Sharing of infected files

In my last post I noted how Office 365 prevents you from uploading infected files. I got to wondering what happens when the other file sharing services try and share an infected file.


If I try and attach an infected file directly from my local machine to an email in Google Apps it is detected as shown above, which is good, and prevents that file being attached.


But since I can also attach from Google Drive as well, I can attach the infected file (since I can upload into Google Drive as my last post highlighted). This is not good.


Now you’ll see that with Google Apps the attachment is really shared via a link rather than attaching the actual file from what I see. Any email system worth its salt will detect and quarantine an attachment that contains a virus, so let’s just eliminate from our considerations. But, if instead I send a link to an infected document what happens? I know the email will reach the users (because it isn’t infected).


So here’s what the user sees. If I click the link to the file I see:


Now if I try and download I get:


That’s good, but remember here I am dealing with a .com file that includes a virus.

So let’s assume I am a little more cunning in my attempts to infect a user I place the infected file inside a ZIP archive. What happens?


As you see, Dropbox allows me to send a public link to the encrypted file where anyone can download it. This means that your only defence typically here is now the local anti virus software which we know all users always keep up to date right? (if you believe that then you live in world of unicorns, leprechauns and perpetual rainbows). Not good!


Now if I share the same ZIP file using Google Drive and attempt to download it from the File menu.


It is blocked like before which is good, BUT look at this:


If I download it from the drop down option at the end of the file


It downloads! Not good, especially give this the default that users see when they view the link provided. I also find it strange that one way you get one result (i.e. blocked file) while the other way you don’t. Strange.

So what’s the moral here? Best bet is don’t let the file get up to file sharing platform in first place, which is why I reckon Office 365 is a much better bet when you start digging into what can happen as I have done briefly here.

All file sharing systems are not created equal.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s