out Team Viewer.

File transfer:

With file transfer, you can easily copy files or entire folders to and
from the remote computer. You can also use the drag & drop feature for
even greater convenience and speed

Free: (private use)

http://www.teamviewer.com/en/index.aspx
--

"George" wrote

By native FTP is not secure because credentials are sent in the clear.
sFTP is one answer.

That's a good option.

On Aug 28, 1:33Â*pm, gpsman
Straw man. Â*The OP is not dealing with "customers", it's one guy, a
"friend"... then the friend splits into "they" later in the OP's
original post...


Well since he uses the terms "they" and "them" through
his description of the process, how do you know there isn't more than
one person involved? Clairvoyant?
Also, unless the OP is doing it for free, which he did not
say and which seems unlikely, I'd say he is dealing
with a customer, even if it happens to be a friend.




And any security process
that relies on one human accessing them immediately
and another human taking them down in a timely
fashion to make it secure is a very poor one.

That puts the anal in analysis.

IDK what your point is here.

Ditto. Â*The human factor is always going to be the weak link.

Which is why you don't want a system that relies
on a human taking actions hours later to secure
the videos. Does you bank or credit card company
website work that way?





Not a
very convenient one for your clients either.

Fascinating.

So, you don't care about the clients, how convenient
it is for them, what message it sends to them about
how you do business. Â* Figures.

How is clicking a link and downloading the material inconvenient?

Because per YOUR protocol, you said the videos would
only be up there for a couple of hours. Hence the client
has to be notified and then access it within
a few hours so that the videos are only up there for
a few hours. And then the OP has to also remember
and then take action a few hours later to remove the
photos. That was your protocol, remember?




Or one
that I would want to explain. Â* "Well, I'm to cheap and
lazy to have decent security, so, here's how I'm going
to go about dealing with YOUR confidential videos...."

Straw man. Â*Free ‰* insecure.

I never said that free is the same as insecure. Â*I just said
relying on a URL as your security is insecure.

Straw man. Â*We're not relying solely on the url. Â*There is no one
dimensional aspect of security.

OK relying on a URL, plus the inconvenience of
having to deal with and remember a window of
a couple of hours for both parties is insecure and
inconvenient. Feel better now?




And it's
not unusual for a solution that provides real security
to take some time to find, perhaps some work to
implement and it may not be free.

False premise. Â*There is no such thing as "real security".

Show us a computer security expert that says relying
on a URL as the means to protect confidential
videos, where it is "imperative" that no one else
see them, is a good security solution.





He can do what he pleases. Â*But he did say that they
were surveilance photos and videos and that he was
very concerned that they be secure. Â* The above
procedure doesn't meet my definition of secure. Â*For
example, a URL is tracked, stored and visible in plain
sight in your browser. Â* Anyone sitting down at one
of the PC's that accesses it a day later can go right
back there.

Couldn't they just access the files...?

Not necessarily, no. Â*The OP might have the actual
files he's uploading on his camera or a USB drive
and not on the PC.

And someone might steal his camera or drive!

The OP wasn't asking how to secure his camera
or USB drive. He was asking how to secure his
videos and at the same time make them available
to the client.




The client might download them to a USB, portable
drive, DVD, etc. Â*Or he might just look at them online,
conclude they are of no interest to go further and
leave them there.

There is no such "client".

Yes there is, it's the person receiving the videos.
Geez....




If your machine isn't secure, your machine isn't secure.

BS. Â* I can access my bank account, credit card
accounts, stock accounts, etc from my PC. Â*If someone
comes by after I've logged off, they cannot gain access
without the username and password.

Where do you keep your machine that that someone has access to it?

It's not where I keep anything. It's unknown what the
clients environment is. It's unknow what the OP's
environment is. And it's not at all unusual for
a PC that's in a home or business to have access
available to it by more than one person. Why do you
think all those websites that try to enforce some
reasonable security automatically log you out after
5 mins of inactivity? For that matter, why don't they just give you
your personal URL and be done with it?




If I forget to log off, in
about 5 mins, the websites automatically log me off
and no one can get back in again without the username
and password.

In this instance, there's no logging in or username or password to
protect.

I think you're finally starting to get it. Except that
the username and password is not what these measures
protect. They protect against someone else coming
by the PC 30 mins later and proceeding to take over
where you left off. Which is exactly what they can do
when you rely on a URL. A URL that with Explorer
shows up for the last dozen or so websites when you
open a new tabl A URL that is in the browser history
too.





Or, there could be and shared between "friend" and "editor". Â*Editor
ups the files, friend accesses, downloads, then deletes.

Under the proposed URL
scenario, all someone sitting down a half hour later
would have to do is open the browser and
it presents them with an array of the last dozen or so
websites visited. Â* Click on the tab offered for the
videos and they have the surveillance video.

If your machine isn't physically secure, and if the files are still
available... and if someone was so inclined...

Well, that's the whole point of having a secure system
and why relying on a URL is a poor system.




Surveillance photo/video is most often people coming and going or just
being together, eating at a restaurant, meeting at a motel, etc.

You have no way of knowing what any surveilance video
does or does not have.

Now you purport to know things you have no method of having learned.

I'm not the one claiming that no one else knows
about the confidential videos. I'm not the one claiming
that the videos are likely just of some people walking
around, etc so they are of no interest to anyone. I'm
not the one claiming that if someone came across them
and put them out on the web there would be no
consequence.






The very fact that the OP is
doing the surveilling for someone would suggest to me
that it's probably not just a 24/7 video running at a
convenience story.

What does it suggest to you they probably are...?

I don't have to speculate. I just go by what the OP
stated:

"For obvious reasons again, it's imperative they
don't fall onto the eyes of others and thus, they would be the only
one to gain access. "

He says there are obvious reasons and it's imperative
they don't fall onto the eyes of others. That's enough for
me to conclude relying on a URL for security doesn't
meet that requirement.




and the party being surveilled sued,
I doubt a court would consider relying on the parties
knowing and sharing a URL, taking the videos down
in some timely fashion as a sufficiently secure
method. Â*Not when there are other far more secure
methods available.

Perfect solution fallacy. Â*There are always going to be more secure
methods.

Uh huh, so why start at the bottom of the barrel?

An unpublished url is not the bottom, obviously. Â*The friend has been
content with all the security email offers.

Not true. In his own words:

"They usually ask me to email them, but without reducing their size/
resolution, that's difficult to do when sending many photos.
Therefore, I'm stuck with
copying them to a disk or USB drive then getting it to them. "

So, we don't know what the delivery method is. It could
be handing them off in person. Also note again that the
"they" and "usually" would seem to imply that there is
more than one person as a client.





Hosting a secure server invites attack, doesn't it?

I don't think hosting a server and/or creating a website is
practical. Â*Hiding photo/video files with a private url among millions
if not billions of other photo/video files can be very secure with
little effort of any party and convenient for all concerned.

Like I said, he can do what he wants. Â*But given his
expressed concern for security, I think using nothing
more than a URL is a poor solution.

Your opinion is based on nothing more than ignorance and paranoia
regarding protecting data of which few have any interest.
Â*-----


Your opinion is based on assuming all kinds of things
and not reading what the OP wrote:

"For obvious reasons again, it's imperative they
don't fall onto the eyes of others and thus, they would be the only
one to gain access. "

Now who's the ignorant one, fool?

On Aug 28, 6:03*pm, "
wrote:
On Aug 28, 1:33*pm, gpsman

Your opinion is based on nothing more than ignorance and paranoia
regarding protecting data of which few have any interest.

Your opinion is based on assuming all kinds of things
and not reading what the OP wrote:

"For obvious reasons again, it's imperative they
don't fall onto the eyes of others and thus, they would be the only
one to gain access. "

Now who's the ignorant one, fool?

You. Obviously.

Here's a link to one of my private albums:
https://picasaweb.google.com/1140806...CM-t9Nqw1OmQdw

Do you think someone will accidentally come upon that url...?

Who do you think will penetrate the mind of the uploader to know when
to search for the files they have no idea exist...and guess where to
search...?

Keeping one's machine and browser history secure is another matter
entirely, but simple, and free.
-----

- gpsman

wrote in message
...
On Aug 28, 1:33 pm, gpsman
Straw man. The OP is not dealing with "customers", it's one guy, a
"friend"... then the friend splits into "they" later in the OP's
original post...


