
OnionShare 2 adds anonymous dropboxes - soheilpro
https://micahflee.com/2019/02/onionshare-2/
======
kodablah
For those looking to do this programmatically, it is so easy these days. This
project uses the Python library Stem [0] and I wrote one for Go called Bine
[1]. Firing up a website on an onion service from your home computer is really
easy, and busts NAT by its nature.

0 - [https://stem.torproject.org/](https://stem.torproject.org/) 1 -
[https://github.com/cretz/bine](https://github.com/cretz/bine)

~~~
orblivion
I wonder if you could use this to make an OnionSync. Like Syncthing but
perhaps simpler to use because of global addressing and no need to configure
between nodes. (Though I've only briefly looked at Syncthing.

~~~
derefr
If you control both sides of the connection, ZeroTier is probably a more
efficient "NAT-busting E2E-encrypted overlay network" solution than anything
Tor-based.

~~~
lgierth
Being able to embed the Tor daemon right into my program, and still using an
existing Tor daemon if available, is pretty pretty compelling.

------
tuxxy
This is awesome, however, if you're looking for plausible deniability this can
cause some concern.

Tor traffic is pretty visible and detectable. If you're firewalled somewhere,
it's pretty obvious to anyone in the middle that you're using Tor. Tools like
these clearly don't work against nation states like China, or even some
corporate environments.

Transferring secrets in a plausibly deniable format is still a hard problem.

~~~
aboutruby
You are probably talking about detecting Tor relay nodes IP addresses that the
sender connects to or patterns in the traffic.

So you could use a VPN, or a chain of VPNs to hide the IP.

And to escape traffic analysis you could switch the entry VPN automatically
(that would require quite a few VPNs for large files or many receivers).

Still, connecting to unknown IPs from a corporate network can be detected.

Then you could use some public service that stores data like Github (repos /
gists / ...) and somehow communicate between your computer and a relay server
through Github.

Still not foolproof, there could be timing attacks to detect when data is
transmitted when the receiver requests the file, so introducing delays along
the nodes would help.

~~~
derefr
Systemic solution to this problem: NNTP (Usenet). I can't recall the specific
newsgroup, but there are Usenet "numbers stations" groups for the upload of
anonymous encrypted binaries. They get store-and-forward-ed like anything
else, at arbitrary times.

Alice dumps an encrypted document into the NNTP network on one side of the
world; Bob later downloads the entire newsgroup's contents (not just the stuff
he wants—because there's no metadata to even determine that!) from his local
NNTP server, and then attempts to decrypt everything he downloaded until he
hits on something that works.

~~~
aw3c2
But wouldn't that have the same problem that GP mentioned, that this traffic
would be easily identifiable as NNTP? If you were the only person using NNTP,
then whammo...

~~~
derefr
One part of this scheme that I forgot about, which the link in the sibling
reply mentions, is MixMaster
([http://mixmaster.sourceforge.net/faq.shtml#1.2](http://mixmaster.sourceforge.net/faq.shtml#1.2)),
a self-hostable service for “mixing” SMTP traffic (including SMTP>NNTP gateway
traffic) around. Many people host these, even today. It’s a bit like
Mailinator with all its alias domains, but for the other end of the
connection, and distributed.

So, to get all the security features at the same time:

1\. _Using_ Tor to hide your IP,

2\. _Connect_ to a MixMaster node (using TLS), and

3\. _Send_ an encrypted NNTP message through it,

4\. _To_ an SMTP>NNTP gateway,

5\. With the embedded NNTP message’s _Recipient_ being alt.messages.anonymous.

Kinda complicated, but you could wrap all that up into a nice GUI program if
you wanted.

Oh wait, they already did:
[http://aamdirect.sourceforge.net](http://aamdirect.sourceforge.net)

——

MixMaster doesn’t do the Tor part for you, though. My suggestion would be to
run AAM Direct in a [https://tails.boum.org](https://tails.boum.org) session,
which will automatically force the connection through Tor without any
configuration needed.

An additional boost to security would be for there to be .onion MixMaster
nodes, so that the traffic doesn’t have to traverse the public internet (and
thus probably force you to rely on the only-kind-of-secure SMTP STARTTLS
extension for security between the Tor exit node and the MixMaster node.)

------
mises
I wonder, does this support threaded transfer? It really bugs me that so many
tools don't, and therefore just leave users waiting around with unused
internet bandwidth.

Of course, I suppose the design of TCP is part of this. It seems that there
ought to be some more control of how aggressive it is about dropping
connection rate. I keep hearing about multiplexed connections in newer
protocols (QUIC etc.); would that translate into saturation of network
connections?

