Just How Trustworthy Are Free File Hosting Services?

obr2By Lavanya Rathnam — Last Updated: 13 Feb'17 2017-02-13T04:56:10+00:00

File hosting services, also known as online file storage providers, are designed to host large amounts of static files on the cloud.

Over the last few years, the online file hosting industry has grown significantly. Many organizations and individuals use file hosting or online storage as a part of their everyday operations, as it’s simple, easy and an effective way to store and share files.

Take, for example, Teach for America: a non-profit organization that recruits recent college graduates to teach in “weak” public schools. It had plenty of education material that improves lesson quality, but all of it was spread across its 50 regional offices. Disseminating it through email was out of question as the files were too large for any email service.

That’s when a file hosting service provider came to its rescue. It allowed users to upload large files, store and share them securely with volunteers located all over the country, and this greatly improved collaboration among volunteer teachers. A simple, yet effective solution to a common problem.

Best Free File Hosting We Recommend

It also shows the power and simplicity of file hosting services, as you can now store and share files of any size with anyone located in any part of the world, within just minutes. No wonder this industry is expected to be worth $3.51 billion by 2020, accounting for an annual average growth rate of 25.7 percent.

Despite all these buoyant statistics and widespread use, many of us still have a small doubt lurking at the back of our mind about data security. Let’s face it: when you send files over the Internet, there’s always a possibility someone may hack it. Worse yet, NSA surveillance programs can access your data anytime. Where’s your privacy then?

Thinking along these lines, we want to separate the trustworthy services from the not-so-safe ones. In fact, we’ve come up with a list of factors you can use to determine the trustworthiness of a free file-hosting service.

Basic Password Protection

Passwords are a basic necessity to protect our information on the web. Though most file hosting service providers require a login username and password to store or share files, some services like WeTransfer don’t offer this protection.

In this service’s free version, you can only upload a file and send the link to others, but you can’t save the file anywhere. The positive side is you can send a file size of up to 2GB, and you obviously don’t need to sign up for an account. This service works best only when you want to share a large file once. No other kind of protection like encryption is offered for file sharing.

All other service providers we’ve reviewed secure your data with a login username and password.

HTTP vs HTTPS

Another basic feature that we’ve come to expect is secure communication between your browser and the website.

Hypertext Transfer Protocol (HTTP) is a protocol that allows communication between two devices, say a web server and a browser. When you request for information, the browser sends this request to the corresponding web server. In turn, the server responds back with the information. This communication is enabled by HTTP.

The problem with HTTP is it is not encrypted, so the information that passes between the server and browser can be intercepted by third parties. You can address this shortcoming using a secure version of HTTP called HTTPS, where the “S” stands for “secure.”

All HTTPS communications use a SSL certificate, which creates an encrypted connection between the web server and browser and secures your data transmission.

HTTPS is considered a basic security practice in today’s world, yet service providers like sabercathost only use HTTP for their communications. The good news is that you won’t have to worry too much about this as many service providers do employ HTTPS.

Encryption

Encryption, an important aspect of data protection, should be available not just when a file is shared, but also when it is stored in the cloud. In this sense, encryption should be a constant companion to your files.

Advanced Encryption Standard (AES) is the most common type of encryption used, as it is safe and secure. It supports a block length of 128, 192 or 256 bits, and all of it is unbreakable. In practice this means that it doesn’t matter whether an encryption uses 128-bits or 256-bits, as long as it uses AES to encrypt your data.

Many services, like IDrive, transfer your files over an encrypted connection using 128-bit AES, so it’s difficult for anyone to access them during transit. However, not all of them protect your files when they’re stored in the cloud. Among the well-known names, OneDrive is the only one that offers encryption at rest, and that too only for business users.

Ideally, service providers should offer end-to-end encryption, so a file can be decrypted only at the end points. Only zero-knowledge services like Sync.com offer such end-to-end encryption as they don’t hold the keys to decrypt your data.

