Never miss an update Follow AppleInsider
Tuesday, March 12, 2013, 04:39 pm
Dropbox brings easier file sharing and notification to updated desktop client
In an update to its desktop software on Tuesday, cloud storage giant Dropbox made a number of user interface design changes to its OS X menu bar asset, allowing direct access to file sharing, recently changed files and more.
Source: Dropbox
With Dropbox 2.0 for Mac, the company further expands the capabilities of its desktop client by allowing advanced management of a user's online cloud storage from their computer. The version change offers a completely redesigned drop-down menu with advanced UI integration which supports real time notifications of invitations, shared folder updates and links, which are displayed in the Dropbox menu bar.
Perhaps the most welcome enhancement is the ability to generate public links to shared documents without having to find the file in the Dropbox folder. It appears that the functionality applies only to recently changed items, itself another new feature, but the new system is a step in the right direction.
Version 2.0 also lets users keep track of changes to their shared folders, links or albums from the drop-down menu. Notifications of incoming invites to shared folders are pushed immediately to the menu bar for quick acceptance or denial, and users can click on links directly from the menu to be taken to the linked file or folder.
Rounding out the new feature set are two buttons at the top of the menu that direct users to their desktop Dropbox folder and to the Dropbox website. The information provided by the previous version's drop-down, such as space remaining and preferences, has been relegated to a settings icon located at the bottom right of the newly designed pane.
Dropbox 2.0 is fully compatible with the company recently updated iOS app, including push notifications. The new desktop version can be downloaded directly from the Dropbox website.
On Topic: General
- Google engineers talk fragmentation, how to make Android work for emerging markets
- Editorial: Apple's billions are building an empire for the future
- Review: AL13 raises the bar for iPhone bumper design
- Song skipping feature in Apple's 'iRadio' reportedly holding up Sony deal
- Music service's structure, plus Apple's culture, holding up 'iRadio' service
Previous Comments View All
I understood spammers make up email addresses. No problem that many or most won't exist, they just bounce. Any that don't are thereby validated and added to their list for repeated use.
If you have the means, check for email sent to non-existent users email addresses at your domain, you'll find there there's plenty for all sorts of made up users that you never gave to anyone.
I have a Dropbox account linked to an email created just for such occasions (NOT gmail). It's used for a handful of other services as well and never sees much spam and never had a phishing email in a year and a half. Barely ever anything there except what's supposed to be. Google, Facebook and Yahoo make any DropBox security issues look like peanuts.
Quote:
Originally Posted by dangermouse
I understood spammers make up email addresses. No problem that many or most won't exist, they just bounce. Any that don't are thereby validated and added to their list for repeated use.
If you have the means, check for email sent to non-existent users email addresses at your domain, you'll find there there's plenty for all sorts of made up users that you never gave to anyone.
I understood spammers make up email addresses. No problem that many or most won't exist, they just bounce. Any that don't are thereby validated and added to their list for repeated use.
If you have the means, check for email sent to non-existent users email addresses at your domain, you'll find there there's plenty for all sorts of made up users that you never gave to anyone.
yes they do make them up/guess them, and i look at my mail server logs all the time and can see the rejects. the email addresses i provide to vendors are in the form of some_long_random_string@some_random_subdomain.example.com, the email address is the only address in that subdomain, and so it would take quite a bit of guessing to guess the addresses. i've been running my own mail and dns servers for over a decade now and my scheme has served me very well in preventing unwanted email. as a matter of fact, the only vendor related spam i've received has been when there's been a security breach at a vendor ... it started with ameritrade in 2007 and there have been a couple every year since then.
i don't believe it's a good guesser that caused me to start getting spam at this address, i believe it's a dropbox security issue.
Quote:
Originally Posted by Pooch 
i don't believe it's a good guesser that caused me to start getting spam at this address, i believe it's a dropbox security issue.
i don't believe it's a good guesser that caused me to start getting spam at this address, i believe it's a dropbox security issue.
My primary email address has been on the Internet since 1994. I never get spam. No one at our company gets any spam because we use a commercial spam filtering company, MX Logic. We have our own DNS and mail server but the MX records point to mxlogic.com. They filter it and send back to us. The firewall only receives SMTP from them.
Much easier than than trying to manage it yourself.
Quote:
Originally Posted by Pooch
yes they do make them up/guess them, and i look at my mail server logs all the time and can see the rejects. the email addresses i provide to vendors are in the form of some_long_random_string@some_random_subdomain.example.com, the email address is the only address in that subdomain, and so it would take quite a bit of guessing to guess the addresses. i've been running my own mail and dns servers for over a decade now and my scheme has served me very well in preventing unwanted email. as a matter of fact, the only vendor related spam i've received has been when there's been a security breach at a vendor ... it started with ameritrade in 2007 and there have been a couple every year since then.
i don't believe it's a good guesser that caused me to start getting spam at this address, i believe it's a dropbox security issue.
yes they do make them up/guess them, and i look at my mail server logs all the time and can see the rejects. the email addresses i provide to vendors are in the form of some_long_random_string@some_random_subdomain.example.com, the email address is the only address in that subdomain, and so it would take quite a bit of guessing to guess the addresses. i've been running my own mail and dns servers for over a decade now and my scheme has served me very well in preventing unwanted email. as a matter of fact, the only vendor related spam i've received has been when there's been a security breach at a vendor ... it started with ameritrade in 2007 and there have been a couple every year since then.
i don't believe it's a good guesser that caused me to start getting spam at this address, i believe it's a dropbox security issue.
