Mozilla's Send is Basically the Snapchat of File Sharing

Mozilla has launched a new website that makes it really easy to send a file from one person to another. From a report: The site is called Send, and it's basically the Snapchat of file sharing: after a file has been downloaded once, it disappears for good. That might sound like a gimmick, but it underscores what the site is meant for. It's designed for quick and private sharing between two people -- not for long-term hosting or distributing files to a large group. It supports files up to 1GB, and after uploading something, it'll give you a link to send to someone else. That link will expire once they've downloaded it or once 24 hours have passed.

Terrorists!

[JonnyCalcutta]

Won't someone think of the children!

Re:Terrorists!

I'd bet people who "think of the children" would use a service like this a lot.

Re:Terrorists!

OH SNAP! (chat)

hugs and kisses,

Juan Epstein

Re:Terrorists!

[GLMDesigns]

We don't want you to think too hard about the children. Pervert.

Re:Terrorists!

Do you know what else they use?

Phones! The postal service! Roads! Aircraft! Railways! Banks!

Better shut down the entire society! Think of the children!

Re:Terrorists!

Lisa Simpson: Anything that's the "something" of the "something" isn't really the "anything" of "anything".

Re:Terrorists!

Uploading once for every download would be a gigantic pain in the ass. Standard operating procedure is to password protect a 7z/rar archive with a non-descriptive name, split to 100MB chunks or whatever the board rules say. Upload it to whatever file host works well with TOR with Javascript off and will take a few days to respond to mail, we keep recommended host lists also a mirror on a different site is recommended. Post preview + download links + password to the onion boards, some white knight will always report it - even from areas that require CP uploads, funny that - but usually we can get a few thousand downloads before it's taken down. If it's a private trade, whatever works for you - but since 99% of the ads/malware disappear when you turn off JS it's like the least of our problems. We don't care if the file hosts keep logs, those logs don't contain anything of value anyway. But hey, I love a completely ineffective waste of white knight resources so please rage all you like. I'll get the popcorn ready.

Re: Terrorists!

Don't worry, I'm sure Teresa May is already bitchin' about it and Putin will want semen samples before downloading Firefox.

I don't trust it

I don't really see the point. We have had temperately file hosting services for years. Moreover I find the fact that it requires JS and multiple 3rd party resources in order to work properly extremely annoying (all the other services that I use to share videos of my wife of do not require that).

I think that it would be better if Mozilla focused more on their important projects, such as Firefox, Servo and Rust.

Re:I don't trust it

[fisted]

I use to share videos of my wife

I really couldn't care less if you do or do not see the point, as long as you keep those videos of your wive coming.

Re:I don't trust it

[ctilsie242]

I can name a number of file sharing services, both paid and free, which offer this functionality. It is nice to have a temporary file service that is part of a web browser and that (hopefully) doesn't require a ton of signing up and such. However, I wouldn't mind Mozilla focus on core things as well. Firefox, Servo, and Rust are useful, but SeaMonkey and Thunderbird are still important, as Thunderbird is a major real cross platform MUA next to mutt.

Re:I don't trust it

[Sir+Holo]

I use to share videos of my wife

I really couldn't care less if you do or do not see the point, as long as you keep those videos of your wive coming.

Yeah. That last one was amazing! Please keep them coming.

Re:I don't trust it

Yep. I'll stick with direct peer to peer file sharing.

Re:I don't trust it

[BlueStrat]

Yep. I'll stick with direct peer to peer file sharing.

That's the entire point of services like Mozilla's "Send" and likely soon several other similar 'me too!' services suddenly being rolled out and hyped heavily by major and minor players alike; Laying the groundwork towards ultimately eliminating the capability for direct connections between regular people, making it mandatory for any data, message, etc to pass through some service's servers where it can all be slurped-up by TLAs with just a relative handful of incoming data acquisition streams while simultaneously creating streamlined legal and bureaucratic procedures and reduced red tape. And, all this with less public transparency and accountability than ever.

The new chorus will be: "You can send anything you like legally for free through $TRANSFERSERVICE, only criminals who need to hide something from authorities need a direct connection, especially using hard encryption you terrorist drug-dealing pedo opponent of the current ruling power-bloc!"

Strat

Re:I don't trust it

[slack_justyb]

but SeaMonkey and Thunderbird are still important

I hate to break it to you but Mozilla parted ways[*] with Thunderbird and SeaMonkey some time ago. The developers hired by Mozilla, mainly focus on Firefox/Rust/everything you just mentioned solely. Now that being a good thing or bad thing is, I am sure, a topic for discussion.