~~~
Scaevolus
TCP often fails to saturate network links because it treats packet loss as
congestion. TCP-BBR tries to model the network more accurately, treating
_latency_ as congestion: [https://cloud.google.com/blog/products/gcp/tcp-bbr-
congestio...](https://cloud.google.com/blog/products/gcp/tcp-bbr-congestion-
control-comes-to-gcp-your-internet-just-got-faster)

Tor adds additional complexities, since intermediate nodes are even more
likely to be congested than the average backbone router. I don't know if BBR
improves things there.

~~~
mises
Hmm, interesting thought. This explains why google drive, youtube, etc. can
download so quickly with a single connection (especially compared with other
services). Thanks for the link.

------
Santosh83
As an aside, please guys, consider using Tor for more of your day to day
browsing. The anonymity of the Tor network crucially depends on more users and
more traffic to defeat global adversaries or timing attacks (or at least make
it more difficult).

~~~
ndnxhs
Is there any way to use it without it being painfully slow?

~~~
Santosh83
In my experience, it is slow only on very media heavy sites like Facebook,
Youtube etc. That's not going to improve unless there are many more exit nodes
and relays. But for most browsing its not painfully slow, although the slight
delay is noticeable when compared to a non-Tor browser. However I guess the
best way to fight public perception that Tor is a den of illegal activities,
as well as foil timing attacks is for more of us to use it for regular
browsing.

~~~
irl_
For Facebook, you can use its onion service to get improved speeds (the
traffic doesn't leave the Tor network, which itself is quite fast, it is only
the exits to the Internet which are slow):
[https://facebookcorewwwi.onion/](https://facebookcorewwwi.onion/)

------
berbec
I'm a fan of tor and the work they do, but doesn't this sound like security
through obscurity? Anyone with the address can upload files without logging
in.

I know Onion addresses are huge and the chance of someone scanning to upload
is tiny, but I remember saying the same thing about IPv4. "There's 256^4
addresses, of course I can run an unsecured FTP. What could go wrong?"

I'd like to see some simple one-time-use password option. It doesn't even have
to be enabled by default, just having it there would be a big step. HTTPS
would be great, but I understand the difficulty of that hurdle.

(If Let's Encrypt is out there - .onion isn't a dirty word!)

~~~
agumonkey
I wonder if scrambled distributed chunks over torrent would be useful.

Btw who works on tor replacement or improvement ?

~~~
lapinot
Related work; on the deniable side: shadowsocks, a proxy designed to look like
https traffic, wireguard may fulfill the same kind of goal (using generic
session protocols like the noise framework might help deniability); on the
generic p2p internet/web: gnunet (large project, quite experimental, has
naming, routing/transport, some application protocols).

~~~
agumonkey
many thanks

------
ortekk
See also Firefox Send - [https://send.firefox.com/](https://send.firefox.com/)

Files are encrypted and then uploaded to Mozilla servers. Links automatically
expire after some time.

~~~
irl_
This is not metadata analysis resistant, so Mozilla could still technically
see who is sending files to who (unless you use Firefox Send in Tor Browser -
not sure how well that works).

That's not to say this service isn't useful, but it's not a drop-in
alternative to OnionShare.

------
mr_spothawk
Similar sharing, but not onion routed.

[https://github.com/datproject/dat](https://github.com/datproject/dat)

~~~
Naac
I think it's actually more similar to magic-wormhole,
[https://github.com/warner/magic-wormhole](https://github.com/warner/magic-
wormhole)

------
cascom
Really like the ephemeral links, don’t love the fact that the receiving party
needs to use a tor browser....

~~~
gpm
Firefox is apparently working towards integrating Tor into a private browsing
mode type of thing, so perhaps someday soon that won't be necessary [0].

