Dropbox brings easier file sharing and notification to updated desktop client

Posted:
in Mac Software edited January 2014
In an update to its desktop software on Tuesday, cloud storage giant Dropbox made a number of user interface design changes to its OS X menu bar asset, allowing direct access to file sharing, recently changed files and more.

Dropbox
Source: Dropbox


With Dropbox 2.0 for Mac, the company further expands the capabilities of its desktop client by allowing advanced management of a user's online cloud storage from their computer. The version change offers a completely redesigned drop-down menu with advanced UI integration which supports real time notifications of invitations, shared folder updates and links, which are displayed in the Dropbox menu bar.

Perhaps the most welcome enhancement is the ability to generate public links to shared documents without having to find the file in the Dropbox folder. It appears that the functionality applies only to recently changed items, itself another new feature, but the new system is a step in the right direction.

Dropbox Share


Version 2.0 also lets users keep track of changes to their shared folders, links or albums from the drop-down menu. Notifications of incoming invites to shared folders are pushed immediately to the menu bar for quick acceptance or denial, and users can click on links directly from the menu to be taken to the linked file or folder.

Rounding out the new feature set are two buttons at the top of the menu that direct users to their desktop Dropbox folder and to the Dropbox website. The information provided by the previous version's drop-down, such as space remaining and preferences, has been relegated to a settings icon located at the bottom right of the newly designed pane.

Dropbox 2.0 is fully compatible with the company recently updated iOS app, including push notifications. The new desktop version can be downloaded directly from the Dropbox website.

Comments

  • Reply 1 of 16
    poochpooch Posts: 768member
    dropbox. meh. yet another company not taking responsibility for their security breaches. at the very least, their email list has been compromised and they're sloughing it off as something that happened nine months ago.

    whenever i establish a relationship with a vendor who requires an email address from me, i give them an email address unique to just them. i give that email address to no-one else and, in most circumstances, i will never send an email _from_ that email address.

    that is exactly what i did with dropbox.

    i signed up for a dropbox account almost a year ago, on march 21, 2012. i immediately received the standard "welcome" email. over the course of the next nine months i received exactly three additional marketing-type emails from them.

    then i started getting spam/phishing emails. on 19-feb-2013 i received an email saying my direct deposit had been disallowed; on 26-feb-2013 i received an email indicating new security was being put in place for ACH and EFT transactions; and on both 27-feb and 28-feb-2013 i received an email asking me to join a linkedin account. all four emails were phishing emails.

    since i have never shared that email address with anyone, since i had never sent any email _from_ that address, and since the emails were all phishing emails, then one of three things has happened:

    - dropbox sold, gave away, or otherwise shared my information with one or more dubious with parties.

    - someone hacked dropbox's systems and stole my information.

    - dropbox has one or more rogue employees who is using customer information for their own benefit.

    they say that it's because of a[URL=https://blog.dropbox.com/2012/07/security-update-new-features/] breach they had in july of 2012[/URL] but i find that hard to believe ... i don't think the spammers would wait nine months to start sending me spam, and i don't fall into either of the two categories that the dropbox blog entry says their compromised users fall into. and they say that only after weeks of badgering them to get a response.

    dropbox. meh.
  • Reply 2 of 16
    I understood spammers make up email addresses. No problem that many or most won't exist, they just bounce. Any that don't are thereby validated and added to their list for repeated use.

    If you have the means, check for email sent to non-existent users email addresses at your domain, you'll find there there's plenty for all sorts of made up users that you never gave to anyone.
  • Reply 3 of 16
    jlanddjlandd Posts: 873member


       I have a Dropbox account linked to an email created just for such occasions (NOT gmail).  It's used for a handful of other services as well and never sees much spam and never had a phishing email in a year and a half.   Barely ever anything there except what's supposed to be.  Google, Facebook and Yahoo make any DropBox security issues look like peanuts.  

  • Reply 4 of 16
    poochpooch Posts: 768member
    I understood spammers make up email addresses. No problem that many or most won't exist, they just bounce. Any that don't are thereby validated and added to their list for repeated use.

    If you have the means, check for email sent to non-existent users email addresses at your domain, you'll find there there's plenty for all sorts of made up users that you never gave to anyone.

    yes they do make them up/guess them, and i look at my mail server logs all the time and can see the rejects. the email addresses i provide to vendors are in the form of some_long_random_string@some_random_subdomain.example.com, the email address is the only address in that subdomain, and so it would take quite a bit of guessing to guess the addresses. i've been running my own mail and dns servers for over a decade now and my scheme has served me very well in preventing unwanted email. as a matter of fact, the only vendor related spam i've received has been when there's been a security breach at a vendor ... it started with ameritrade in 2007 and there have been a couple every year since then.

    i don't believe it's a good guesser that caused me to start getting spam at this address, i believe it's a dropbox security issue.
  • Reply 5 of 16
    mstonemstone Posts: 11,510member

    Quote:

    Originally Posted by Pooch View Post



    i don't believe it's a good guesser that caused me to start getting spam at this address, i believe it's a dropbox security issue.


