this post was submitted on 05 Nov 2024
74 points (97.4% liked)

Open Source

31031 readers
465 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago
MODERATORS
Cloak@lemmy.ml
kevincox@lemmy.ml
CrypticCoffee@lemmy.ml
Lettuceeatlettuce@lemmy.ml
74
Send: Share Files Safely with This Open-Source Successor Of Firefox Send(Firefox Send Fork) (techwavearena.com)
submitted 11 hours ago* (last edited 11 hours ago) by dl007@lemmy.ml to c/opensource@lemmy.ml
10 comments fedilink hide all child comments
top 10 comments
sorted by: hot top controversial new old
[–] pyre@lemmy.world 13 points 6 hours ago (1 children)

great name if you hate the idea of people searching for it.

[–] Kelly@lemmy.world 1 points 5 hours ago

I this is the most effective search I found find:

https://www.google.com/search?q="Mozilla's+Firefox+Send"

[–] peregus@lemmy.world 7 points 10 hours ago (3 children)

Send lets you share files with end-to-end encryption

How is this possible if the only thing that is shared between sender and receiver is just a link (that is provided by the website)?

How can we trust https://send.vis.ee/? Who are they?

[–] RmDebArc_5@sh.itjust.works 12 points 9 hours ago (1 children)

How it works: I don’t know about this service in particular, but usually the shared contains the encryption key so like this: example.com/files/file_id/encryption_key or something similar

As for trust: This appears to be a individual, so you will have to just trust it when using the public instance. However, since it is FOSS, you can audit the code and spin up your own instance

[–] halm@leminal.space 4 points 7 hours ago* (last edited 7 hours ago)

spin up your own instance

Absolutely. If you're at all worried about sending files through third party sites, set up your own. Provided you trust your own security skills, of course.

I would certainly be more interested in having an install under my own domain than using some rando's that I don't know.

[–] chebra@mstdn.io 4 points 9 hours ago (1 children)

@peregus @dl007

Wiki End-to-end encryption:
> The messages are encrypted by the sender but the third party does not have a means to decrypt them, and stores them encrypted. The recipients retrieve the encrypted data and decrypt it themselves. Because no third parties can decipher the data being communicated or stored, for example, companies that provide end-to-end encryption are unable to hand over texts of their customers' messages to the authorities.

You don't have to trust the server.

[–] jwmgregory@lemmy.dbzer0.com 2 points 7 hours ago* (last edited 7 hours ago)

that still isn’t an explanation of how the server supposedly “does not have the means to decrypt them [the messages]”, which isn’t me saying it’s impossible. i’m well aware of possible cryptographic solutions here. but, it isn’t wrong to be sus of this application until the organization/developers have demonstrated a degree of trustworthiness. i honestly don’t see why you would use this over just encrypting and transfering the data yourself using more traditional methods that involve the minimum number of parties. i might just be ignorant of this project, but i’m weary of it until i have a chance for further investigation

[–] redxef@feddit.org 2 points 9 hours ago

The fragment of a URL is not sent to the server, so that's where such platforms usually store the key. That's also the way cryptpad does it. You can thus share the URL and with it the key.

Of course, you still need to trust the platform. The sourcecode link at the bottom of the page links to https://github.com/timvisee/send who forked from mozilla/send and links back to the web page.

[–] jjlinux@lemmy.ml 3 points 4 hours ago

This is cool. If you're worried about the safety on their instance, spin your own. They have a very clear and simple docker way to do just that.

[–] 7eter@feddit.org 2 points 6 hours ago

Does it already integrate with Thunderbird?