Server: Secure Drop name confusion

cc @karlitschek @jospoortvliet

Agreed. This is confusing. Anyone an idea for a better name? @jospoortvliet @jancborchardt

Thanks.

As for the potential names: "Upload Safe", "Upload Vault", "NextCloud Deposit Box"

I think the last one (or something similar) would be best, as:

• it doesn't make overly strong claims about security/privacy (let's face it, this is no SecureDrop...)
• it has the right connotations for business-oriented people, and regular Joe's/Jane's ("oh right, so that's where I drop off stuff, kinda like at the post office")

Why not just leave it as "Upload only"?

Otherwise I agree to @rysiekpl, something like "NextCloud upload/file box" would be a good idea.

something like "NextCloud upload/file box" would be a good idea.

We don't want to put Nextcloud in it, because it makes branding harder. And Nextcloud is written with lowercase c. 😉

Ah okay :smile: , but "upload box" could be used.

I agree we should change it, since the original project is mich more focused on privacy and any confusion on the user side would be quite bad here. Also out of respect for @aaronsw who initiated the project.

• File drop (as before)
• Upload-only
• Secure upload
• Upload drop
• Private drop
• Private upload
• …

What do you think @karlitschek @jospoortvliet @MorrisJobke?

• File drop (as before)

👍 ... it is already known as File drop from former press releases and (we should not underestimate this aspect) from another cloud software. Were there any reasons to replace this term, or was the intention only to emphasize the security 🤔

• Secure upload
• Private upload

...are other ways to upload files insecure or not private? 😜 Some users may think about it will make the directory more save, and they will configure every single folder as "secure upload" 😅

• Upload drop

Try to say this more than 5 times 😅 Upload drop #toungetwister

• Upload-only

We can (and maybe should) use the term "Upload-only" but I think it would be used best together with File Drop ... So, as it currently is: "File Drop (upload-only)" - I think we need a nice "trademark" like File Drop (or secure drop 😢) is, just for marketing reasons: https://nextcloud.com/secure-drop

File drop is a name used by a competitor of us - and I don't want to get in a fight with them over it. The name Secure Drop was thought off to point out that this is exactly that: a secure way to drop off files without seeing what else is in the folder. It's just one small feature, but a well fitting name.

We're not a whistle blowing platform for journalists, nor will anyone confuse us with one - we provide an alternative for google and dropbox for secure file sync and share and collaboration aiming for billions of users, not a handful.

This is like Apple Music and Apple Computers - different market.

I get that the infosec community might be aware of Secure-Drop-the-whistleblowing-platform and hey, awesome. Normal users wouldn't know what a whistleblowing platform is and while that is sad in itself (because they should care, of course) there is thus barely any chance for confusion.

I don't see the point in changing this unless somebody has really a BETTER name. None of the names above seem any better to me. And yeah, Marius is right, this is for some users/customers a major use case of Nextcloud so whatever name we come up with has to be good. Understandable, clear, marketing-able. Secure Drop is great and as I said - not confusing to normal people (whom we aim for).

With the above said, securedrop.org is a great project and I don't want us to trample over them - that's uncool. So what I'm thinking is maybe it makes sense to add a link to our secure drop page, noting "looking for the whistleblowing platform? click here"

Might be a win-win for both, as more people find our website than theirs and spreading a bit of awareness about their project doesn't hurt...

What do you think? @rysiekpl @MorrisJobke @MariusBluem ?

noting "looking for the whistleblowing platform? click here"

Since the secure drop-page is more adressed to enterprise-customers, I don't think it is a good idea to link to whistleblowing platforms, as this is a complete different target group.

Ref.: _The Nextcloud Secure Drop feature enables hospitals, banks, notaries and government agencies to securely receive data from customers, patients, clients or partners._

@jospoortvliet

@jospoortvliet that link will not solve the problem at all.

The media will inevitably fail to make the right distinction, usually eclipsing one project behind the other somehow. Blogs will ignore the distinction, and social media will not waste space for it either when talking about these solutions. Users searching for information and help regarding one solution will keep getting results related to the other. And so on, and so forth.

Also, for a more concrete example: since we have NextCloud set-up internally, and we're setting up SecureDrop also, this will cause never ending stream of misunderstandings with our colleagues, co-workers, and partners.

Please, consider changing the name and not getting into these kinds of problems in the first place.

File drop is a name used by a competitor of us

As long as it is not trademarked, I believe _File Drop_ is the term that perfectly explains the action and what it represents. Also, there's no reason why 2 different type of SW cannot provide the same functionality.
And how else would you use a noun that describes the action of dropping a file?

@tessus we decided to call it 'secure drop' as Nextcloud is a far more secure solution and we want to emphasize that.

@rysiekpl I wrote a long reply, but when it comes to it, I think you're right and we should try and find another name. We can still change this before Nextcloud 12 comes out. I'm not very happy to go back to File Drop, trademarked or not, but it might be the best way to go after all unless someone can think of a better name...

I understand the main ideas to emphasize are:

• Box
• Secured
• Deposit
• Files
• Upload, but it may be necessary to transalte it, so the name wouldn't be universal

Ideas:

• deposit box
• databox
• data drop
• and any combination with safe or secure: safe databox, safe data drop, secure databox

Looking for these names on the web makes me realize that almost all of them are used by other actors. I don't know if they are trademaked.

It may be difficult to find a name, or a combination of names, that is not already used by somebody. The point of @tessus is right: "how else would you use a noun that describes the action of dropping a file?"

In order to make a difference: "safe file drop"? But it's a long name :(

I still think that "Deposit Box" is the right name. Perhaps "File Deposit"?

I've been thinking about this for a while now and the only logical choices are:

• File Drop
• Data Drop
• Safe Drop

File Drop: It is what it is. You drop a file. Done.
Data Drop: Can you drop a folder as well? In any case, Data Drop also works, even if you can only drop files. It's more general. A file is a form of data. Check.
Safe Drop: It is safe, even if you drop a file that already exists on the target. No data will be overwritten.

It's the same as a mail box (the ones on the street), which is basically a drop box (key drop). But you can't call it either of that.
Some would even call it a Fire & Forget solution.

Sorry @jospoortvliet, but I don't understand what you mean by _secure_ or what the word secure should mean in that context. In my opinion, this makes no sense. If the nextcloud installation doesn't use https or server side encryption, the 'Secure (File) Drop' is in fact totally insecure. So now you have a secure function that is everyhing but secure. The adjective _secure_ has very specific requirements, which only the nextcloud admin has control over and not the person who writes the software (unless you make https, server side encryption, and whatnot mandatory). Even then, what about bugs that affect security?

You can't use words like Data Vault, Upload Vault, Data Safe, File Vault, ..., because they imply that you can retrieve the data again. Also, these names are most likely product names and/or trademarked.
Words that imply that you can retrieve the file again should not be used.

File Deposit is better, but still feels not entirely right. It reminds me of depositing a cheque and in most cases one can retrieve the money again.

Therefore I'd like to circle back to the beginning. At least now you know why I think that File Drop, Data Drop, and Safe Drop, are the only logical choices.

As this issue was closed, which was the final name you agreed on?

We stay with File Drop, as mentioned in the PR #4943 which was referenced above 🙈