Hacker News new | past | comments | ask | show | jobs | submit login

I really hope Mozilla decides to expand on this.

One issue with the experiment is it has such a narrow use case. Disappearing after one download / 24hrs makes sending a file to multiple people--or just one person who drags their feet on the DL-- makes it really inconvenient to use. Even offering "1 download -OR- 24hrs" would make it far more useful.




But at that point it's just a file hosting platform. Why not use a public Drive/Dropbox/OwnCloud/Mega/S3 link?


Client-side encryption. Mega works, may use some questionable cryptography, but the rest of your solutions don't offer that at all.


I get that, it's just a pain to upload the same file multiple times to send it to more than one person :/


They're trying to avoid running the next Mega. It also posts the unencrypted hash of the file you uploaded to their server so that they can do DMCA takedowns.

There are other existing solutions like https://share.riseup.net which do not do things like this too and which do allow multiple downloads.


So anything you send needs zipping up with a "salt" file first in order to bypass the hash check? Is there an add-on to do that for me yet?

Do they communicate that sending any known file is non-private?

If I email myself a pop-song, does the client automatically start the extradition proceedings for the RIAA; or does that come later? /s


If you're savy enough to do that, then you are also competent enough to send the file in numerous other ways. Your not the target audience.

Also, you wouldn't need add a file. Zipping it alone would be enough to change the hash.


I assumed zipping to be determinative and that a standard gzip would lead to a "known" hash, ergo the idea to create a unknown zip file by adding some bytes.


It would be determinative only if all the header fields[1] stayed identical. A change in something like file name or mod time, would change the hash of the zipped archive without affecting the hash of the actual file.

I don't think you can expect the file mod time to be identical, as it isn't preserved through many forms of file distribution.

[1]https://en.wikipedia.org/wiki/Zip_(file_format)#File_headers


>It also posts the unencrypted hash of the file you uploaded to their server so that they can do DMCA takedowns

Why would they do that? It's not like anyone can send them DMCA notices: the act of verifying that the upload violates your copyright already removes the file from the service. And I don't see anything in the DMCA that requires them to search for offenders, they just have to act once they become aware?


> And I don't see anything in the DMCA that requires them to search for offenders, they just have to act once they become aware?

The Megaupload case sadly is a good example of what no one wants to repeat, as there this was exactly argued - that, once notified, the hoster has to ensure this file won't ever be uploaded again, and all other copies are removed, too.


Don't ask me, it seems ridiculous to me.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: