Best of luck to the author! My understanding is that anything that makes large file sharing easy and anonymous rapidly gets flooded with CSAM and ends up shuttering themselves for the good of all. Would love to see a non-invasive yet effective way to prevent such an incursion.
For Firefox Send, it was actually malware and spearfishing attacks that were spread.
The combination of limited file availability (reducing the ability to report bad actors), as well as Firefox urls being inherently trusted within orgs (bypassing a lot of basic email/file filtering/scanning), was the reason it became so popular for criminals to use. Like we've seen in the spearfishing attacks in India[1].
If governments and big tech want to help, they should upload one of their CSAM detection models to Hugging Face, so system administrators can just block it. Ideally I should be able to run a command `iscsam 123.jpg` and it prints a number like 0.9 to indicate 90% confidence that it is. No one else but them can do it, since there's obviously no legal way to train such a model. Even though we know that governments have already done it. If they won't give service operators the tools to keep abuse off their communications systems, then operators shouldn't be held accountable for what people do with them.
This would potentially let somebody create a "reverse" model, so I don't think that's a good idea.
Imagine an image generation model whose loss function is essentially "make this other model classify your image as CSAM."
I'm not entirely convinced whether it would create actual CSAM instead of adversarial examples, but we've seen other models of various kinds "reversed" in a similar vein, so I think there's quite a bit of risk there.
Are you saying someone will use it to create a CSAM generator? It'd be like turning smoke detectors into a nuclear bomb. If someone that smart wants this, then there are easier ways for them to do it. Analyzing the detector could let you tune normal images in an adversarial way that'll cause them to be detected as CSAM by a specific release of a specific model. So long as you're not using the model to automate swatting, that's not going to amount to much more than a DEFCON talk about annoying people.
If you have a csam detection model that can run locally, the vast majority of sysadmins who use it will just delete the content and ban whoever posted it. Why would they report someone to the police? If you're running a file sharing service, you probably don't even know the identities of your users. You could try looking up the user IP on WHOIS and emailing the abuse contact, but chances are no one is listening and no one will care. What's important is that (1) it'll be harder to distribute this material, (2) service operators who are just trying to build and innovate will be able to easily protect themselves with minimal cost.
You are mandated to report what you find. If the g-men find out you've not only been failing to report crimes, but also destroying the evidence they will come after you.
Note that this is specific to CSAM, not crimes in general. Specifically, online service providers are required to report any detected actual or imminent violation of laws regarding child sex abuse (including CSAM) and there are substantial fines for violations of the reporting requirement.
Wow. I had no idea. That would explain why no one's uploaded a csam detection model to Hugging Face yet. Smartest thing to do then is probably use a model for detecting nsfw content and categorically delete the superset. Perhaps this is the reason the whole Internet feels like LinkedIn these days.
Someone send you a meme that looks like a meme, you share it through messenger, the meme looks like something else to the messenger, messenger reports you to NCMEC. It's NOT police but they can forward it to police. As a side effect NCMEC gets overloaded helping more of real abuse continue.
> Perpetrators will keep tweaking image till they get score of 0.1
Isn't this - more or less - already happening?
Perpetrators that don't find _some way_ of creating/sharing csam that's low risk get arrested. The "fear of being in jail" is already driving these people to invent/seek out ways to score a 0.1.
My understanding is at that Microsoft runs such a tool and you can request access to it. (PhotoDNA). As I understand you hash an image send it to them and get back a response.
The government doesn't need more dragnet surveillance capabilities than it already has. Also this solution basically asks the service operator to upload illegal content to the government. So there would need to be a strong guarantee they wouldn't use that as proof the service operator has committed a crime. Imagine what they would do to Elon Musk if he did that to run X. The government is also usually incompetent at running reliable services.
"The government" in the UK already basically shields big internet operators from legal responsibility from showing teenagers how to tie a ligature. But I wouldn't characterise them as the problem — more public oversight or at least transparency of the behaviour of online operators who run services used by thousands of minors might not be a bad thing. The Musk comment also speaks to a paranoia that just isn't justified by anything that has happened in the past 10 years. The EU is in fact the only governmental organisation doing anything to constrain the power of billionaires to distort and control our public discourse through mass media and social media ownership.
