Dropproxy: hide your username from public links you share

Martin Brinkmann
Mar 26, 2013
Internet
|
1

If you are a veteran user of Dropbox you know that you can make use of the so-called public folder which you can use to share individual files or folders automatically with users who know the address of it. New users do not get the public folder automatically anymore but can still turn it on again to make use of it.

To use it simply open it on the Dropbox website and use the sharing options there, for instance with a right-click on a file you want to share publicly, to do so. Dropbox displays a web address that points to the file on its server. If you analyze the address, you will notice that it contains the account's user ID.

While you can't use it anymore to browse a user's public folder, it may raise concern nevertheless:

  • With your user ID known, someone could try and brute force the public folder to find out if specific files are available on it. This is not very likely but the possibility is there.
  • More pressing than that is that someone could link multiple shares that you make to your user account. Say you share a public file on your own website, and another on a site like Reddit or 4chan. Someone with knowledge of both, or a search on the Internet for that user ID, could link the two posts which you may not always want.
  • Last but not least, it is possible to use a search to find public files on Dropbox using search engines like Google. Just search for "http://dl.dropbox.com/u/" and you will find lots of public files that users shared, even if their intention was not to share them with the "whole" Internet.

So what can you do to prevent this from happening? You can share files that are not in your public folder, but that may not always be practicable as you can only share them with select users this way.

Dropproxy is a new service that makes available an alternative. You can use it to protect one or all files that you store in your public folder. The idea here is to use the service to proxy a file before you start sharing it. For that, visit the Dropproxy website and use the single file or all file form to create the proxy.

A single file proxy returns a proxy address that you can share with the public. I talked briefly to the developer and he mentioned that when someone requests the proxy url, Dropproxy will establish a connection to Dropbox to retrieve and display the file to the user. Files are not saved by the proxy which means that you can delete it at anytime or move it to block anyone from accessing it from that moment on.

You need to consider two additional things before you start using the service. First, the url structure of the proxied files is not using large random strings. You can browse all files proxied easily. While they are all public, it is something that you may want to consider before using the service. Second, you are submitting your user ID to the site to create the proxy.

Advertisement

Tutorials & Tips


Previous Post: «
Next Post: «

Comments

  1. ilev said on August 4, 2012 at 7:53 pm
    Reply

    Doesn’t Windows 8 know that www. or http:// are passe ?

    1. Martin Brinkmann said on August 4, 2012 at 7:57 pm
      Reply

      Well it is a bit difficulty to distinguish between name.com domains and files for instance.

    2. Leonidas Burton said on September 4, 2023 at 4:51 am
      Reply

      I know a service made by google that is similar to Google bookmarks.
      http://www.google.com/saved

  2. VioletMoon said on August 16, 2023 at 5:26 pm
    Reply

    @Ashwin–Thankful you delighted my comment; who knows how many “gamers” would have disagreed!

  3. Karl said on August 17, 2023 at 10:36 pm
    Reply

    @Martin

    The comments section under this very article (3 comments) is identical to the comments section found under the following article:
    https://www.ghacks.net/2023/08/15/netflix-is-testing-game-streaming-on-tvs-and-computers/

    Not sure what the issue is, but have seen this issue under some other articles recently but did not report it back then.

  4. Anonymous said on August 25, 2023 at 11:44 am
    Reply

    Omg a badge!!!
    Some tangible reward lmao.

    It sucks that redditors are going to love the fuck out of it too.

  5. Scroogled said on August 25, 2023 at 10:57 pm
    Reply

    With the cloud, there is no such thing as unlimited storage or privacy. Stop relying on these tech scums. Purchase your own hardware and develop your own solutions.

    1. lollmaoeven said on August 27, 2023 at 6:24 am
      Reply

      This is a certified reddit cringe moment. Hilarious how the article’s author tries to dress it up like it’s anything more than a png for doing the reddit corporation’s moderation work for free (or for bribes from companies and political groups)

  6. El Duderino said on August 25, 2023 at 11:14 pm
    Reply

    Almost al unlmited services have a real limit.

    And this comment is written on the dropbox article from August 25, 2023.