    My primary email address has been on the Internet since 1994. I never get spam. No one at our company gets any spam because we use a commercial spam filtering company, MX Logic. We have our own DNS and mail server but the MX records point to mxlogic.com. They filter it and send back to us. The firewall only receives SMTP from them.


     


    Much easier than than trying to manage it yourself.

  • Reply 6 of 16
    solipsismxsolipsismx Posts: 19,566member
    pooch wrote: »
    yes they do make them up/guess them, and i look at my mail server logs all the time and can see the rejects. the email addresses i provide to vendors are in the form of some_long_random_string@some_random_subdomain.example.com, the email address is the only address in that subdomain, and so it would take quite a bit of guessing to guess the addresses. i've been running my own mail and dns servers for over a decade now and my scheme has served me very well in preventing unwanted email. as a matter of fact, the only vendor related spam i've received has been when there's been a security breach at a vendor ... it started with ameritrade in 2007 and there have been a couple every year since then.

    i don't believe it's a good guesser that caused me to start getting spam at this address, i believe it's a dropbox security issue.

    Based on this and your previous post I am inclined to agree with you. I personally don't want to manage my own mail server (just signed up for paid email for a domain through Google Apps, as a matter of fact) or manage that many addresses but I do use the plus (+) sign for sub-addressing in most sites I sign up for as detailed in RFC 5233.

    If you run your mail server I assume you are familiar with it but also assume most aren't so I'll be verbose for the benefit of other readers.

    "Subaddressing is the practice of augmenting the local-part of an [RFC2822] address with some 'detail' information in order to give some extra meaning to that address. One common way of encoding 'detail' information into the local-part is to add a 'separator character sequence', such as "+", to form a boundary between the 'user' (original local-part) and 'detail' sub-parts of the address, much like the "@" character forms the boundary between the local-part and domain.

    A user could then sign up for, say, AppleInsider as solipsismx+ai@me.com and would get mail from that address delivered to their solipsismx@me.com account. This method does work with iCloud, Gmail, and Yahoo. This does not work with Windows Live Hotmail.


    Now, a savvy spammer or company that wants to sell your data could consider this — especially if it becomes popular — and write a simple script to remove all text between the plus (+) and ampersand (@) signs, including the plus (+) sign before sending out the mail.

    Since it's the receiving mail server that has to process the email I've yet to see any issues with this character and mail being sent out. Since there is an RFC that allow for the plus (+) sign to be used with an email it's unlikely that a site like Dropbox or AI would disallow that character from being used when you create an account. If they do, that could be a red flag.



    PS: The above example is not my actual email address.
  • Reply 7 of 16
    poochpooch Posts: 768member
    mstone wrote: »
    My primary email address has been on the Internet since 1994. I never get spam. No one at our company gets any spam because we use a commercial spam filtering company, MX Logic. We have our own DNS and mail server but the MX records point to mxlogic.com. They filter it and send back to us. The firewall only receives SMTP from them.

    Much easier than than trying to manage it yourself.

    it's not the spam that's giving me grief, i can handle that easy-peasy. the spam is just a symptom of a larger problem. it's dropbox's unresponsiveness and unwillingness to acknowledge an issue that is causing the grief.
  • Reply 8 of 16
    mstonemstone Posts: 11,510member

    Quote:

    Originally Posted by SolipsismX View Post






    much like the "@" character forms the boundary between the local-part and domain.



    I just wish they could figure out how to fix the domain address.


     


    You know how in the US they refer to the date as MM/DD/YYYY when in the rest of the world it is DD/MM/YYYY. At least that makes some sense since it goes from smaller increment to larger, however it probably should be YYYY/MM/DD like in computer systems. But when domain names were invented they were expressed by subdomain.domain.tld when actually they would be far more logical if they were constructed in reverse as tld.domain.subdomain so that things could be sorted alphabetically. That is why you see it in bash commands for example com.apple.bluetooth.plist. They had the chance to fix it before the opposite wrong format became so widespread that it would disrupt the Internet to change it.


     


    in your example, com.me.solipsismx.mail would be your email address. Organized from general to specific would be better than the inverse but it will probably never happen.

  • Reply 9 of 16
    solipsismxsolipsismx Posts: 19,566member
    mstone wrote: »
    I just wish they could figure out how to fix the domain address.