I don't understand this comment. Are you implying Prince Andrew was _in_ or part of the UK Government? This would be a weird misunderstanding of our system.
If it's just a general cynical "all gubernment is bad and full of pedos" then I'm not sure what the comment adds to this discussion.
Pretty sure apple already scans your photos for csam, so the best way would be to just throw any files a user plans on sharing into some folder an iPhone or iMac has access to.
For a case when file sharing is intended between individuals or small groups there's an easy solution:
Anyone who got the link should be able to delete the file.
This should deter one from using the file sharing tool as free hosting for possibly bad content. One can also build a bot that deletes every file found on public internet.
Imagine some computer work with a class of high school kids, where a teacher has to send them a file... there will be maybe three full downloads max, before someone presses the "delete" button.
Sending files anonymously and sending files easily seems like mutually exclusive problems. If it's easy and anonymous, it's too easy to abuse. The teacher should just be using file storage that is tied to an account: it's not as though they're trying to stay hidden from their students
For a lot of use cases, simply sending the address of the deleter to whoever sent the file would suffice. Next time, just don't send it to them, or apply real-world consequences.
Sure, it wouldn't work for a large public setting... but it'd work for many other settings.
Because some people would tell them. For example, the FBI would look at a child porn sharing forum and observe a lot of people sharing Send links. Then they would go to the operators of Send servers, and "strongly suggest" that it should shut down.
"We know that this link includes material that is illegal to possess, and it is on your server."
"We don't know the contents of the files on our server, so we can't know that is was illegal"
"Fine, delete that file, and we won't charge you for possession this time. Now that you know your service is used for this illegal material, you need to stop hosting material like that."
"How, if we don't know what's in the file sent to our server?"
"... maybe don't take random files you don't know about, and share them on the open web with anonymous users?"
That’s not how csam reporting works at all. You aren’t punished for csam being on your server, as long as you do something about it. You can easily set up cloudflare to block and report csam to the NCMEC (not the FBI) and it will all be handled automatically.
I wonder how that'll play out in this case, since everything uploaded here expires at maximum 3 days. Maybe they can "handle" abuse reports by simply auto-responding in 3 days that it is now removed.
Do we know whether this uploading is motivated by actual pedo reasons, by anti-pedo honeypot reasons, by sociopathic trolling reasons, by sabotage reasons (state, or commercial), or something else?
It's discouraging to think that privacy&security solutions for good people might end up being used primarily by bad people, but I don't know whether that's the situation, nor what the actual numbers are.
It is just pedophiles. A user posted here on HN a while ago that they ran a Tor exist node and the overwhelming majority of it was CSAM or other cybercrime. Here in Germany they busted some underground forum and a single individual had 35TB worth of it at home. There's no great conspiracy, the criminal underworld is huge and they use every service that doesn't clamp down on it in some form.
That's discouraging, if true. I don't mind doing the occasional on-principle thing (like running Tor Browser for general-purpose browsing, and Tor as the VPN plugin on my phone), and maybe it's a citizen-technologist obligation to do my share of that. But I'd rather not have some Orwellian Bayesian system flagging me for using Tor.
How would they know their traffic was csam? Traffic passing through an exit node is traffic between a Tor user and the open Internet. Who's running csam servers on the open Internet instead of as hidden services? And without https? Especially when Tor Browser enforces https? This story doesn't add up at all.
They did bust a site owner despite Tor, though. That story's true.
For local network sharing between my devices I tend to use LocalSend [0] which is absolutely brilliant, pretty much replaced my USB stick for transferring files/folders between devices on the same network.
"The Thunderbird team was very sad when Firefox Send was shut down. Firefox Send made it possible to send large files easily, maybe easier than any other tool on the Internet. So we’re reviving it, but not without some nice improvements. Thunderbird Send will not only allow you to send large files easily, but our version also encrypts them" - https://blog.thunderbird.net/2024/10/thunderbird-annual-repo...
The excellent FileLink plugin for Thunderbird already makes it a sinch to transmit a file via a Next/Owncloud instance instead of as an attachment to an email. Worth running a *cloud instance just for it imo.
It could incidentally be closed source, then. I stand corrected.
Sometimes devs & teams of devs wait until their code is finished to put it online. I tend not to – most of my unfinished code open source code is online. I understand the pros/cons of each way though.
