You could eather host it yourself or use e.g. https://psono.pw, a free hosted instance of Psono. In regards of trust. Psono is audited every year and the company behind it is ISO27001 certified.
nginx with a simple auth username/password is what I use for non technical people. For some of my lawyers I managed to get them to use SFTP with WinSCP so we could send things back and forth for edits. Using nginx I keep files off commercial leaky spying AI infected platforms that make pinky-promise lies.
Love the self-hosted approach. Pinky-promise lies is exactly my concern with most services. Setting up nginx is more than my parents could handle though. Curious if there is something in between - no third party data access but also no server to maintain?
Setting up nginx is more than my parents could handle though.
The idea in this case would be that case is you are hosting the files and setting up nginx. They could send files back if your web server has an upload interface or they could send files back using SFTP to a chroot sftp-only account. Set up a profile in WinSCP for them. Make a few screen-shots in case they forget. It can be made one-click to connect and one click to sync files.
Signal is almost the only thing that I strongly trust.
Originally set it up to discuss patent stuff which had to be kept pretty secret, stayed for the lolz.
For small but sensitive items of data, such as bank details, I split over a couple of channels, eg SMS and email, to make it harder for any one bad actor to see all parts.
The split channel approach is clever, never thought of that. Do you find people actually follow through with the second channel or do they just reply what's the code?" in the same thread?
Simple and works! Though I have read that PDF passwords are surprisingly easy to crack and the file lives in their inbox forever. Guess it depends on the threat model.
Try Psono. You can share any secret via a link https://doc.psono.com/user/basic/sharing.html#with-externals...
You could eather host it yourself or use e.g. https://psono.pw, a free hosted instance of Psono. In regards of trust. Psono is audited every year and the company behind it is ISO27001 certified.
Bitwarden Send or https://1ty.me/ or similar services. Bitwarden Send can do text or files, which is nice.
For actually sending, Signal disappearing messages or phone calls for some info.
Bit warden Send looks nice but the free tier is text-only my parents needed to send a PDF. Will check if 1ty.me handles files.
Take a look at Psono. You can share any secret stored there with a link. https://doc.psono.com/user/basic/sharing.html#with-externals...
nginx with a simple auth username/password is what I use for non technical people. For some of my lawyers I managed to get them to use SFTP with WinSCP so we could send things back and forth for edits. Using nginx I keep files off commercial leaky spying AI infected platforms that make pinky-promise lies.
Love the self-hosted approach. Pinky-promise lies is exactly my concern with most services. Setting up nginx is more than my parents could handle though. Curious if there is something in between - no third party data access but also no server to maintain?
Setting up nginx is more than my parents could handle though.
The idea in this case would be that case is you are hosting the files and setting up nginx. They could send files back if your web server has an upload interface or they could send files back using SFTP to a chroot sftp-only account. Set up a profile in WinSCP for them. Make a few screen-shots in case they forget. It can be made one-click to connect and one click to sync files.
Signal is almost the only thing that I strongly trust.
Originally set it up to discuss patent stuff which had to be kept pretty secret, stayed for the lolz.
For small but sensitive items of data, such as bank details, I split over a couple of channels, eg SMS and email, to make it harder for any one bad actor to see all parts.
The split channel approach is clever, never thought of that. Do you find people actually follow through with the second channel or do they just reply what's the code?" in the same thread?
It seems to work, especially when I explain why.
password-protect PDF and then email ftw
Simple and works! Though I have read that PDF passwords are surprisingly easy to crack and the file lives in their inbox forever. Guess it depends on the threat model.
Google Drive.
Fair - it's convenient. Though after seeing how many services train AI on uploaded content, I've gotten paranoid about what I put in cloud storage.