Hey, would gladly welcome the project, but I want to point out that this is the /c/selfhosted community - so neat as a public service, but this is the wrong community.
Once you are ready to post the code / set this up for self-hosting, please feel free to repost.
Until then, I'll be locking the post.
Okay, but where is the git page to self-host it?
Not gonna lie, this is super, super suspicious.
The reason stated isn’t even something that would legitimately prevent sharing the source.
Hard pass. Honestly this’ll taint my feelings going forward as well.
Then how can we self-host it?
Questions:
Encryption: Is there any? I see that there is a password option, but does that lock the file or is that just to access the file itself.
Deletion: I see there are options related to the time the file can exist, but what are my guarantees that the file indeed will be deleted.
Selfhosting: Is this a venture you are offering to the public, or will there be an option to selfhost?
Please understand, I'm not trying to shit on your project. However, if there is no encryption, and no real guarantee the file will self destruct, I'd be hard pressed to use your service, unless it has a selfhosted option. It does look like there are some good options. I like the ability to tag a note for the recipients. The tor option is good too. Looks like you've put some time in on it. Polish it up, get some encryption options, and release the code on Github or equal so everyone view it and can make up their mind to use or not.
Thank you for sharing.
Hi, thanks for the comment. Let me answer your questions (and be 100% honest)
Regarding encryption: the password simply locks access to the file it does not encrypt its contents. And no, there is no encryption at rest the files remain on the disk exactly as they are.
The reason, to be honest is a security trade-off true end-to-end encryption means the server only sees encrypted data blocks which prevents me from scanning uploaded files for known CSAM and malware.
On an open and anonymous hosting service, I didn’t want to be in the dark about this. So it’s really a choice between two options, and I chose to keep the ability to scan files.
(+ incidentally, in the absence of any regulation, I could face some pretty serious legal trouble if someone decided to upload CSAM, malware, or any other illegal content)
Self-hosting: I am currently taking the necessary steps to publish the entire source code within a week, but for now, this is a public service.
I realize that my claims are just claims without any proof (since the source code isn’t open yet, and that’s totally understandable I would have done the same)
Awesome. I look forward to further iterations.
Also this has nothing to do with self hosting.
Make it open source or don't make it at all.