I wouldn’t be surprised if that hash fragment is sent to URL previews in otherwise encrypted chats. I did that too in my own program and it felt wrong. https://codeberg.org/macchiato/encshare-app I think I’ll change it, if not in my old project then in the next one.
What I'd love to have is a deposit of files to be shared within a group of people.
Say we're 8 friends traveling through the middle of Greenland (read: no niceties like WiFi), and on the evening we want to share the photos of the day with everyone else.
In short, an evolution of the myriad of file sending copycats that exist: the same idea but for a shared bucket of files (I don't think doing N individual shares fits the bill, that'd just be a poor man's solution for the lack of a proper alternative)
Commenting this in hopes that the HN popular wisdom knows about something similar! :)
> ...What I'd love to have is a deposit of files to be shared within a group of people...
Agreed, this is the key need! For sharing individual files, i think there are plenty of decent options - including this fork of FF Send, which by the way i have used and works perfectly fine. But, that whole desire to have a shared "bucket" or as you called it "deposit of files" or something similar, where a group of people can use as an area to constantly and consistently share files - and i would add to have those files be organized in a meaningful way - is still not something that i see executed really well.
For my family, its pretty simple in that have an existing shared area within our Onedrive, and manage files there...but there are at least 2 problems with that: 1) there isn't an embedded chat/communication mechanism...so files are separated from context of activity; and 2) what happens if the group that wants to share the bucket isn't family, or not connected on a single service like onedrive?
For simple sharing of files *that are ephemeral/not intended to be preserved nor organized properly* lots of people simply use a chat service. I use a dedicated, persistent room within matrix (yes, that matrix which is used for chat/instant messaging), and use it as my own little pastebin, file transfer/sharing system, etc. But, that approach lacks an organizability/findability of whatever files are loaded into it. So, sharing could be achieved for many participants via chat room, but there won't be a nice, easy way to find files shared from say X weeks ago.
I know that i added chat onto what was mentioned about having an area/deposit of files to share, but i feel having such a bucket in isolation may not be enough...i think some combination of chat or communication AS WELL AS an easy to organize bucket of sharing files is the key...i feel that once that nut has been cracked in a way that provides great UX, then whatever that service will be can have the potential to swallow at least a few existing services like dropbox, onedrive, google drive, etc....or, at least for some non-trivial percentage of users out there.
Maybe one could modify an existing server based file sharing app and add a public/private key mechanism that only people who have shared their keys with the server will get to keep their files on the server, if they key doesn’t match what the client signed with and was pre-registered it gets deleted instantly. That would prevent CSAM etc from a hostile intrusion. Of course it requires vigilance of the group. I envision this working for small groups who have email or Signal contacts with each other. It needs that “it takes a village to manage a friends share” mentality.
As others have said, I use a combination of LocalSend on all my devices (Win64, Linux, iOS…) and a Syncthing folder that I call QuickSync and added as a shortcut to all of my file managers a few years ago. Syncthing, in particular, works so well that you don’t even notice it, until you have a file conflict. It’s a great solution to have files synced easily.
I have no idea. If you’re on the same LAN, I assume you can use LocalSend, although I haven’t had any luck with it on my corporate, segregated, network. I’m betting it doesn’t work with complicated configs or MAC address filtering.
For those of you with a server on their hands, please consider hosting ProjectSend[1] to share files with friends. I haven't used it extensively but it's great for sharing files here and there. (I'm not affiliated in any way, just a happy user)
I self host this and probably the best looking and working file sharing app. Works well for me as the files are ephemeral and the upload is protected by cloudflare access.
Is there a version of this, where i can allow emailadresses to upload things/download things/share things with other emailaddresses?
Like firefox send but some version of authentication via email? I am aware that i would need a way to send emails so the emailaddresses get authentication
Slightly off topic: I'm a fan of solutions like https://webwormhole.io/ - which lets you send the file directly from one computer to the other via webrtc instead of uploading to a middleman server... at the expense of not being able to generate a link that you can send to someone else and forget about.
Of all the P2P file transfer tools I’ve tried (Magic Wormhole, file.pizza, localsend, etc) I’ve had the best luck with croc working under various network configurations.
Wouldn’t it need to at least go through the middle man as a relay for webrtc to work? Most people are behind so many layers I don’t see how webrtc could work any other way for the average user.
