That opens additional way for malware find its way to non-technical user computer... Until now I could explain my granpa never to run any executables or downloads that come in emails.
I think you're opening a can of worms. The email is HTML, so it would be very hard for my granpa to verify that the link is actually to your site. As you can imagine it is very easy to make the email and site look exactly like yours, and even make the link URL itself look similar.
We're doing the downloaders because it let's us do p2p, which is how we can offer free and unlimited. It also affords end-to-end encryption, and resumable/restartable transfers.
We think we can mitigate those concerns some by code-signing the exe, having the download from https, and building a recognized brand.
Also, we're considering a feature called "Channels". After you set up a channel with your grandpa, it can be trusted. You just drag files onto your "Grandpa Channel" and they go to his HD in that channel's folder (he gets a pop up to accept/decline). This also ends up being a convenience for frequent sends because you don't have to enter your recipient's email - you just drag and drop files onto the channel and they start going.
> We think we can mitigate those concerns some by code-signing the exe, having the download from https, and building a recognized brand.
I don't see how all these resolve someone sending an email that looks exactly like yours, which links to a page that looks exactly like yours, which links to a malware executable.
Even with code-signing I wouldn't trust non-technical users to understand difference between popups, as well as resist close-all-these-annoying-popups reflex.
To make sure that the email is legitimate I'll have to either check the source, or seek in the mouse over. And after it is a "recognized brand", no one will be checking that.
I don't see how I could feel safe with executable file download links in the email. Maybe registering a scheme and sending in email a link with instruction to the file origin would be more acceptable, but that's only if the software is already installed. Ex: wirefrom://my@email.com
What about Channels? If you have your grandpa install WireOver, and you set up a channel with him, all your sends over that channel can't be faked. He gets notified via the installed tool (dialog: "Would you like to accept files from Myrth?"), not via email, so there's no longer a need for him to download an executable.
I think you're opening a can of worms. The email is HTML, so it would be very hard for my granpa to verify that the link is actually to your site. As you can imagine it is very easy to make the email and site look exactly like yours, and even make the link URL itself look similar.