I run a similar service, SSL is available to everyone right now, though it defaults to plain HTTP.

Your suggestion is actually what I have in the works, SSL by default for everything premium users touch (and the files they share).

Not sure whether the site you run is localhostr.com (from your profile) or not, but just wanted to tell you that Malwarebytes blocked the site from loading on my PC since they consider the site a potential threat. Not sure what metric they used to determine that, but just wanted to let you know in case it's something you encounter with other users or potential users.

Thanks, I've been in contact with them about it, but they have been slow to respond. We run multiple virus scans against uploaded content, don't allow hotlinking of non-image content and actively remove any malware found.

Edit: Just received a response to a PM, we're no longer on their shitlist :)

They said: "The whole Droplr platform runs on HTTPS. That means when you upload a file, note or shorten a link via any of the apps (Windows, Mac or iPhone), it sends the file over HTTPS."

Yes, they said that. And if you continued reading, you'd see that the OP knew this was not the case. Eventually, they too understood, and apparently fixed it.

zwass, I'm not sure why you're using that tone to reply to me. It seems you're assuming that my reply was made AFTER they posted the fix. In fact I had read the thread until the end before I posted. The fix came after my comment.

Anyway, I still stand by it, in my reply to the previous comment that maybe the user had misunderstood what they meant by security, and I backed my argument with the words of the service provider's representative.