Occasionally I need to send sensitive files to someone on the internet. I took a tip I once heard from Merlin Mann and built a script to automate this as much as possible. It requires Hazel and a cloud sharing service that syncs to your Mac. I’m using Dropbox.
The basic idea is to use Dropbox as a place to share files safely and automate the process with Hazel. We’re going to rely on long, obscure filenames along with randomly generated passwords and short availability windows to protoct our files. We can automate all of this through a couple Hazel commands and an Applescript.
The Hazel commands are set up as follows. The first one looks for any file or folder older than 7 days that is a zip archive and deletes it. This enforces our short availability window. You could make the window anything you like. The second command looks for anything that’s not a zip archive and runs the following Applescript on it.
We generate a random password with
openssl rand -base64 32 — this means we’ll get 32 random base64 characters. We also create a SHA1 hash of the file to append to the filename. After that, just zip the file with the random password and put the password on the clipboard. You can do more, like generating a notification when the script is done. I have a TextExander snippet that lets you fill in the filename and grabs the password off the clipboard.
Ideally, you wouldn’t send the password along with the link to document. Try to use two different methods to notify someone where the file is located and what the password is — even if it’s just two different email accounts on a separate server.
For now this won’t work with directories because the SHA1 hash of a directory is blank. An easy way to fix that would be to zip the directory first and then get the hash and rename the zip file.