[*] Mozilla still proves legal advice/backing and hosting of code for the two projects. However, no Mozilla developer works on either of these projects directly (obviously there's dabbling). They are now community developed and overseen by Thunderbird Council and SeaMonkey Council respectively. Additionally, there is some leeway granted to these two projects in respect to Copyrighted material like logos and what not.

Re:I don't trust it

And this isn't the case now? Really, there aren't that many ISPs around, and except for a few (ProtonMail, etc.) that do actual encryption, all make your email and any attachments available for viewing by security agencies on presentation of a suitable request. Other than the specifically privacy-oriented services, all store your traffic unencrypted on their servers; SSL/TLS only protect it in transit. So your attachments are now available for scanning by all and sundry. If this Mozilla service actually does end-to-end encryption, that will be a selling point for those who care.

Re:I don't trust it

[BlueStrat]

And this isn't the case now? Really, there aren't that many ISPs around, and except for a few (ProtonMail, etc.) that do actual encryption, all make your email and any attachments available for viewing by security agencies on presentation of a suitable request. Other than the specifically privacy-oriented services, all store your traffic unencrypted on their servers; SSL/TLS only protect it in transit. So your attachments are now available for scanning by all and sundry. If this Mozilla service actually does end-to-end encryption, that will be a selling point for those who care.

I never said that the current situation supported or was at all friendly to the laundry-list of things you reference. I, too, would like to be able to, for example, run a small server on occasion for limited periods of time like a few hours to a week or two without having to purchase a commercial-class connection along with all the other roadblocks to casual home server use. But, there still remains a plethora of other protocols, methods and types of P2P encrypt-able data transfer/sharing & text communication outside of the few you and I have so far mentioned.

Hypothetical: Right now, I could fire up an encryption-enabled IRC chat connection directly to another individual on another continent and we could theoretically have a secure connection between the two machines.

The goal is to make it necessary, in order to connect to another regular internet user, to first connect to a "service" which then can inspect, copy/store, and possibly alter or censor any messages, data, etc, before being passed to the intended recipient. It's also one of the only ways to really reduce large-scale copyright infringement through p2p/i2p/etc sharing over the internet which is another huge motivator for TPTB.

Hasn't everyone been saying for years that they want to turn the internet into the new cable-TV where people only consume/receive data 'product', not generate or communicate it directly themselves? It's pretty much here when you can't transfer data directly & securely to another person.

Strat

Re: I don't trust it

You can securely share files with a Tox client. It behaves a lot like OpenVPN does, but also supports calling, texting, and video.

Re:I don't trust it

[JohnFen]

I, too, would like to be able to, for example, run a small server on occasion for limited periods of time like a few hours to a week or two without having to purchase a commercial-class connection

I've been running a server constantly for about 20 years now that provides a wide range of services for myself and a handful of close friends. I've been forced to use Comcast for about 10 years of that. I've never had a commercial-class connection, and it has never been an issue.

Re:I don't trust it

[BlueStrat]

I've been running a server constantly for about 20 years now that provides a wide range of services for myself and a handful of close friends. I've been forced to use Comcast for about 10 years of that. I've never had a commercial-class connection, and it has never been an issue.

I suppose it depends on where you're at and what sort of individuals are actually in charge of decisions on who to go after. Still, having to hope some office drone doesn't happen to be having a bad day when he looks over the logs showing your server activity is not a plan and is a situation ripe for selective enforcement.

Strat

Re: I don't trust it

Yeah, but nobody uses Tox. Fortunately Telegram supports files too.

Re: I don't trust it

Telegram isn't peer to peer. It runs through a third party proprietary server.

It's a trap!

Metadata.

Re:It's a trap!

Yes, they keep metadata records of every transaction including file sizes and hashes. These are available to law enforcement.

Got a problem with that?

Re: It's a trap!

Yes.

Re:It's a trap!

So, you zip your file and add some padding before sending it. Password protect it while you're at it if you really think they are going to waste cpu-cycles on extracting any archives on the fly to apply their checks. If you're really paranoid you can always pgp it.

Fat lot of good their hash and file size notations will do them.

Re:It's a trap!

Yes, they keep metadata records of every transaction including file sizes and hashes. These are available to law enforcement.

Got a problem with that?

Hell no! Fuck the plebs! *We're* in charge, here! We've dumbed them down, mind-fucked them with military psy-ops into fractured groups at each other's throats, and so-overloaded their ability to get outraged or angry about corrupt government, that we can do any-fucking-thing we want and make them hate anyone or group we wish them to!

They snivel and whine every time we destroy another civil right and/or freedom, but they always submit like the sheep they are and were trained to be. Most of them would be much more useful to the state housed in prisons and camps and used as slave labor, anyway!

Re:It's a trap!