Well since he uses the terms "they" and "them" through
his description of the process, how do you know there isn't more than
one person involved? Clairvoyant?
Also, unless the OP is doing it for free, which he did not
say and which seems unlikely, I'd say he is dealing
with a customer, even if it happens to be a friend.


To help clarify, they and them are other private investigators who I work
with. They are mostly out in the field collecting their surveillance then
brinking the video and/or photos back to me for editing. Then I return the
finished tasks to them, usually on DVD disk for videos and the same can be
for photos, but I also email some photos as well. As cases increase, the
need for a quick turn around is required along with larger batches of photos
and thus, emailing is not much of an otpion without sending 50 emails of two
photos each and sending a disk via mail and/or picking up can't always be
accomplished in a timely manner.

Once again, security is an utmost concern due to these being legal cases.

"CRNG" wrote in message
...
On Mon, 27 Aug 2012 18:12:55 -0400, "Meanie" wrote in
Re OT question about photo websites and
private photos:

Anyone know of a good photo website to allow what I need or have a better
solution for my dilemma?

1. Put the photos into an encrypted .zip file with a prearranged
password.

2. Upload the .zip file to a file share service such as
SendSpace.com. They have free and paid accounts, depending on the
volume that you need.

3. Email the link to the uploaded .zip file to your clients. They can
then download and extract the photos.

I do the above with sensitive tax/financial data all the time and it
works well.

I like this idea, unfortunately, if my colleagues want to open a file on
their smartphone, they wouldn't be able to unzip them.

One of my main focus is to make it as easy as possible for the other guys to
view. If I can eliminate them requiring the need to download anything onto a
computer or smartphone, the better. Opening an email or clicking a link is
probably the best option.

Oren wrote:
On Mon, 27 Aug 2012 18:12:55 -0400, "Meanie" wrote:

to allow what I need or have a better
solution for my dilemma?

Check out Team Viewer.

File transfer:

With file transfer, you can easily copy files or entire folders to and
from the remote computer. You can also use the drag & drop feature for
even greater convenience and speed

Free: (private use)

http://www.teamviewer.com/en/index.aspx

Better than Team Viewer is Mikogo. I say better because:
1. Nothing is loaded on the client computer (I don't think that's the case
with TV), and
2. Mikogo is free for commercial use.

Meanie wrote:

One of my main focus is to make it as easy as possible for the
other guys to view. If I can eliminate them requiring the need
to download anything onto a computer or smartphone, the better.
Opening an email or clicking a link is probably the best option.

I've already told you.

Open a free account on fileden.com and upload your **** there.

You'll be given a coded URL for each file that you can e-mail to
who-ever you want. They click on the link and they'll be able to
download the file.

If the file is a jpg, then when they click the link their browswer
should automatically download render the image - no questions asked.
They can then use what-ever file-saving options are in their browser to
"save as file".

On Aug 28, 7:53*pm, "Meanie" wrote:
wrote in message

...
On Aug 28, 1:33 pm, gpsman

Straw man. The OP is not dealing with "customers", it's one guy, a
"friend"... then the friend splits into "they" later in the OP's
original post...

Well since he uses the terms "they" and "them" through
his description of the process, how do you know there isn't more than
one person involved? *Clairvoyant?

It's not my fault you don't write for ****.

Also, unless the OP is doing it for free, which he did not
say and which seems unlikely, I'd say he is dealing
with a customer, even if it happens to be a friend.

Make up your ****ing mind.

To help clarify, they and them are other private investigators who I work
with. They are mostly out in the field collecting their surveillance then
brinking the video and/or photos back to me for editing. Then I return the
finished tasks to them, usually on DVD disk for videos and the same can be
for photos, but I also email some photos as well. As cases increase, the
need for a quick turn around is required along with larger batches of photos
and thus, emailing is not much of an otpion without sending 50 emails of two
photos each and sending a disk via mail and/or picking up can't always be
accomplished in a timely manner.

Once again, security is an utmost concern due to these being legal cases.