WebRtc usually manages to punch a hole in my experience (which, to be fair, isn't with particularly hostile network architecture), but I believe it does go through a middle man relay if that fails.
Even if Mozilla retired the service, they should've at least kept the repository active so people can send patches.
I find this applications like this very useful to self-host. Sometimes I need to send someone a file quickly and this can come in handy. I don't need to allow uploads from everyone and I can just whitelist IPs for the upload URL.
If you don't want to self-host and you don't want to trust someone else's service (I don't know anything about this server) you get Bitwarden Send with the $10/year premium plan.
This is also end-to-end encrypted, and the client and server code is open source/source available.
The reason to use Bitwarden could be that you already trust it with something else, and could have taken time and audit that it is indeed legit, or trust others to complain loudly if they find something wrong with the code. Personally, I’d self-host it (or the open source, lighter on resources Vaultwarden), just as an additional safeguard.
You probably can’t but if you’re one of those people who keeps passwords with Bitwarden, you probably trust them, and it’s nice to have this service as well.
Yeah, I didn't word that very well. We tend to trust services like Bitwarden and Fastmail. I should have probably said a service you've never heard of.
There are other variants with different file size limits
https://github.com/timvisee/send-instances
Maybe performance based or something depending on those hosting these instances?
There doesn't appear to be a technical reason, it appears to just be a default configuration setting that was a holdover from Mozilla's imposed limits when Firefox Send was still around.
In my opinion, the idea behind Firefox send was a real step towards a more greener IT. The elephant in the room here that no one is talking about is the impact of the email with attachment on climate change. In 2018 (that's the best I could find) nearly 600 billion emails are distributed every day around the world. Im' pretty sure this is a lot more nowadays. No matter the truth, this colossal figure is not without impact on the environment. From the PC to the data center to the small lithium battery of a smartphone, email consumes electricity and its consequences on greenhouse gas emissions are far from negligible.
Studies on the subject (very few actually, if you have intel on that matter, let me know) have already been conducted and reveal that a simple email with an attachment of 1MB produces around 15 grams of CO2[1]. Obviously, this figure increases with the size of the email. This is the case, for example, when the email includes large attachments or if the email is sent to several recipients.
With the use of the IMAP protocol, one email sent has at least 6 permanent copies (from the sent item in the sender email client to the inbox of the recipient, through sender and recipients email server which hopefully have long term archiving).
A solution like firefox send with automatic shredding of the file after an expiration period to replace email attachment would drastically reduce the consequences of email usage on greenhouse gas emissions. It would also resolve other issues related to sending files by email, but that would make this post waaaayyy to long :-)
I'm sorry but if you're bean-counting email co2 usage and coming up with a unit of like 15 grams of a physical substance per email then by that logic we should basically all go ted K luddite on our computers and phones, and simply throw them the fuck out the window right now. Imagine the pounds of CO2 I emit playing sonic the goddamn hedgehog why don't we.
I think environmentalists need to find more effective focuses than these if we want our goals to be achieved and for us to be taken remotely seriously
I agree. This is also the type of mentality that if one throws it out to the public makes everyone throw up their hands and say “do we worry about browsing the internet now? That’s a lot of CO2 too?”and then people get tired of worrying about it and just say “toss it all, I don’t care any longer”. There is fatigue that sets in when we’re supposed to constantly worry about everything so might as well worry about nothing and not fix the really big problems like where we source our energy from and getting rid of fossil fuels and the chemicals that corporations are trying to convince us are not that bad into our bodies. Now I gotta worry about emails and the most energy efficient file transfer methods? I don’t think so.
No matter the amount of CO2 emitted, can we agree emails and attachment produce a certain amount of it and that we could probably do better with alternate solutions than sending files by email. In that context, the idea behind firefox send was one possible way of being more efficient. That's all what I'm saying.
You dont have to have the same goals, its pretty serious but also its ok in the grander scheme of things if you don't want to think about this stuff. This wasn't even about "messaging", it was just a thing with a nice environmental upshot. No reason to be defensive.
No seriously, just extrapolate that for a second and try to tell me with a straight face that all the gamer kids playing with whatever it takes to render a modern game, and by the logic I'm reading from that french article those kid are basically each a victorian age factory spewing out so much carbon gunk we're going to need to bring back chimney sweeps, like yeah I don't really think that the logic of restricting emails is going to change a lot when people are literally just out there playing video games.