Jared ! !
Did Steve give you permission to post that?

Re: It's a trap!

exiftool -all= [file] erases most embedded tags from images and gets rid of hardware info like cameras used and location info if you're that paranoid.

Re:It's a trap!

Jared ! !
Did Steve give you permission to post that?

Ha!

Here we see another dumbed-down drone so mind fucked it can't imagine things existing outside the scope of about ten years into the past, and is incapable of conceiving of agendas spanning decades.

"You have to understand, most of these people are not ready to be unplugged. And many of them are so inured, so hopelessly dependent on the system, that they will fight to protect it."

Oblig. xkcd

[skoskav]

https://xkcd.com/949/

I know my parents want something like this.

Re:Oblig. xkcd

Here is another you smart arse

https://xkcd.com/763/

Hey mozilla...

Please fix Firefox Developer tools. and never mind this file sharing stuff. Thnx.

Re:Hey mozilla...

Developers like coding new stuff, not fixing old stuff. BTW, this service is not like Snapchat. Snapchat deletes the photo on your phone after a few seconds. Whereas once your friend or colleague has downloaded your FF-Send file, he may or may not delete it.

Terrorists will love this service!

[140Mandak262Jamuna]

I can predict how the general public will hear the news. "Conspiracy aid for Terroriststs!". And people who normally argue, "if you outlaw guns only outlaws will have guns" will seriously take such news stories.

Re:Terrorists will love this service!

The only real terrorists are the pirates that steal files and data from companies, and then make it so that anyone can download their stolen booty.

Imagine how studios feel when movies like "Sinbad: Legend of the Seven Seas", "Mars Needs Moms", "Gigli", "Ishtar", and "Evan Almighty" are downloaded by THIEVES, and enjoyed by thieves. When you steal from movie makers, you are making Baby Jesus cry. And when Baby Jesus cries, you know you dones fucked up, nigga.

Re:Terrorists will love this service!

[postbigbang]

And it's a data exfiltration nightmare. Oh, can't attach the customer file in Outlook because it's too big. Ok, let's use THIS!!

OTOH, it does at least for now, permit those behind censorship firewalls to obtain big wads of news.... but...as you cite: Terrorists!!!

Re:Terrorists will love this service!

[flink]

Eh, the DoD has had SAFE, an equivalent service, for years now. If anyone would be worried about exfiltration, you would think it would be them.

How's that browser coming?

[xxxJonBoyxxx]

Here's an alternate idea for Mozilla:
- Fix the browser; get back to the original mission of a fast no-bloat browser
- Fire everyone but the five developers it takes to do that and donate any excess money left in the Foundation to the EFF

Re:How's that browser coming?

Fix the browser; get back to the original mission of a fast no-bloat browser

This is exactly what they're working on now. See FF 57 and the improvements they're making therein.

Re:How's that browser coming?

The browser is fine, have you tried the last version (57) ? Or you just lie to bitch about it you tool?

Re:How's that browser coming?

Unfortunately a "fast no-bloat browser" doesn't pay the bill for the Mozilla.

Re:How's that browser coming?

[Rockoon]

The browser is fine

That Chinese propaganda technique was apparently invented by Mozilla.

Re:How's that browser coming?

[Mashiki]

Mozilla is infested a lot of problems. Ranging from the "hey, my buddy needs a job -- so we'll just make a job up" type bloat. To the focus on the latest trendy social event everyone has to do something about, which will be forgotten about in 11.83 seconds. Or complete lack of organizational focus, and ignoring what users actually want out of the product.

They're effectively dead at this point, and when you hear normal people say "I regret giving them money." They have a serious problem.

Re:How's that browser coming?

[Rockoon]

To the focus on the latest trendy social event everyone has to do something about, which will be forgotten about in 11.83 seconds.

With Firefox's memory leaks, I'm pretty sure that it forgets to deallocate memory much faster than 11.83 seconds.

Re:How's that browser coming?

Unfortunately a "fast no-bloat browser" doesn't pay the bill for the Mozilla.

Contrarily to selling out to Google to help develop Chrome, and fucking Firefox up at the same time so it's not in the way anymore, losing more than two-thirds of market share since Firefox 4... Now *that* is getting one's pockets filled big time...

Re:How's that browser coming?

[Mashiki]

You're probably right. It's simply dumping it all to the page file, and aiming for 3.72GB of memory in use all by itself.

Re:How's that browser coming?

Do we have an estimate for the absolute number of users?
From the back of a napkin, maybe it's just hovered around 100 millions for a decade hence having a market share drop.
I saw it on Macs, anyway. Also seen it recently on a Windows 8.0 laptop as the only browser. Though, many people run Chrome, most on them on Windows with OEM crapware installed, and with Adobe update nags when you turn the thing on. Throwback to 2005 or Real Player days lol.