NSA Surveillance and Hackers

Edward Snowden, in an interview, asked Americans to stay away from Facebook, Google and Dropbox because law enforcement officials can easily access the data stored in these servers. In other words, your data is public information for the NSA, as it can request access to any file, and all these companies have to comply with it under the U.S Patriot Act.

Likewise, your data can be accessed by third parties due to employees’ negligence. For example, in 2012, hackers stole the username and password of 68.7 million Dropbox users by exploiting an employee’s weak login credentials. Why should you lose your data through an employee’s carelessness?

A good way to protect your data from the NSA and other third parties is to choose zero-knowledge security providers like SpiderOak.

Viruses, Adware and Malware

Some websites try to download viruses and malware to steal information from your system.

Unfortunately, file service providers like zippyshare seem to support this: they display tricky ads on their web access portal that may entice unsuspecting users to click on them. It’s hard to say what viruses or malware will be downloaded this way, so it’s best to stay away from this provider.

The good news, though, is that zippyshare is probably the only provider with such cheap ads.

Single Login

Single logins may be convenient, but they also pose a big security risk. Take Google for example: if someone can hack your username and password, they can access everything associated with it. Your emails, photos, viewing history on YouTube and, worse, all the files stored on Google Drive are now accessible to them.

This is why you’re probably better off using dedicated file hosting services that don’t combine many functions with a single login.

Verification Process

Many service providers constantly monitor your IP address, and lock down your account when you log in from a new IP address. While this may sound like a good data protection strategy, it also means the service provider is constantly monitoring your location. This means the very idea of privacy takes a beating here.

OneDrive, for example, locks your account when you login from a new IP address. Retrieving your account using valid security answers can be a painful process, to say the least. To avoid these problems, it’s best you opt for a provider with a simple monitoring and retrieval process.

Two-Step Verification

A two-step verification process protects your account with a password and, as a safety measure, it also sends a text message with a code to your phone. As soon as you log in with your credentials, you’ll be asked to enter the code sent to your phone and this answer has to match the system’s records.

With some service providers like Google Drive and OneDrive, you can opt to answer a few security questions registered during account setup, instead of sending a code to your phone.

Alternately, you can secure your credentials with a validation app like Authy or Google Authenticator. Many service providers encourage you to turn on this feature for better protection.

File Expiration

File service providers are expected to keep your files safe. Imagine how you’d feel when you log into your account and see nothing?

Well, providers like Livedrive remove your files after 30 days because they assume you would’ve read it in the terms and conditions displayed on their website. Avoid such scenarios by choosing service providers that store your files forever or offer some other form of file versioning.

Bad Interface

Simple and intuitive interfaces are appealing, and are a benchmark of quality service. When you see an interface that is dodgy and doesn’t give you the details you want, think twice about signing up with them.

DepositFiles, a free file hosting service has confusing icons and external links that take users to one of their other ventures called “gavitex.” Seriously?

Trustworthy Choices

So, which is the most trustworthy service provider today?

Though every service provider offer a handful of protection and safety features, they’re not comprehensive enough to protect your data. Worse, they’re all subject to NSA’s reach.

A better option is to use the services of a zero-knowledge provider that doesn’t store your passwords or any other details. This means, nobody except you, can access your files. No law enforcement officials, employees or hackers can get to your files.

We love zero-knowledge providers like Sync.com, pCloud, SpiderOak, Tresorit and MEGA, as they’re clean, safe and affordable.

Conclusion

To conclude, privacy is an important aspect when it comes to file hosting service, as you trust the service to protect your files and secure them from the prying eyes of hackers and the NSA. When you store your files on a platform, it’s important to ensure that no one, including the employees, are browsing through your files to check for any information whatsoever.

Most free file hosting services today offer only a limited amount of protection. If you truly want a service with comprehensive security, try a zero-knowledge service provider like SpiderOak, MEGA, pCloud, Tresorit or Sync.com.

Which of these do you prefer? Let us know in the comments below, thank you for reading our guide.

Leave a Reply

Your email address will not be published. Required fields are marked *

Sign up for our newsletter to get the latest on new releases and more.

More about

Most Visited News