Based on this and your previous post I am inclined to agree with you. I personally don't want to manage my own mail server (just signed up for paid email for a domain through Google Apps, as a matter of fact) or manage that many addresses but I do use the plus (+) sign for sub-addressing in most sites I sign up for as detailed in RFC 5233.
If you run your mail server I assume you are familiar with it but also assume most aren't so I'll be verbose for the benefit of other readers.
"Subaddressing is the practice of augmenting the local-part of an [RFC2822] address with some 'detail' information in order to give some extra meaning to that address. One common way of encoding 'detail' information into the local-part is to add a 'separator character sequence', such as "+", to form a boundary between the 'user' (original local-part) and 'detail' sub-parts of the address, much like the "@" character forms the boundary between the local-part and domain.
A user could then sign up for, say, AppleInsider as solipsismx+ai@me.com and would get mail from that address delivered to their solipsismx@me.com account. This method does work with iCloud, Gmail, and Yahoo. This does not work with Windows Live Hotmail.
http://en.wikipedia.org/wiki/Email_address#Address_tags
Now, a savvy spammer or company that wants to sell your data could consider this -- especially if it becomes popular -- and write a simple script to remove all text between the plus (+) and ampersand (@) signs, including the plus (+) sign before sending out the mail.
Since it's the receiving mail server that has to process the email I've yet to see any issues with this character and mail being sent out. Since there is an RFC that allow for the plus (+) sign to be used with an email it's unlikely that a site like Dropbox or AI would disallow that character from being used when you create an account. If they do, that could be a red flag.
PS: The above example is not my actual email address.
Quote:
Originally Posted by mstone
My primary email address has been on the Internet since 1994. I never get spam. No one at our company gets any spam because we use a commercial spam filtering company, MX Logic. We have our own DNS and mail server but the MX records point to mxlogic.com. They filter it and send back to us. The firewall only receives SMTP from them.
Much easier than than trying to manage it yourself.
My primary email address has been on the Internet since 1994. I never get spam. No one at our company gets any spam because we use a commercial spam filtering company, MX Logic. We have our own DNS and mail server but the MX records point to mxlogic.com. They filter it and send back to us. The firewall only receives SMTP from them.
Much easier than than trying to manage it yourself.
it's not the spam that's giving me grief, i can handle that easy-peasy. the spam is just a symptom of a larger problem. it's dropbox's unresponsiveness and unwillingness to acknowledge an issue that is causing the grief.
Quote:
Originally Posted by SolipsismX
much like the "@" character forms the boundary between the local-part and domain.
much like the "@" character forms the boundary between the local-part and domain.
I just wish they could figure out how to fix the domain address.
You know how in the US they refer to the date as MM/DD/YYYY when in the rest of the world it is DD/MM/YYYY. At least that makes some sense since it goes from smaller increment to larger, however it probably should be YYYY/MM/DD like in computer systems. But when domain names were invented they were expressed by subdomain.domain.tld when actually they would be far more logical if they were constructed in reverse as tld.domain.subdomain so that things could be sorted alphabetically. That is why you see it in bash commands for example com.apple.bluetooth.plist. They had the chance to fix it before the opposite wrong format became so widespread that it would disrupt the Internet to change it.
in your example, com.me.solipsismx.mail would be your email address. Organized from general to specific would be better than the inverse but it will probably never happen.
Quote:
Originally Posted by mstone
I just wish they could figure out how to fix the domain address.
You know how in the US they refer to the date as MM/DD/YYYY when in the rest of the world it is DD/MM/YYYY. At least that makes some sense since it goes from smaller increment to larger, however it probably should be YYYY/MM/DD like in computer systems. But when domain names were invented they were expressed by subdomain.domain.tld when actually they would be far more logical if they were constructed in reverse as tld.domain.subdomain so that things could be sorted alphabetically. That is why you see it in bash commands for example com.apple.bluetooth.plist. They had the chance to fix it before the opposite wrong format became so widespread that it would disrupt the Internet to change it.
in your example, com.me@SolipsismX would be your email or perhaps better still com.me.solipsism.mail. Organized from general to specific would be better than the inverse but it will probably never happen.
I just wish they could figure out how to fix the domain address.