Re:How's that browser coming?

[JohnFen]

Yeah, we'll see. What I've heard from Mozilla about FF57 doesn't make it sound like they've fixed much of what they've broken.

My first thought wasn't terrorism (for once)..

[cyberchondriac]

My first concern was that it'll actually do what they say, not keep logs, etc.
What's in it for Mozilla? Corporate altruism is extremely rare, or even logical from a business standpoint.
Maybe it's providing more PR visibility for Firefox since it uses that domain name? That seems weak though.

Re:My first thought wasn't terrorism (for once)..

[Gilgaron]

The lucrative banner space for banner ads that look like Download Here buttons and give you viruses, I'd imagine.

Re:My first thought wasn't terrorism (for once)..

[skoskav]

One reason does seem to be to convert. As per https://github.com/mozilla/send/blob/master/docs/metrics.md

Are non-Firefox users converted to Firefox users?

Re:My first thought wasn't terrorism (for once)..

The fact that it would actually be a useful functionality? At the very least it would be a damned sight better than screwing around with Pocket, mobile operating systems nobody uses etc.

The drawback would be that it would make it easy to connect users to each other, but I somehow fail to see how that's worse than what AIM/ICQ and friends did decades ago.

Re:My first thought wasn't terrorism (for once)..

[CrashNBrn]

If you get the Mozilla newsletter, or have read their official blog over the last years, this isn't "new" - Mozilla regularly touts privacy-facing features.

Re:My first thought wasn't terrorism (for once)..

Im converting away... Vivaldi is working great for most things... firefox for the occassional plugin that isnt compatible.

Re:My first thought wasn't terrorism (for once)..

The mobile operating system was great, but they did a beyond stupid mistake to release the 128MB phone. Use a 128MB phone as a test bed to make it barely usable on such spec, sure (barely usable one site at a time with phone call/SMS gui etc. forced to be swapped out). The other problem is European users were waiting for the ZTE Open L and that was canceled : 2.x OS, 1GB RAM, 5" screen size, low price. Sort of an Osborne effect. Cancellation of the entire OS came soon after.

What's the bulk of smartphones today? 1GB RAM with 5" 16:9 screen around the $99 or less mark, because 1GB RAM allows it to sort of work, 5" makes it easier to use the keyboard and low price because credit cards are somewhat uncommon in Europe and I have the impression people mostly buy $100 phones (cheap enough to pay on the spot, credit cards are uncommon) or high end phones, not too many intermediary ones.
Microsoft Nokia phones were a niche of cheap phones with lightweight fast OS with not many "apps". Well, proprietary apps restricted to iPhone/Android have won (for e.g., food delivery) and this sucks balls.

I'd like to earn a few hundred $/€ by doing little Uber-like delivery jobs and what not, but I refuse to use Google Play store, Google location services so I can't work those jobs. (Though Uber-like platforms may be untrustworthy anyway). With a lack of trustworthy mobile OS, one may have to choose living in poverty to protect one's privacy.

Re:My first thought wasn't terrorism (for once)..

what kind of dumb slave uses a closed source browser?

Re:My first thought wasn't terrorism (for once)..

[JohnFen]

They're using Google f'ing analytics???

Good lord.

Re:My first thought wasn't terrorism (for once)..

[Pieroxy]

My first concern was that it'll actually do what they say, not keep logs, etc.
What's in it for Mozilla? Corporate altruism is extremely rare, or even logical from a business standpoint.
Maybe it's providing more PR visibility for Firefox since it uses that domain name? That seems weak though.

Think about Firefox - the web browser. What's in it for Mozilla?

Re:My first thought wasn't terrorism (for once)..

Mozilla are a fucking non-profit. Hardly your average corporation looking to make a buck on every business venture.

Most likely they are doing it because they think it will be good for their users and they can afford to do it. They probably hope it will increase the market share for Firefox, but that is probably a secondary consideration.

Hand wringing

[puddingebola]

The complaining about Firefox. The endless complaining about Firefox. Where did they go wrong? Was it heartbleed, OpenSSL? The rapid release schedule? Copying Chrome's appearance? Pocket? Is it possible Mozilla could turn back the clock and create a stable, slow release version of Firefox? When is the hour of the art supplies?

Re:Hand wringing

[slack_justyb]

Where did they go wrong?