So use the method your "customers" must have established for such
sensitive and voluminous material.... or are they ****wits, too?
-----

- gpsman

On 8/28/2012 12:31 PM, Oren wrote:
On Tue, 28 Aug 2012 01:05:31 -0700, "David Kaye"
wrote:

Exactly. This is why FTP is really the only way to go.

Not always true. The FTP protocol uses plain text for passwords sent
--- not encrypted. They can be captured with a snifter.

OP could use remote desktop connections, he could set up Team Viewer
or other similar application.

Free for private use:

http://www.teamviewer.com/en/index.aspx

And if the other user has any sense of security they wouldn't allow
something like teamviewer.

On 8/28/2012 10:57 AM, wrote:
On Aug 28, 9:52 am, gpsman wrote:
On Aug 28, 2:49 am, "
wrote:



Show us a computer security expert that says that
just using a URL that you then share with someone and
rely on that alone is in any way a safe, secure and
sufficient security protocol.

You don't need an expert to know an unpublished random url is secure
enough for a few hours for data few know exist.

From the description of the usage and requirements
there is nothing to conclude that the photos will only
be up there for a few hours. And any security process
that relies on one human accessing them immediately
and another human taking them down in a timely
fashion to make it secure is a very poor one. Not a
very convenient one for your clients either. Or one
that I would want to explain. "Well, I'm to cheap and
lazy to have decent security, so, here's how I'm going
to go about dealing with YOUR confidential videos...."



Uploading them to an unknown site violates the most basic security ideas
because the most basic rule is you need to keep control.

And I totally agree with your thoughts.




He can do what he pleases. But he did say that they
were surveilance photos and videos and that he was
very concerned that they be secure. The above
procedure doesn't meet my definition of secure. For
example, a URL is tracked, stored and visible in plain
sight in your browser. Anyone sitting down at one
of the PC's that accesses it a day later can go right
back there. In the latest version of Explorer, when you
open a new tab, it comes up with a whole page of
suggestions of the last dozen or so visited URLs.
Just click on that tab and bingo, you're there.



And if someone gained unauthorized access, put those
surveillance videos up
all over the web and the party being surveilled sued,
I doubt a court would consider relying on the parties
knowing and sharing a URL, taking the videos down
in some timely fashion as a sufficiently secure
method. Not when there are other far more secure
methods available.

On 8/28/2012 11:50 AM, gpsman wrote:
On Aug 28, 10:57 am, "
wrote:
On Aug 28, 9:52 am, gpsman wrote:

You don't need an expert to know an unpublished random url is secure
enough for a few hours for data few know exist.

From the description of the usage and requirements
there is nothing to conclude that the photos will only
be up there for a few hours.

It seems safe to assume.


Hardly. You can imagine all sorts of happiness Once you upload them and
loose control who knows?

A similar story. Friend had their business website which was used for
ecommerce at a hosting site. They moved on to another hosting company. A
mega hosting company bought their original hosting company and one day
all of a sudden anyone going to their site saw a three year old website.
Turns out the new megacompany mindlessly loaded old backups for some
reason and restored lots of sites including updating DNS records.




And any security process
that relies on one human accessing them immediately
and another human taking them down in a timely
fashion to make it secure is a very poor one.

That puts the anal in analysis.

Its just basic security practice.




Not a
very convenient one for your clients either.

Fascinating.

Why? If you had a secure system the files could be available as needed.
If you cheepout and go with "OK, I just uploaded them to an unknown site
and it is 10AM. I will delete them at 11..."


Or one
that I would want to explain. "Well, I'm to cheap and
lazy to have decent security, so, here's how I'm going
to go about dealing with YOUR confidential videos...."

Straw man. Free ‰* insecure.

Not really, if you want something that is reasonable to use and has
actual definable security it would cost something.



He can do what he pleases. But he did say that they
were surveilance photos and videos and that he was
very concerned that they be secure. The above
procedure doesn't meet my definition of secure. For
example, a URL is tracked, stored and visible in plain
sight in your browser. Anyone sitting down at one
of the PC's that accesses it a day later can go right
back there.

Couldn't they just access the files...?

In the latest version of Explorer, when you
open a new tab, it comes up with a whole page of
suggestions of the last dozen or so visited URLs.
Just click on that tab and bingo, you're there.