I'm being "defensive" because as an environmentalist I think that we need to get real and target the real emitters. It's mostly military functions, international shipping, and still going and generating power in the first place using non renewable sources that maybe we should be focusing on rather than this BP-orchestrated carbon footprint bullshit that they foisted on people as a psyop to convince us that we're the problem that need to change
Right, but you're just offering fatalism back, right? Its fine, but that's not like an argument against it. Its just articulating the problem again but saying its impossible to solve.
No I'm offering that it's incredibly wrong to go bean counting email co2 usage when this is a dead end solution blaming end users for a problem caused by large corporations. It causes people to take environmentalism less seriously and doesn't change a thing for the greater good.
It's not letting me reply to your further comment but here's some links for you to really 'get it'
I'm a little confused. GP was simply pointing something out as maybe a good aspect of this kind of file transfer flow. It doesn't matter what "people think of environmentalism" in this case (and so many other cases). Environmentalism != the environment. Nobody was chastising you for having too big an email attachment.
In general I dont get this line where people think this stuff is all just a huge PR (as press relations) issue. It doesnt matter what you or I think. We are kinda way past that. There is no cultural battle to win, and even if there was, it really wouldn't matter!
6. add one if the file is saved as a local copy on the sender computer
And this does not take into consideration backups (like local backups and email server backups). Also, the number increases obviously by the number of recipients (points 4, 5 and 6).
Best of luck to the author! My understanding is that anything that makes large file sharing easy and anonymous rapidly gets flooded with CSAM and ends up shuttering themselves for the good of all. Would love to see a non-invasive yet effective way to prevent such an incursion.
For Firefox Send, it was actually malware and spearfishing attacks that were spread.
The combination of limited file availability (reducing the ability to report bad actors), as well as Firefox urls being inherently trusted within orgs (bypassing a lot of basic email/file filtering/scanning), was the reason it became so popular for criminals to use. Like we've seen in the spearfishing attacks in India[1].
[1]: https://www.amnesty.org/en/latest/research/2020/06/india-hum...
If governments and big tech want to help, they should upload one of their CSAM detection models to Hugging Face, so system administrators can just block it. Ideally I should be able to run a command `iscsam 123.jpg` and it prints a number like 0.9 to indicate 90% confidence that it is. No one else but them can do it, since there's obviously no legal way to train such a model. Even though we know that governments have already done it. If they won't give service operators the tools to keep abuse off their communications systems, then operators shouldn't be held accountable for what people do with them.
The biggest risk with opening a tool like that is that it potentially enables offenders to figure out what can get past it.
Fair point, but wouldn’t we rather they be spending their time doing that than actively abusing kids?
So they publish an updated model every three months that works better.
This would potentially let somebody create a "reverse" model, so I don't think that's a good idea.
Imagine an image generation model whose loss function is essentially "make this other model classify your image as CSAM."
I'm not entirely convinced whether it would create actual CSAM instead of adversarial examples, but we've seen other models of various kinds "reversed" in a similar vein, so I think there's quite a bit of risk there.
Are you saying someone will use it to create a CSAM generator? It'd be like turning smoke detectors into a nuclear bomb. If someone that smart wants this, then there are easier ways for them to do it. Analyzing the detector could let you tune normal images in an adversarial way that'll cause them to be detected as CSAM by a specific release of a specific model. So long as you're not using the model to automate swatting, that's not going to amount to much more than a DEFCON talk about annoying people.
I think the point is generating an image that looks normal but causes the model to false positive and the unsuspecting person then gets reported
If you have a csam detection model that can run locally, the vast majority of sysadmins who use it will just delete the content and ban whoever posted it. Why would they report someone to the police? If you're running a file sharing service, you probably don't even know the identities of your users. You could try looking up the user IP on WHOIS and emailing the abuse contact, but chances are no one is listening and no one will care. What's important is that (1) it'll be harder to distribute this material, (2) service operators who are just trying to build and innovate will be able to easily protect themselves with minimal cost.
You are mandated to report what you find. If the g-men find out you've not only been failing to report crimes, but also destroying the evidence they will come after you.