Simply put. Shortly after 2007 they lost serious focus. Back then the Web as a Desktop app was being touted around like the next big thing. The idea was floated around a lot in 2005 and Microsoft began working on Silverlight, the Unspeakable Horror (Flash) began "Air", Apple built a web browser that could do it called Safari (based on WebKit, which was based on KHTML/KJS which the KDE folks were blurring the lines between web and desktop to kind of mimic IE pre-lawsuit), JavaFX 1 was also there, and so on... Everyone thought turning a website into a desktop application was a good idea. Mozilla began Prism at that time and it basically wrecked the already poorly tossed together code base. Now, mind you this. Firefox was great when the only other game in town was IE back in 2004. But even in Firefox 1.0 the code base wasn't as modular as it is today and it ran not that great. However, since the majority of the web was the Unspeakable Horror, it was hard to notice. Additionally, HTML 4.01 wasn't all that complicated and JS engines that screamed weren't a thing.

Now when Apple took KHTML and KJS in 2001 and turned it into WebKit in 2003, Google took a whole lot of flippity, flip, flip notice about how quickly Apple did a turn around on that. When Firefox 1.0 hit, there were already rumors that Google was working on their own browser. The rate at which one could take the WebKit core and whip up a browser was insane. Firefox's Netscape code base could never be modified as quickly as WebKit could and it was all the rage.

Sometime in 2005, browser in the phone was the hotness in Silicon Valley. If web as a desktop application was big, being able to move those applications into a phone was bigger. Android was brought out by Google and Apple began working on iPhone. We know where that went, but a lot of folks think that smartphones began life as a means to push apps. It wasn't. Apple, Google, and Mozilla lit a fire under the W3C's ass to start on HTML5 to replace the Unspeakable Horror and all the other Sliverlights/AIRs/FXs out there. It helped that open source was also a hotness everywhere at that time.

Anyways, I'm babbling... Point being final call on HTML5 didn't begin till 2011. By that time app developers had already chosen a winner, native API over HTML5. The dragging of their feet basically doomed HTML5 from ever taking off big. Mozilla's investment in Prism was all for not. Their code base was a mess from all the things they kept doing to get Prism, plus playing catch up to Google who by 2011 was already halfway to Firefox. Firefox 4 is commonly cited as the downfall, but they had problems long before that, it's just that 3.5 used the old base and had minor fixes, while the base for Firefox 4 was, well a cluster fuck of ideas all unguided. Firefox 4 was bad, because Mozilla pushed it out in a rush in 2011 to try and get one last gasp for Prism and to do something about Chrome's rocketing usage. Massive failure, Firefox kills Prism a few months later.

When Mozilla saw that Prism was a waste they began on their next project Firefox OS. Unsurprisingly, that just made the entire code base even worse. Mozilla kept shifting their goals and trying to work with a code base that was nowhere as nimble as WebKit. IE saw the writing on the wall and that's where we get Edge, of course, they only saw it after smacking into the wall about 800 times, but they finally got the message. Firefox 57, is the first step Mozilla is taking to redoing the base. They've redone the JS engine, they've redone the rendering, they've redone a lot of bits and pieces since Firefox 4, but Firefox 57 is a more massive shift. Firefox 57 isn't a rewrite, but it is a serious step away from the old Netscape base, well it's not really fair to call it that since between 4 and 52 they've slowly shifted into something that's 10-15% Netscape, 20% ideas from Prism, 30% ideas from Firefox OS, and the rest is random crap to just make all those

Re:Hand wringing

Ok, I'm not up to reading the entirety of that wall of text as I'm recovering from a migraine attack, but I'd like to correct you about KHTML/KJS.

The KDE people did not use it to blur the line between desktop apps and the web. Your confusion comes from the use of the Konqueror application, which was used as a "frame" if you like, which could contain various applications which would inherit the main window. These were called "Kparts". So, basically "Konqueror" was a shared window, used by the kparts for file management, web browsing or any of the other of the kparts which were available.

It was a neat trick to promote code reuse, not a trick to blur the line between some application used as a Trojan horse and the OS.

Re:Hand wringing

[JohnFen]

slack_justyb has the comprehensive answer, but here's the tl;dr: they forgot what a browser is supposed to be.

I also blame rapid release (what software has that approach not made worse?), the desire to copy Chrome, and the incredibly stupid desire to turn the browser into an operating system.

Nothing on the Internet is Ephemeral

Yeah, and we were also supposed to believe that snaps disappeared... Lo and behold the NSA gets all of them and keeps them forever, just in case.

Re:Nothing on the Internet is Ephemeral

Well, you see Mr. Retard, If it's confidential/personal/whatever, you encrypt it yourself before sharing it, obviously.

Re:Nothing on the Internet is Ephemeral

[arth1]

Well, you see Mr. Retard, If it's confidential/personal/whatever, you encrypt it yourself before sharing it, obviously.

