sending google drive links - risky?

[NomoneyNohoney]

I sometimes want to send strangers, at their request, a copy of YouTube videos, that the author has deleted, but which I have archived.
When I compose an email to them, Gmail pops up and says that the video exceeds 25mB and so will be sent as a Google Drive link.

When the video is finished loading, and I then click the link and attach it to my email, am I risking the other contents of my Google Drive being exposed?
Regarding the link I send, I approve' to anyone who has the link.'
Appreciate yr comments

[Urbandreamer]

I've never used it, not being a content creator.

But you might want to investigate Keet.

[Infrasonic]

You can have more than one Google account - so if you want one as a more isolated account with nothing on it apart from say shared YT files on it's own Google Drive you can. I view/share all my YT channels through an alternative anonymised Google account, not my main Google account which I keep 'clean'.

[Redmires]

I use Wetransfer for big files

https://wetransfer.com

Free for files up to a max of 2Gb. Upload the file, copy the link and email it to the recipient. The file stays there for 1 week then auto deletes. There's no exposure to you or your laptop.

[NomoneyNohoney]

I knew there was a reason I liked you guys!
I too have multiple Gmail accounts, thus separate Google drives. I'll just be more thoughtful about which to use with strangers.
Regarding the sending of large files, thanks : bookmarked.

[stevensfo]

I knew there was a reason I liked you guys!
I too have multiple Gmail accounts, thus separate Google drives. I'll just be more thoughtful about which to use with strangers.
Regarding the sending of large files, thanks : bookmarked.

I have about four Gmail accounts, but never been used. Whenever I changed my phone, it always insisted on a Google account, and not remembering anything about the previous one, just opened a new account.

For most things, I stick to my old Hotmail account. Anything large to send goes in the OneDrive. Then it creates a link to send to the other person. No, it doesn't give access to the rest of the OneDrive, though if it did, the person would die of boredom!


Steve

[UncleEbenezer]

I use Wetransfer for big files

https://wetransfer.com

Free for files up to a max of 2Gb. Upload the file, copy the link and email it to the recipient. The file stays there for 1 week then auto deletes. There's no exposure to you or your laptop.

That's a regular vector for malicious emails. The recipient gets the email sending them a wetransfer link, which turns out to be malicious. If they open it, they're hacked.

[edit to add] I've not personally encountered it, but I expect google drive could be used in a similar manner.

[Infrasonic]

I use Wetransfer for big files

https://wetransfer.com

Free for files up to a max of 2Gb. Upload the file, copy the link and email it to the recipient. The file stays there for 1 week then auto deletes. There's no exposure to you or your laptop.

That's a regular vector for malicious emails. The recipient gets the email sending them a wetransfer link, which turns out to be malicious. If they open it, they're hacked.

[edit to add] I've not personally encountered it, but I expect google drive could be used in a similar manner.

I've never used We Transfer but they address that very issue here...https://wetransfer.com/engineering/thre ... e-sharing/

I always open files shared or sent to me as attachments online first via the Docs/PDF viewing facility in free MS365 (AKA Office Online), with URL PDF links I have a browser extension to view them without downloading them first.

Using a dedicated free anonymised MS/Google account as a sanitised front end viewing platform can help - save to the isolated cloud drive first as a quarantine function with local sync off and use a hardened browser with minimal extensions and browser sync turned off.


I always put shared documents with editing (write) permissions onto a separate cloud account just in case third parties inadvertently pick up any nasties. Not fool proof as some sophisticated malware will lie dormant evading AV detection until it hits a local target account, but touch wood in all the years I've been doing it that way I've never got infected with malware/ransomware.

Windows security has folder protection to prevent writes to local drives without UAC permission - it does mean you have to regularly allow access via prompts to allow list apps/file writes. It will also send app files off for online analysis if you want, installing desktop Signal updates on W10 gets triggered that way every time for me, but I have the local security settings maxed out.

I'd rather be safe than sorry so put up with the slight inconvenience of UAC interrupts.

If an allow listed app get compromised via an update (hacked update server) that can evade file analysis then that would be more difficult to defend against.