Note that this is specific to CSAM, not crimes in general. Specifically, online service providers are required to report any detected actual or imminent violation of laws regarding child sex abuse (including CSAM) and there are substantial fines for violations of the reporting requirement.
https://www.law.cornell.edu/uscode/text/18/2258A
Wow. I had no idea. That would explain why no one's uploaded a csam detection model to Hugging Face yet. Smartest thing to do then is probably use a model for detecting nsfw content and categorically delete the superset. Perhaps this is the reason the whole Internet feels like LinkedIn these days.
Not "crimes". Child sexual exploitation related crimes specifically.
And not "you" unless you are operating a service and this evidence is found in your systems.
This is how "g-men" misinformation of born
Someone send you a meme that looks like a meme, you share it through messenger, the meme looks like something else to the messenger, messenger reports you to NCMEC. It's NOT police but they can forward it to police. As a side effect NCMEC gets overloaded helping more of real abuse continue.
Perpetrators will keep tweaking image till they get score of 0.1
> Perpetrators will keep tweaking image till they get score of 0.1
Isn't this - more or less - already happening?
Perpetrators that don't find _some way_ of creating/sharing csam that's low risk get arrested. The "fear of being in jail" is already driving these people to invent/seek out ways to score a 0.1.
How about the government running a service where you can ask them to validate an image?
Trying to tweak an image will not work because you will find the police on your doorstep.
My understanding is at that Microsoft runs such a tool and you can request access to it. (PhotoDNA). As I understand you hash an image send it to them and get back a response.
The government doesn't need more dragnet surveillance capabilities than it already has. Also this solution basically asks the service operator to upload illegal content to the government. So there would need to be a strong guarantee they wouldn't use that as proof the service operator has committed a crime. Imagine what they would do to Elon Musk if he did that to run X. The government is also usually incompetent at running reliable services.
"The government" in the UK already basically shields big internet operators from legal responsibility from showing teenagers how to tie a ligature. But I wouldn't characterise them as the problem — more public oversight or at least transparency of the behaviour of online operators who run services used by thousands of minors might not be a bad thing. The Musk comment also speaks to a paranoia that just isn't justified by anything that has happened in the past 10 years. The EU is in fact the only governmental organisation doing anything to constrain the power of billionaires to distort and control our public discourse through mass media and social media ownership.
You mean the government of Prince Andrew?
Yeah I think I understand now why they want the csam so badly.
I don't understand this comment. Are you implying Prince Andrew was _in_ or part of the UK Government? This would be a weird misunderstanding of our system.
If it's just a general cynical "all gubernment is bad and full of pedos" then I'm not sure what the comment adds to this discussion.
Pretty sure apple already scans your photos for csam, so the best way would be to just throw any files a user plans on sharing into some folder an iPhone or iMac has access to.
For a case when file sharing is intended between individuals or small groups there's an easy solution:
Anyone who got the link should be able to delete the file.
This should deter one from using the file sharing tool as free hosting for possibly bad content. One can also build a bot that deletes every file found on public internet.
Or the link expires after a download.
Sucks for people that have a shitty connection
The server would know when a download has completed.
Oh, that's pretty clever!
That then ruins perfectly valid use cases that someone could maliciously delete the file for.
But it allows sending. That might be an okay tradeoff, depending on what you're aiming for.
Anonymous file hosting isn't something I'd be keen to offer, given the nhmber of people who would happily just abuse it.
But people would abuse the delete button too.
Imagine some computer work with a class of high school kids, where a teacher has to send them a file... there will be maybe three full downloads max, before someone presses the "delete" button.
Sending files anonymously and sending files easily seems like mutually exclusive problems. If it's easy and anonymous, it's too easy to abuse. The teacher should just be using file storage that is tied to an account: it's not as though they're trying to stay hidden from their students
For a lot of use cases, simply sending the address of the deleter to whoever sent the file would suffice. Next time, just don't send it to them, or apply real-world consequences.
Sure, it wouldn't work for a large public setting... but it'd work for many other settings.
Checkout https://pipe.pico.sh which is a system for networked Unix pipes using ssh.
I've been using this version for a while, presumably it's just gone under the radar enough. So please don't upvote this too much, haha.
If it's truly e2e how would they even know what's being shared on it?