The problem with that is that you have to use another type of service or method to share the key, in which case why not share the file too through other means?

Re:Nothing on the Internet is Ephemeral

I take it you haven't the foggiest about what PKI means?

Re:Nothing on the Internet is Ephemeral

Show me a secure way to produce a PKI keypair.

I'll wait.

Re:Nothing on the Internet is Ephemeral

Maybe I should have indicated in the previous post that I'm not the original AC, but since you managed resort to both FUD and moving the goalposts in one sentence, I'd say the onerous is on you.

Never understood why FTP didn't work like email

[jfdavis668]

With email, you send a message to someone else by uploading it to your email server. Your email server then contacts the recipient's email server, and transfers the message. The message then waits for the recipient to log in and check for email on the server, and it downloads so he can read it. With FTP, you have to upload the file to a server you both have access to. Why not use the same method as email? Upload the file to your server, and your server tracks down the recipients server and transfers the file. Never understood why FTP wasn't set up that way.

Re:Never understood why FTP didn't work like email

[omnichad]

The whole point of this is not permanently storing this on a server somewhere.

With FTP, the server of the recipient can also double as the LAN file server if you're always the recipient and never the sender. The same method as email doesn't make sense when you realize multiple people may be accessing the file on the receiving side.

Re:Never understood why FTP didn't work like email

[jfdavis668]

Then send it to several people. The server doesn't need to keep multiple copies.

Re:Never understood why FTP didn't work like email

Because it's a lot more complicated?

Re:Never understood why FTP didn't work like email

[arth1]

FTP is set up to provide a remote file system access, with directories, subdirectories and different access rights to different areas.
And it has the ability to traverse restrictive firewalls through the secondary socket used for data being set up as active (PORT) or passive (PASV). And the ability to have data servers that serve the content, while the control channel server only handles the authentication and command parsing.
What it is not intended for is security. There are add-on extensions, but it's still not a good choice.
Nor is it suited for easy configuration. The great majority of FTP servers are incorrectly set up, especially regarding firewall rules, where the admins (and I use this term loosely) do not understand the difference between incoming and outgoing ports and directions, and now FTP is somewhat special here, in that it uses two sockets, not just one, and one of them might be in the other direction and needs a reverse firewall rule.

These days, sftp has all but taken over for ftp for automated / command line use, and web based upload/download for the masses.

Re:Never understood why FTP didn't work like email

A friend wanted to send music recordings to friends, but preferably serve them - make them available to download. Sending a file through IM works but requires recipients and sender to have a chat session. (actual P2P IM is rare, but exists as well!)

We set up an ssh server on the PC desktop (residential internet) where the files were stored. a bit weird that an sftp (or scp) client gets files from an ssh server? Not weird at all but in theory there could be a "pure sftp" server for such use.

Here follows a tl;dr account :)
He wanted to really lock that ssh server down, and I agreed. For example disabling root login in ssh was deemed a bit lame, since someone might do su or sudo su, or whatever. For that matter creating a user and distributing login:password to the recipients sucks too, so we went for creating a key (I don't even try to remember if it's private key or public key since we won't remember which it is and it is unimportant beyond setting the thing up).
But with the login key method and keeping things simple, we can trivially log in to a text console and do sudo su from there. So we inquired into restricting that - there was "rssh" and another one that didn't work (maybe it wanted us to create a chroot. I know to create a chroot but have no idea what I should populate an empty one with). I think those are "login shells". But rssh was retentively anal about your configuration, if you do something too "permissive" it refuses to work and thus you log in to nowhere. I have to commend that. I spent a bit time though messing with it, and messing trying to do without it.

In the end all got sorted, working and even locked to a directory - sort of a secondary goal, as most of the time we had read-only access to the entire file system, or to the entire file system minus the main desktop user's home directory, which we could have settled on. Or maybe we did settle on that, I don't remember. It's all to easy to navigate to ".." unless this is locked down.

For the client I wanted to use filezilla but it was less than ideal and so we used portable WinSCP. It was excellent, since anyway we need to distribute the client, IP address (or dyn-dns host name) and key. So we zipped a configured WinSCP client and sent that by email! (under 10 MB). The email is an obvious weak point but as this was a very limited use and we seemed to have locked the server down and we'd spent enough time already, we were content with that.

I hope this wasn't a too big tl;dr but we spent a couple hours or slightly less messing - the router's port forwarding on non standard port was trivial. In this way I wish to illustrate how an easy "send file" method/service would be very useful, as setting up what is effectively an internet-facing file server is too much work.
I have no flame at all to make towards openssh configuration, no flame really this was just us being unfamiliar enough with using openssh-server on something else than a LAN. We didn't have to pay anything, nor rent a VPS, nor register a domain, nor require everyone to login to google or dropbox nor even require the recipients to visit google or dropbox or sharezhostfiles.ru as a "guest".