  7. John G. said on August 26, 2023 at 1:29 am
    Reply

    First comment > @ilev said on August 4, 2012 at 7:53 pm

    For the God’s sake, fix the comments soon please! :[

  8. Kalmly said on August 26, 2023 at 4:42 pm
    Reply

    Yes. Please. Fix the comments.

  9. Kim Schmidt said on September 3, 2023 at 3:42 pm
    Reply

    With Google Chrome, it’s only been 1,500 for some time now.

    Anyone who wants to force me in such a way into buying something that I can get elsewhere for free will certainly never see a single dime from my side. I don’t even know how stupid their marketing department is to impose these limits on users instead of offering a valuable product to the paying faction. But they don’t. Even if you pay, you get something that is also available for free elsewhere.

    The algorithm has also become less and less savvy in terms of e.g. English/German translations. It used to be that the bot could sort of sense what you were trying to say and put it into different colloquialisms, which was even fun because it was like, “I know what you’re trying to say here, how about…” Now it’s in parts too stupid to translate the simplest sentences correctly, and the suggestions it makes are at times as moronic as those made by Google Translations.

    If this is a deep-learning AI that learns from users’ translations and the phrases they choose most often – which, by the way, is a valuable, moneys worthwhile contribution of every free user to this project: They invest their time and texts, thereby providing the necessary data for the AI to do the thing as nicely as they brag about it in the first place – alas, the more unprofessional users discovered the translator, the worse the language of this deep-learning bot has become, the greater the aggregate of linguistically illiterate users has become, and the worse the language of this deep-learning bot has become, as it now learns the drivel of every Tom, Dick and Harry out there, which is why I now get their Mickey Mouse language as suggestions: the inane language of people who can barely spell the alphabet, it seems.

    And as a thank you for our time and effort in helping them and their AI learn, they’ve lowered the limit from what was once 5,000 to now 1,500…? A big “fuck off” from here for that! Not a brass farthing from me for this attitude and behaviour, not in a hundred years.

  10. Anonymous said on September 28, 2023 at 8:19 am
    Reply

    When will you put an end to the mess in the comments?

  11. RIP said on September 28, 2023 at 9:36 am
    Reply

    Ghacks comments have been broken for too long. What article did you see this comment on? Reply below. If we get to 20 different articles we should all stop using the site in protest.

    I posted this on [https://www.ghacks.net/2023/09/28/reddit-enforces-user-activity-tracking-on-site-to-push-advertising-revenue/] so please reply if you see it on a different article.

    1. RIP said on September 28, 2023 at 11:01 am
      Reply

      Comment redirected me to [https://www.ghacks.net/2012/08/04/add-search-the-internet-to-the-windows-start-menu/] which seems to be the ‘real’ article it is attached to

  12. RIP said on September 28, 2023 at 10:48 am
    Reply

    Comment redirected me to [https://www.ghacks.net/2012/08/04/add-search-the-internet-to-the-windows-start-menu/] which seems to be the ‘real’ article it is attached to

  13. Mystique said on September 28, 2023 at 12:13 pm
    Reply

    Article Title: Reddit enforces user activity tracking on site to push advertising revenue
    Article URL: https://www.ghacks.net/2023/09/28/reddit-enforces-user-activity-tracking-on-site-to-push-advertising-revenue/

    No surprises here. This is just the beginning really. I cannot see a valid reason as to why anyone would continue to use the platform anymore when there are enough alternatives fill that void.

  14. justputthispostanywhere said on September 29, 2023 at 3:59 am
    Reply

    I’m not sure if there is a point in commenting given that comments seem to appear under random posts now, but I’ll try… this comment is for https://www.ghacks.net/2023/09/28/reddit-enforces-user-activity-tracking-on-site-to-push-advertising-revenue/

    My temporary “solution”, if you can call it that, is to use a VPN (Mullvad in my case) to sign up for and access Reddit via a European connection. I’m doing that with pretty much everything now, at least until the rest of the world catches up with GDPR. I don’t think GDPR is a magical privacy solution but it’s at least a first step.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.