If your machine isn't secure, your machine isn't secure.

And if someone gained unauthorized access, put those
surveillance videos up
all over the web

I think you're venturing into exhaustive hypotheses.

No outside party is aware of the existence of the files.

You seem to assume surveillance videos contain something worth
watching. I imagine they'd have a hard time getting any hits posted
to YouTube or Panoramio.

Surveillance photo/video is most often people coming and going or just
being together, eating at a restaurant, meeting at a motel, etc.

and the party being surveilled sued,
I doubt a court would consider relying on the parties
knowing and sharing a URL, taking the videos down
in some timely fashion as a sufficiently secure
method. Not when there are other far more secure
methods available.

Perfect solution fallacy. There are always going to be more secure
methods.

Hosting a secure server invites attack, doesn't it?

I don't think hosting a server and/or creating a website is
practical. Hiding photo/video files with a private url among millions
if not billions of other photo/video files can be very secure with
little effort of any party and convenient for all concerned.
-----

- gpsman

On Wed, 29 Aug 2012 08:30:25 -0400, George
wrote:

On 8/28/2012 12:31 PM, Oren wrote:
On Tue, 28 Aug 2012 01:05:31 -0700, "David Kaye"
wrote:

Exactly. This is why FTP is really the only way to go.

Not always true. The FTP protocol uses plain text for passwords sent
--- not encrypted. They can be captured with a snifter.

OP could use remote desktop connections, he could set up Team Viewer
or other similar application.

Free for private use:

http://www.teamviewer.com/en/index.aspx

And if the other user has any sense of security they wouldn't allow
something like teamviewer.

Why is that? Only his machine needs it. He gives each a password and
nym, set the account for file transfer only and the client can connect
and get all the files from the designated folder.

100,000,000 users? These corporations trust it.

http://www.teamviewer.com/en/company/references.aspx

Security:

http://www.teamviewer.com/en/products/security.aspx
--

On Aug 29, 8:43Â*am, George wrote:
On 8/28/2012 11:50 AM, gpsman wrote:
On Aug 28, 10:57 am, "
wrote:
On Aug 28, 9:52 am, gpsman wrote:

You don't need an expert to know an unpublished random url is secure
enough for a few hours for data few know exist.

Â*From the description of the usage and requirements
there is nothing to conclude that the photos will only
be up there for a few hours.

It seems safe to assume.

Hardly. You can imagine all sorts of happiness Once you upload them and
loose control who knows?

Non sequitur. Uploading ‰* loss of control.

A similar story. Friend had their business website which was used for
ecommerce at a hosting site. They moved on to another hosting company. A
mega hosting company bought their original hosting company and one day
all of a sudden anyone going to their site saw a three year old website.
Turns out the new megacompany mindlessly loaded old backups for some
reason and restored lots of sites including updating DNS records.

Appeal to probability.

And any security process
that relies on one human accessing them immediately
and another human taking them down in a timely
fashion to make it secure is a very poor one.

That puts the anal in analysis.

Its just basic security practice.

Right. It does not seem unreasonable to assume highly confidential
files will be adequately attended.

Not a
very convenient one for your clients either.

Fascinating.

Why? If you had a secure system the files could be available as needed.

Irrelevant. Overlooking your undefined "secure system" the files
seem too sensitive to remain available to electronic interception.

If you cheepout and go with "OK, I just uploaded them to an unknown site
and it is 10AM. I will delete them at 11..."

Straw man. "Unknown site".

It could go like this, if the parties are not the morons you seem to
assume: "Call me when the Smith file is ready. I will download,
delete it, check it, then call you to confirm you can delete your
copy."

Or one
that I would want to explain. Â* "Well, I'm to cheap and
lazy to have decent security, so, here's how I'm going
to go about dealing with YOUR confidential videos...."

Straw man. Â*Free ‰* insecure.

Not really, if you want something that is reasonable to use and has
actual definable security it would cost something.