Re:Never understood why FTP didn't work like email

Considering that the default file transfer system for the average joe is e-mail, file transfer works exactly like e-mail!

Re:Never understood why FTP didn't work like email

[thegarbz]

The great majority of FTP servers are incorrectly set up, especially regarding firewall rules, where the admins (and I use this term loosely) do not understand the difference between incoming and outgoing ports and directions

I would wager that they aren't setup incorrectly because "admins" don't understand. After all "understanding" in the administration of internet servers can be faked by simply following some online guides.

The bigger problem is by having different sets of ports makes it borderline impossible to traverse NAT which would lead to a lot of systems being setup in a best effort way.

Re:Never understood why FTP didn't work like email

[arth1]

The bigger problem is by having different sets of ports makes it borderline impossible to traverse NAT which would lead to a lot of systems being setup in a best effort way.

No, they really are set up based on lack of understanding. From what I've seen, most firewalls in front of FTP servers are set up with incoming traffic to destination port 20/tcp open, which there is no excuse for whatsoever except not understanding how FTP works.

WeTransfer.com

[Sir+Holo]

So, kind of like wetransfer.com?

It does the same thing, with AES-256. Email-link or web-link. Pay for a subscription and you can have control over how long your file lives on the server.

just ONE download is a little limiting

Should have a small range, perhaps 1-30, to cover a classroom size.

Does the trailing #decryptkey in the URL not get sent to the remote web server?

Re:just ONE download is a little limiting

No. See, when YOU type #decryptkey, it shows to us as #*********

Chrome is evil

Whenever the Google search page is displayed, it pops up an annoying message box telling me to change my search engine. If Chrome is installed, will the popup go away? I won't stop using Firefox, but I might download Chrome if that would solve the problem.

This type of promotion counts as "evil" in my book, and has soured me on all things Google.

Re:Chrome is evil

There is a "YesScript" extension which is like NoScript but blacklists web sites instead of whitelisting them regarding javascript execution.

Whichever way, maybe you should visit google's search with javascript disabled?

If you wish to use a normal javascript-enabled secondary browser just for that : you might also simply use your very same Firefox. Use another instance which uses another profile with google set as the search engine (I don't know if it'll be enough). Firefox --noremote -P allows to use such a different Firefox instance. This can very much eliminate the need for Google Chrome if you do want a separate "Google" browser. E.g. if you want a separate browser with its own youtube filter bubble, or if god forbid you actually log in to google for google docs etc. you DON'T need Google Chrome for that. Secondary Firefox will do (use a different GUI theme or layout if you wish)

Don't let Zuckerberg read the headline...

[volodymyrbiryuk]

or the next Facebook/Instagram update will include said functionality +stories.

Your browser is not supported...

[Flytrap]

I get...

Your browser is not supported.
Unfortunately this browser does not support the web technology that powers
Firefox Send. You’ll need to try another browser. We recommend Firefox!

...when I try to access the service.

If Mozilla's strategy is to lure back old users with web based services like Send, they are going to have to ensure that the service works seamlessly for the people that I exchange files with, without trying to force them to change their browser first. Even if I eventually make the switch to Firefox, I can hardly expect everyone that I exchange files with to do the same in order to be able to receive the files that I send.

Re:Your browser is not supported...

Sort of the situation that Libre (and other non-MS) Office suites are in: regardless of how good you are otherwise, you have to support MS (and, in the olde dayze, Word Perfect) file formats. Firefox is actually a pretty good (tm Prairie Home Companion) browser. But it has to comply with standards to be useful. This feature also needs to comply with standards so it's usable in any normal browser, because Firefox has a market share only slightly larger than Windows in the phone market.

Re:Your browser is not supported...

[markdavis]

>"I get...Your browser is not supported."

You neglected to say which browser it is that you are using...

Re:Your browser is not supported...

It's true but if you don't support Internet Explorer 11, or whatever is used in Android 4.4, or Safari on an OSX 10.6 or 10.9 Mac, or ... then you fall short of being universal even though the web supposedly is.

For example, I don't know what's the browser version used in Android 4.1, but using youtube from Android 4.1 browser works. Well I think it does..

Another, different example may be WebGL, even "old" WebGL1. Well if my system runs a simple undemanding game at 15 to 20 fps because my PC is "crappy" (even though it may run at 1024x768 60 fps if it were a native program), then the game is unplayable clear and simple. It may be my fault for having a slow 2GHz CPU, a GPU 3x slower than Xbox 360 and running linux, but no it isn't really my fault. Please do a game that works adequately ; Flash was successful in doing that.