[0]
[https://news.ycombinator.com/item?id=17205441](https://news.ycombinator.com/item?id=17205441)

~~~
brewdad
Brave browser now has a Private Browsing mode with Tor.

------
auslander
> .. is to use an encrypted messaging app like Signal Desktop, Wire, Keybase,
> or iMessage.

Solid selection by authors, not familiar with Keybase though

~~~
ryanmcbride
Keybase is basically a communication platform that's secure, but allows the
users to verify that they are who they say they are. It's basically like "I am
foo, and I identify myself like this, and you are bar, and you identify
yourself like that, we now know that we are who we say we are, and now we're
having an e2e encrypted conversation.

It's supposedly a way to put a stop to imitation, but unless adoption gets
huge I'm not sure it'll work that way.

It generates a string, you store it on, for example, your twitter, facebook,
github, HN account, almost anything with an editable profile. That way when 2
users are talking, one can be assured that the other is who they claim to be
(either that or they have access to all of said person's accounts). It's kind
of cool but it's impractical in a way that usage is pretty low (at least among
people I know. Maybe it's got a big underground following I don't know about).

I have a keybase account and literally no one else I know does, so I've never
used it.

~~~
freedomben
I love Keybase (it has some awesome features, like chat (similar to slack),
encrypted file storage, encrypted git repos etc. But you're right you have to
have other people using it for it to have any value. I've gotten work
colleagues to adopt it so now it's also a great way to stay in touch after
somebody leaves the company.

If you want to look me up on Keybase I'm freedomben, and I'll be your friend
:-)

------
velobro
Sorry for asking the obvious question, but this website seems like a play on
words for McAfee.com

~~~
jonafato
The domain is the author's name (see the sidebar on the right).

------
dang
Url changed from [https://blog.torproject.org/new-release-
onionshare-2](https://blog.torproject.org/new-release-onionshare-2), which
points to this.

------
alsothrownaway
Honest question: do tools like this even matter? We're all a few INNER JOINs
away from having our entire lives known by data brokers. This seems to
indicate that unless one changes their name and lives with the mole people,
privacy is an illusion.

~~~
belorn
To name a few professional that need to talk work with each others:
journalists, lawyers, medical personal, security, and government. If just a
small amount of the sensitive information that get transported through data
brokers like facebook and google get moved to more secure end-to-end then I
see a major win for projects like this. Take for example a psychologist
seeking a second opinion on a recorded video of a patient, which as I
understand is a rather standard practice. If I was the patient then I wish
they used tools like this rather than a password protected google drive, which
for practical reasons I assume many non-technical psychologist use.

------
jancsika
Someone should release a version of Tor where users set the _private_ key of
their hidden service to something human readable (with the necessary mapping
and padding).

Then someone wanting to access the hidden addy types that same private key in
the url bar of a correspondingly twisted Tor Browser which would generate the
hidden service pubkey and request the service at that addy.

Who wants to surf fwodjslkf...sdfjs.onion when you _could_ be surfing
amazon.onion?

It's also more democratic because if you don't like what you find there you
can just publish your own amazon.onion.

~~~
zensavona
You can't do that because that's not the way encryption works.

The reason onion addresses are random looking is because they are a function
of the hidden service's public key.

If you could generate a "private key" _from_ the public key, anyone could use
your "domain name". The reason tor doesn't require centralised domain name
services is because we can trust that whoever owns the private key to the
public key which we identify with the onion address, owns the onion address.

~~~
DINKDINK
The closest you could get to OP's idea is to have a human-readable, non-
configurable (but minable) mnemonic that maps to a public key.

~~~
kodablah
This has been tried quite a bit ranging from proquint to random 32-bit phrases
[0]. I just don't think we as humans are going to be able to make something
both memorable and with enough size to hold, say, ed25519 keys (i.e. Tor v3
keys). KDFs leave a lot to be desired too, we're going to have to find a
better way. Until then, obtuse names and lack of easy discovery will plague
decentralized setups.

0 - [https://blog.asana.com/2011/09/6-sad-squid-snuggle-
softly/](https://blog.asana.com/2011/09/6-sad-squid-snuggle-softly/)