Non sequitur. HTTPS is actual definable security, is effortless to
use, and it costs Google users nothing.
-----

- gpsman

On Tue, 28 Aug 2012 19:10:26 -0500, "HeyBub"
wrote:

http://www.teamviewer.com/en/index.aspx

Better than Team Viewer is Mikogo. I say better because:
1. Nothing is loaded on the client computer (I don't think that's the case
with TV), and

TV does have a small software client ~2.x MB

2. Mikogo is free for commercial use.

I looked and they do have a pricing plan for Mikogo.
--

On Aug 29, 8:34*am, George wrote:
On 8/28/2012 10:57 AM, wrote:





On Aug 28, 9:52 am, gpsman wrote:
On Aug 28, 2:49 am, "
wrote:

Show us a computer security expert that says that
just using a URL that you then share with someone and
rely on that alone is in any way a safe, secure and
sufficient security protocol.

You don't need an expert to know an unpublished random url is secure
enough for a few hours for data few know exist.

*From the description of the usage and requirements
there is nothing to conclude that the photos will only
be up there for a few hours. * And any security process
that relies on one human accessing them immediately
and another human taking them down in a timely
fashion to make it secure is a very poor one. *Not a
very convenient one for your clients either. *Or one
that I would want to explain. * "Well, I'm to cheap and
lazy to have decent security, so, here's how I'm going
to go about dealing with YOUR confidential videos...."

Uploading them to an unknown site violates the most basic security ideas
because the most basic rule is you need to keep control.

And I totally agree with your thoughts.


Yeah, gps has his weenie in the wringer. He bought into
just using a URL as a sufficient security measure.
Then he went on to do everything he could to assume one
thing after another to try to claim that for
surveillance videos security isn't much of a deal.
Among other ridiculous reasons, he claimed they usually are
just some people walking around. So, no big deal. Really.
Maybe the ones from the 7-11, but when you have
someone actually taking them for you, then delivering
them to you to look at, then I think it's a big leap to make
assumptions as to what the videos and photos contain.
This despite the OP having clearly stated in the original
post that:

"For obvious reasons again, it's imperative they
don't fall onto the eyes of others and thus, they would be the only
one to gain access.
I use Flickr but haven't checked to see if that's possible, but I'm
also very concerned
about photos on a website period, being seen by others and
overall, apprehensive to even put them up there. "

Now that the OP has reaffirmed his legitimate concern
for security, that more than one other party is involved, etc.
instead of fessing up, gps goes on the attack, against me
and the OP.

Nice, real nice

On Mon, 27 Aug 2012 18:12:55 -0400, "Meanie" wrote:

I do surveillance video/photo editing for a friend of mine. Often, they want
many photos taken from captured videos and/or photos cleaned up then
resubmitted to them. The main problem is getting the photos back to them.
They usually ask me to email them, but without reducing their
size/resolution, that's difficult to do when sending many photos. I like to
keep them in high resolution for obvious reasons. Therefore, I'm stuck with
copying them to a disk or USB drive then getting it to them. A disk is no
big deal but the likelihood of not receiving my USB drive back becomes a
problem and then there's an issue if they want them ASAP. Therefore, I
thought of a photo website and the possibility of making a "private" section
with the photos they need. For obvious reasons again, it's imperative they
don't fall onto the eyes of others and thus, they would be the only one to
gain access.

I use Flickr but haven't checked to see if that's possible, but I'm also
very concerned about photos on a website period, being seen by others and
overall, apprehensive to even put them up there.

Anyone know of a good photo website to allow what I need or have a better
solution for my dilemma?

Thanks

http://windows.microsoft.com/en-US/w...iles-zip-files

Someone with a smart phone should try to open a zip file to see what
happens.

"Meanie" wrote in message ...
I do surveillance video/photo editing for a friend of mine. Often, they
want many photos taken from captured videos and/or photos cleaned up then
resubmitted to them. The main problem is getting the photos back to them.
They usually ask me to email them, but without reducing their
size/resolution, that's difficult to do when sending many photos. I like to
keep them in high resolution for obvious reasons. Therefore, I'm stuck with
copying them to a disk or USB drive then getting it to them. A disk is no
big deal but the likelihood of not receiving my USB drive back becomes a


The ASAP might be a problem, but the USB drives have came way down in price.
Office Depot and Staples have them on sell for only $ 5 to $ 8 for 4 and 8
GB drives. Just bill them for the price of one and let them keep it.