You know how in the US they refer to the date as MM/DD/YYYY when in the rest of the world it is DD/MM/YYYY. At least that makes some sense since it goes from smaller increment to larger, however it probably should be YYYY/MM/DD like in computer systems. But when domain names were invented they were expressed by subdomain.domain.tld when actually they would be far more logical if they were constructed in reverse as tld.domain.subdomain so that things could be sorted alphabetically. That is why you see it in bash commands for example com.apple.bluetooth.plist. They had the chance to fix it before the opposite wrong format became so widespread that it would disrupt the Internet to change it.
in your example, com.me@SolipsismX would be your email or perhaps better still com.me.solipsism.mail. Organized from general to specific would be better than the inverse but it will probably never happen.
Yeah, it's not going to happen. It's far too entrenched for that.
I do use the logical dating system you mention above and have gotten into the habit using a three letter month for anything that doesn't require me to use a numeral. For example, if I were to sign a document today I would date it as 12-MAR-2013. Not really a big deal within the US as we become more interconnected it could help alleviate some ambiguity.
Quote:
Originally Posted by SolipsismX
... but I do use the plus (+) sign for sub-addressing in most sites I sign up for as detailed in RFC 5233. ...
[subaddressing post left out for brevity]
... but I do use the plus (+) sign for sub-addressing in most sites I sign up for as detailed in RFC 5233. ...
[subaddressing post left out for brevity]
thanks. great post.
Latest Apple Headlines
-
Google engineers talk fragmentation, how to make Android work for emerging markets
~5 hours ago -
Editorial: Apple's billions are building an empire for the future
~8 hours ago -
Review: AL13 raises the bar for iPhone bumper design
~19 hours ago -
10M Samsung flagship phones in 28 days a 'record,' 5M iPhone 5 in 3 days 'disappointing'
~1 day ago -
Song skipping feature in Apple's 'iRadio' reportedly holding up Sony deal
~1 day ago - more...
Lowest Prices Anywhere!
| Model | Price | You Save |
|---|---|---|
| Core i5 MacBook Pros w/ Retina | ||
| 13" 2.5GHz/8GB/128GB | $1,406.48 | $292.52 |
| 13" 2.5GHz/8GB/256GB | $1,479.99 | $519.01 |
| 13" 2.5GHz/8GB/512GB | $1,699.99 | $799.01 |
| Core i7 MacBook Pros w/ Retina | ||
| 13" 2.9GHz/8GB/256GB | $1,599.99 | $599.01 |
| 13" 2.9GHz/8GB/512GB | $1,799.99 | $899.01 |
| 15" 2.3GHz/8GB/256GB | $1,899.99 | $299.01 |
| 15" 2.6GHz/8GB/512GB | $2,299.99 | $568.01 |
| 15" 2.7GHz/16GB/768GB | $2,699.99 | $499.01 |
| Model | White | Black | |
|---|---|---|---|
| iPad mini (WiFi only) | |||
| 16GB WiFi |  |
$329.99 | $329.99 |
| 32GB WiFi | |
$429.99 | $429.99 |
| 64GB WiFi | |
$529.99 | $529.99 |
| iPad mini (WiFi + 4G) | |||
 |
 |
 |
|
| 16GB 4G White | $459.99 | $459.99 | $459.99 |
| 32GB 4G White | $559.99 | $559.99 | $559.99 |
| 64GB 4G White | $659.99 | $659.99 | $659.99 |
| 16GB 4G Black | $459.99 | $459.99 | $459.99 |
| 32GB 4G Black | $559.99 | $559.99 | $559.99 |
| 64GB 4G Black | $659.99 | $659.99 | $659.99 |
dropbox. meh. yet another company not taking responsibility for their security breaches. at the very least, their email list has been compromised and they're sloughing it off as something that happened nine months ago.
whenever i establish a relationship with a vendor who requires an email address from me, i give them an email address unique to just them. i give that email address to no-one else and, in most circumstances, i will never send an email _from_ that email address.
that is exactly what i did with dropbox.
i signed up for a dropbox account almost a year ago, on march 21, 2012. i immediately received the standard "welcome" email. over the course of the next nine months i received exactly three additional marketing-type emails from them.
then i started getting spam/phishing emails. on 19-feb-2013 i received an email saying my direct deposit had been disallowed; on 26-feb-2013 i received an email indicating new security was being put in place for ACH and EFT transactions; and on both 27-feb and 28-feb-2013 i received an email asking me to join a linkedin account. all four emails were phishing emails.
since i have never shared that email address with anyone, since i had never sent any email _from_ that address, and since the emails were all phishing emails, then one of three things has happened:
- dropbox sold, gave away, or otherwise shared my information with one or more dubious with parties.
- someone hacked dropbox's systems and stole my information.
- dropbox has one or more rogue employees who is using customer information for their own benefit.
they say that it's because of a breach they had in july of 2012 but i find that hard to believe ... i don't think the spammers would wait nine months to start sending me spam, and i don't fall into either of the two categories that the dropbox blog entry says their compromised users fall into. and they say that only after weeks of badgering them to get a response.
dropbox. meh.