    You know how in the US they refer to the date as MM/DD/YYYY when in the rest of the world it is DD/MM/YYYY. At least that makes some sense since it goes from smaller increment to larger, however it probably should be YYYY/MM/DD like in computer systems. But when domain names were invented they were expressed by subdomain.domain.tld when actually they would be far more logical if they were constructed in reverse as tld.domain.subdomain so that things could be sorted alphabetically. That is why you see it in bash commands for example com.apple.bluetooth.plist. They had the chance to fix it before the opposite wrong format became so widespread that it would disrupt the Internet to change it.

    in your example, com.me@SolipsismX would be your email or perhaps better still com.me.solipsism.mail. Organized from general to specific would be better than the inverse but it will probably never happen.

    Yeah, it's not going to happen. It's far too entrenched for that.

    I do use the logical dating system you mention above and have gotten into the habit using a three letter month for anything that doesn't require me to use a numeral. For example, if I were to sign a document today I would date it as 12-MAR-2013. Not really a big deal within the US as we become more interconnected it could help alleviate some ambiguity.
  • Reply 10 of 16
    poochpooch Posts: 768member
    solipsismx wrote: »
    ... but I do use the plus (+) sign for sub-addressing in most sites I sign up for as detailed in RFC 5233. ...

    [subaddressing post left out for brevity]




    thanks. great post.
  • Reply 11 of 16
    mstonemstone Posts: 11,510member

    Quote:

    Originally Posted by SolipsismX View Post




    if I were to sign a document today I would date it as 12-MAR-2013. 



    This Friday if I have any documents to sign I think I'll use 'Ides of March 2013'

  • Reply 12 of 16
    solipsismxsolipsismx Posts: 19,566member
    mstone wrote: »
    This Friday if I have any documents to sign I think I'll use 'Ides of March 2013'

    Great segue for me to introduce another off topic discussion. :D

    "The Romans did not number days of a month sequentially from the first through the last day. Instead, they counted back from three fixed points of the month: the Nones (5th or 7th, depending on the length of the month), the Ides (13th or 15th), and the Kalends (1st) of the following month. The Ides occurred near the midpoint, on the 13th for most months, but on the 15th for March, May, July, and October. The Ides were supposed to be determined by the full moon, reflecting the lunar origin of the Roman calendar. On the earliest calendar, the Ides of March would have been the first full moon of the new year.


    This next one will have context when you consider the severely unrealized fact that March used to be the 1st month of the year as can be deduced by February having less days and getting the leap year day appended to it, and that the 9th and 10th months of the current Roman calendar contain the combining forms of sept- and oct- which we know as meaning 7 and 8, respectively.

    "In addition to the monthly sacrifice, the Ides of March was also the occasion of the Feast of Anna Perenna, a goddess of the year whose festival originally concluded the ceremonies of the new year. The day was enthusiastically celebrated among the common people with picnics, drinking, and revelry. One source from late antiquity also places the Mamuralia on the Ides of March. This observance, which has aspects of scapegoat or ancient Greek pharmakos ritual, involved beating an old man dressed in animal skins and perhaps driving him from the city. The ritual may have been a new year festival representing the expulsion of the old year."




    PS: I really threw this thread off the rails, but in my defense it really wasn't going anywhere.
  • Reply 13 of 16
    mstonemstone Posts: 11,510member

    Quote:

    Originally Posted by SolipsismX View Post




    PS: I really threw this thread off the rails, but in my defense it really wasn't going anywhere.



    I suppose I'd have to take some of the blame for that as well. image


     


    Sorry Jeopardy is on, gotta go!

  • Reply 14 of 16
    dickprinterdickprinter Posts: 1,060member

    Quote:

    Originally Posted by SolipsismX View Post







    PS: The above example is not my actual email address.


     


    Dang it, I had a male enhancement supplement email composed and was ready to hit 'SEND'. image

  • Reply 15 of 16
    srangersranger Posts: 473member


    I really like DropBox. I use it al fo the time. The Apply Could is more or less worthless to me since it cant be used effectively on non-apple hardware...


     


    Apple needs to understand that people have to use PC's for most work situations....


     


    Because of that I am forced to use Google for Contacts/Calendar and DropBox for file sharing....  Rarely use iCoud for anything...

  • Reply 16 of 16
    ankleskaterankleskater Posts: 1,287member

    Quote:

    Originally Posted by Dickprinter View Post


     


    Dang it, I had a male enhancement supplement email composed and was ready to hit 'SEND'. image





    A male enhancement supplement from Dickprinter? Rather appropriate ...

Sign In or Register to comment.