A. T2BOX, Tokyo Tech’s file sharing system, was created with the aim of suppressing the use of email attachments for the purpose of file transfer.
- Users of T2BOX should be aware that, because the system is intended only to provide temporary storage of shared files, it does not guarantee file protection. Users are advised to backup files onto their own computers.
- All users of a box are authorized to overwrite and delete uploaded files. For this reason, box administrators should limit the users who can access their box.
- Recovery of boxes that have reached their expiration date will not be possible. Box users should make sure to download necessary files before the expiration date.
- The T2BOX system may delete files that are judged to contain illegal content.
Q. Can I create a download-only box page?
A. It is possible as long as it is by file.
After creating a box page and uploading files as usual, if you look at the contents from the admin page, you will see a "Display Link" button for each file. When you click it, you will see the URL under the file name. From the web page at this URL, you can only download the corresponding file. The box administrator can send the URL of the file to users by e-mail or other means, so that the users can only download the file.
Q. Can I create an upload-only box page?
A. It can be created. Please refer to the following for the appropriate restrictions.
By prohibiting "delete/overwrite" when creating a box, users will not be able to change the file once uploaded. For example, if you're preparing materials for a meeting agenda and asking participants to upload their comments, this setting suits the situation. Meeting materials are not accidentally (intentionally) altered. On the other hand, participants can upload their files. Note that all uploaded files are viewable in this setting.
It is also possible to prohibit the viewing of uploaded files by prohibiting "download" as well as "delete/overwrite". The admin page allows you to view, modify, and delete files, so it's a good place to do this, for example, if you're collecting survey files. However, since the name of the file can be seen by other users even if the contents of the file cannot be read, please be careful not to include information that should not be shared among users, such as personal information.
Q. Is it acceptable to use T2BOX for collecting submissions?
A. Yes, as long as those who submit documents understand that all the uploaded files can be browsed, overwritten, and deleted by others who have access to the box. Submission deadlines should be set to the date prior to some days before the boxes expire. Submitters should also be notified of these deadlines
Q. I cannot turn off the password requirement setting when creating a box.
A. If password protection is not selected, access to a box must be restricted through authorized domains and IP addresses. Try registering domains and IP addresses whose access is to be authorized.
Q. How do I write authorized domain names and IP addresses? Can I use wildcard characters ?
A. Partial domains such as “.titech.ac.jp” or “.gsic.titech.ac.jp” may be used to specify authorized access. If domain names are to be used, the IP addresses of the computers that are to gain access to a box must be registered on a reserve DNS server . If you are unsure as to whether this is the case, please specify authorized access using IP addresses.
When entering IP addresses, their netmask must also be indicated with a network prefix. The netmask must be specified using a number between 16 and 32, and must be appended to a network prefix after “/” (e.g., 131.112.0.0/16). If only an IP address is given, a netmask of “/32” will be appended automatically.
Wildcard characters will be accepted but not recognized by the system.Domain name authorization should only be made by users with knowledge of the DNS and netmask. Users who are not familiar with these terms should use password protection instead.
Q. I applied domain name restrictions to my box and have since found that computers from these domains are unable to gain access. Error messages appear instead.
A. Try restricting access by using IP addresses instead. Alternatively, try setting a password.
There is technological complexity involved in restricting access using domain names. If the IP addresses of the domain names are not registered on a reverse DNS server, this type of authorization will not work properly.
Q. I received an email message from T2BOX with a URL link. Is it safe to access the link?
A. Always remember to check the legitimacy of the domain name before accessing any links.
T2BOX’s website has a domain name of “t2box.gsic.titech.ac.jp.” As its name suggests, the site is built under the “titech.ac.jp” domain, which means that the site belongs to the Institute.
Q. Is it possible to change the expiration date, access password, and authorization settings after I have created a box?
A. No. If settings need to be changed, create a new box.
Q. I forgot the access password of a box that I created.
A. When you created the box, you should have received an email message that contained its access password. If you have lost the message, try creating a new box with a new password. Passwords cannot be reset or recovered.
Q. I cannot open a Word/Excel file that I downloaded from a box onto my smartphone/tablet.
A. The problem has to do with your smartphone/tablet. Try converting the file to a PDF.
Q. Is there a size limit to the files that can be uploaded?
A. A file size of up to 2 GB is permitted. If you find that a timeout occurs when transferring files, try compressing or splitting them.
Q. I want to store files for long periods of time. Are there any plans to allow that?
A. No. The T2BOX system was introduced to discourage the use of email attachments for sharing files.
Email-based cyber attacks of various forms are rife and can pose a serious threat. It is hoped that by providing an alternative means of sharing files, the Institute can reduce the risk of such attacks. Long-term storage of files is outside the scope of the system and is also considered undesirable security-wise. All uploaded files in a box are deleted after its expiration date.
Q. What measures are taken against system failures?
A. Users of T2BOX should be aware that the system is intended as a substitute for file sharing via email attachments and therefore does not have a robust data protection mechanism in place. (Installing such a mechanism would require a contractor having to maintain and protect the system.) T2BOX does, however, have a parallel operating system running to safeguard against system failures. This parallel system may be accessed at https://t2box2.gsic.titech.ac.jp. Users should note that the two systems do not have synchronized stored data.
Q. Who can I contact to report a bug or request additional functions?
A. For bug reports and requests, contact t2box@cert.titech.ac.jp.
A system update is due at the end of AY 2016, which will reflect the feedback received from the Institute community. Since T2BOX is designed to be a very simple system not requiring user management, the planned update will involve a minimal amount of additional functions and will focus on improved usability and security of the system.
Others
Currently we have confirmed that MS Edge 42 or later may malfunction. In case of malfunction, there is a report that solves the problem by selecting "Clear IE Setting" from "Advanced" from the Internet option of IE.