Re:Your browser is not supported...

How the fuck is ANY browser NOT supported for something as simple as uploading and downloading files?

No no no that makes no sense at all. It's bullshit. it's marketing bullshit and lies from mozilla. again.
fuck you mozilla. eat a dick.

Re:Your browser is not supported...

[skoskav]

The code is on GitHub, so a quick glance tells me that this is the only place where that error occurs: https://github.com/mozilla/sen...

So the browser must support the Web Cryptography API along with the modern GCM cipher for encrypting/decrypting the file. I don't see enforcing high-grade end-to-end cryptography as "marketing bullshit."

Private copy to NSA

Of course!

It sure beats Drive, Cloud, and Dropbox

sure, it may hash each file and match against known bad archives or whatever that noone should truly be sharing, but other than that I think it's certainly easier and more private to use than Google, Microsoft and Dropbox alternatives.

Re:It sure beats Drive, Cloud, and Dropbox

I hear SHA1 is fast.

Why not do something interesting?

[b4_the_looking_glass]

Why not a built in web interface for a upnp encrypted netcat or socat. Then you could serve pages, files, and chats; from your browser to another. If they absolutely must provide a service, they could be the web facing connection helper for those who cannot figure out firewalls or are not allowed direct connections (when upnp is not applicable). Then there is 50% less wasted bandwidth. Upload the file to the actual destination the first time. Allow extensive configurations for allowing resume, close service after completion, continue service until manually terminated, etc. You could even provide a plugin for configuring a central hub. If no one has a computer that is on all of the time, it could be another simple service they offer. Groups of peers connecting, without needing to use fackbook, DC++, Retroshare, etc. Instead lets host your files for you, and just because the link isn't accessible after some time, you can imagine that the file is deleted.

Re:Why not do something interesting?

That's not very interesting to most people.

As it is this project has a niche audience unless they can build a sizable client base. What you're describing is an even smaller niche, but you might be able to charge more money for it. If you have a need for this maybe others do to. Why not sink a few hundred ours and a few grand into the idea to see if it has legs? Imagine what your future would look if it takes off big.

Re:Why not do something interesting?

[b4_the_looking_glass]

Your right. It isn't very interesting. Just more interesting than temporary hosting, which has been around for quite some time now. There has been a ton of sites offering this service free. I even hosted a node.js site that did it. The niche audience doesn't need a web browser that can do what netcat and socat can do. We already have netcat and socat. But we also don't need our web browser with a built in video player. If you made netcat as easy to use as in browsers videos, the niche would probably just complain about browser bloat. I think Opera tried some interesting things like that anyway. It never took off because the average user doesn't even imagine something like it can be done, and doesn't look for it. Especially today. Everyone is used to a man in the middle, doing for you what your computer could already do without him. I don't think it would take a whole lot of investment either. Its not new technology. Its the basics of the Internet, that have been there since Netscape (with the exception of upnp). One thing I have noticed, is that people do not understand the difference between hosting a file somewhere and sharing it direct IP to IP. It did the same thing right? I know any lightly seasoned user knows the difference. And most people could pick out the difference right away, if they thought about it. But as for Mozilla putting effort into a temp host site, if you're gonna do that why not do something interesting in that comparable range of not very interesting things?

1GB in 24 hours?

Do you think I have some ultra fast 150 Kbps connection to download gigabytes of data in less than 24 hours?

Re: 1GB in 24 hours?

sorry to hear you have a slow downlink. On a 200mbit link here. Download of 1gb takes approx 1min.

Link

The summary says the LINK will expire once the file has been downloaded, or once 24 hours have passed. It doesn't say what happens to the FILE sitting on Mozilla's server.

YouSendIt.com did this stuff ages ago... apk

See subject: I don't know if it still exists or not but it did exactly this pretty much - you send a file, it stores it there & deletes it after a 'timeout' period OR if anyone downloads it.

APK

P.S.=> 2nd time this week I've said it: "There is nothing new under the sun", which I don't care too much about honestly - as long as the 'copycat' does it BETTER (but I don't really see HOW this new one is 'better')... apk

Cool...

Great, Sounds like what wetransfer has been doing for many years, only not as good.

I'll stick with wetransfer.com

Proven reliable and stable for years.

Sounds bit like filesender which has been around s

See filesender.org for further info. It's been used in academia quite long already.

Not Bad

[n329619]

At least for marketing firefox. It's also probably cheap to build as it doesn't keep the data forever, so there is a hard limit to the capacity required to build this service.

Better

https://onionshare.org

Same thing, without the traffic analysis. Of course, you need a TOR browser, but then, who doesnt?! ;-)