
Zero Knowledge Secure File Transfer - apunhiran
https://dropsecure.com/
======
jedisct1
"patent pending algorithm" \+ "real-time military grade encryption" \+ misused
"Zero knowledge" => smells like snake oil security.

Even more since it is not opensource.

If you need to quickly transfer files between hosts, maybe consider Piknik
instead:
[https://github.com/jedisct1/piknik](https://github.com/jedisct1/piknik)

~~~
amishg
Thanks for the feedback. It is not open source yet, but you can look at the js
source if interested. It is where all the encryption and decryption is taking
place.

------
RRRA
Can we stop with the military grade encryption, it's not even post-quantum
with all the TLS shit going on...

We really have to fix this CA problem as right now we're all head deep in the
sand thinking we can trust the network: we can't.

~~~
amishg
Can you please elaborate issues with TLS? Its been broken/hacked into that's
for sure. I understand your frustration with marketing buzz words, and we are
trying our best to convey the positives of our system. There are too many
consumers who can't identify the difference between SSL and end-to-end
encryption and we need to convey to them we are over and beyond SSL. Thanks
for feedback though and these does gives us ideas to improve our content.

------
socceroos
Wait...so they decrypt the files before downloading. So this isn't secure file
transfer at all.

~~~
amishg
To explain it more clearly all your data is encrypted before it goes on the
wire and not a single bit is decrypted until we verify your email link. All
the encryption/decryption is done using AES-256. Files are decrypted locally
on your browser when you click on the download button. Our servers are totally
unaware of this and they only stream encrypted files at all times. This is
just the beginnings, we are working on more features and also improving our
documentation/content. Appreciate your feedback.

