So, I'm sure you all have seen this message before. It started as files uploaded by clients (either on a job posting or in messages) being blocked and >90% of the time, the file isn't at all dangerous (but just because the format of the file can contain malware, even if it doesn't).
This is, of course, frustrating for freelancers (especially when the file is on a job posting and you actually need to check the file in order to decide whether or not you would submit a proposal). Well, now you're stuck having to contact UpWork support to ask for "permission" to download the file and then wait for up to 24 hours hoping that the job posting is even still available.
I had contacted UpWork several times about this issue and suggested the following:
You can display all the warnings you want, let us go through extra steps if you have to, but for crying out loud, please add an option that allows me to download the file AT MY OWN RISK!!
It has been over a year and nothing new has happened since then. But it gets worse...
Recently (relatively speaking), they started blocking (more?) files that are uploaded by freelancers too. They block at least almost every file that is (or contains) an executable whether it's sent via messages or using "Submit work" for a milestone. Well, I'm a software developer who writes desktop (executable) software; what am I supposed to do?! Usually, my clients trust me but even if they don't, they can scan the files on their own. So, as I workaround, I started uploading the files to a cloud (e.g., Google Drive) and sharing the link with my client. Well, there's more...
More recently, they started blocking these links as well. How are we supposed to work like this? It's getting very frustrating for both freelancers and clients.
I'm not against having a security layer but there has to be an option for the freelancer/client to take control and override whatever action it decides to do, especially when that "security layer" is (seemingly) blocking more false-positives than actual threats. In other words, please do not treat us like children. Any decent web browser has a feature that blocks "suspicious" files but, at the same time, allows the user to download the file at their own risk, should they need/want to.
I'm pretty sure I'm not the only one who feels frustrated about this issue so I came to Community hoping we can make a change.
The topic is open for discussion and/or official replies from UpWork support team.
Thank you for sharing your feedback about downloading files on Upwork, I'll be sure to share this with the team.
I'm also sorry to learn that this has inconvenienced you in any way. These security measures are in place to ensure that we stay ahead malicious attacks on Upwork and its users. I hope you understand that security will remain our top priority.
Hi Avery, thanks for your reply!
These security measures are in place to ensure that we stay ahead malicious attacks on Upwork and its users. I hope you understand that security will remain our top priority.
Like I said in the post: "I'm not against having a security layer". Making security one's top priority hardly equals (or justifies) making an essential feature almost completely unusable in certain (yet vital) situations. Again, as I said in the post:
..but there has to be an option for the freelancer/client to take control and override whatever action it decides to do, especially when that "security layer" is (seemingly) blocking more false-positives than actual threats.
Keep the security measures, display all the warnings and disclaimers you like, even force the user to use a checkbox stating that it'll be entirely their responsibility but please provide an option to download the files at one's own risk. I honestly don't understand how that has not been common sense to you (the concerned team, not you personally)!