Because some people would tell them. For example, the FBI would look at a child porn sharing forum and observe a lot of people sharing Send links. Then they would go to the operators of Send servers, and "strongly suggest" that it should shut down.
> and "strongly suggest" that it should shut down.
I don't know about that, is there any documented case of that?
I feel like they'd probably just contact them and ask for removal of the file(s) and to forward any logs?
"We know that this link includes material that is illegal to possess, and it is on your server."
"We don't know the contents of the files on our server, so we can't know that is was illegal"
"Fine, delete that file, and we won't charge you for possession this time. Now that you know your service is used for this illegal material, you need to stop hosting material like that."
"How, if we don't know what's in the file sent to our server?"
"... maybe don't take random files you don't know about, and share them on the open web with anonymous users?"
That’s not how csam reporting works at all. You aren’t punished for csam being on your server, as long as you do something about it. You can easily set up cloudflare to block and report csam to the NCMEC (not the FBI) and it will all be handled automatically.
Maybe a judge would see it that way, but FBI agents aren't required to act like judges.
The fbi literally only investigates if the ncmec tells them to.
https://www.fbi.gov/investigate/violent-crime/vcac
I have been using both Swisstransfer.com and filetransfer.io since Firefox Send shut down.
How have they dealt with this?
I had a Send instance exposed online for years, but I changed it to 1 day retention and I never had any issues.
It was literally just to send large files between friends so more than 1 day was redundant.
> ends up shuttering themselves for the good of all
mostly because it's difficult to handle all the abuse reports
I wonder how that'll play out in this case, since everything uploaded here expires at maximum 3 days. Maybe they can "handle" abuse reports by simply auto-responding in 3 days that it is now removed.
Do we know whether this uploading is motivated by actual pedo reasons, by anti-pedo honeypot reasons, by sociopathic trolling reasons, by sabotage reasons (state, or commercial), or something else?
It's discouraging to think that privacy&security solutions for good people might end up being used primarily by bad people, but I don't know whether that's the situation, nor what the actual numbers are.
It is just pedophiles. A user posted here on HN a while ago that they ran a Tor exist node and the overwhelming majority of it was CSAM or other cybercrime. Here in Germany they busted some underground forum and a single individual had 35TB worth of it at home. There's no great conspiracy, the criminal underworld is huge and they use every service that doesn't clamp down on it in some form.
Naive question. Isn't tor supposed to be private? How can you know the contents of the communication just by running a node?
If it's an exit node, you know what the user is connecting to but not which user.
That's discouraging, if true. I don't mind doing the occasional on-principle thing (like running Tor Browser for general-purpose browsing, and Tor as the VPN plugin on my phone), and maybe it's a citizen-technologist obligation to do my share of that. But I'd rather not have some Orwellian Bayesian system flagging me for using Tor.
run a node. but never an exit one.
How would they know their traffic was csam? Traffic passing through an exit node is traffic between a Tor user and the open Internet. Who's running csam servers on the open Internet instead of as hidden services? And without https? Especially when Tor Browser enforces https? This story doesn't add up at all.
They did bust a site owner despite Tor, though. That story's true.
For local network sharing between my devices I tend to use LocalSend [0] which is absolutely brilliant, pretty much replaced my USB stick for transferring files/folders between devices on the same network.
[0] https://localsend.org/
I love Snapdrop [0] for that use case, since it doesn't require downloading/installing an app.
[0] https://snapdrop.net/
I opened the landing page on Safari on M1 Mac and found out it was using 25% GPU one hour later…
It’s really a delightful piece of software. Came to the comments just to mention it, definitely recommended
That's really cool. Tailscale has a built in local send function that works brilliantly too.
I like localsend too. But for some reasons I need to disconnect from tailscale in order for it to work properly.
The title heavily implies that Mozilla's is closed-source. It isn't: https://github.com/mozilla/send
Actually since it says forked it implies that Mozilla maintains a closed-source version. No, it was cancelled.
The Thunderbird team is working on a fork!
"The Thunderbird team was very sad when Firefox Send was shut down. Firefox Send made it possible to send large files easily, maybe easier than any other tool on the Internet. So we’re reviving it, but not without some nice improvements. Thunderbird Send will not only allow you to send large files easily, but our version also encrypts them" - https://blog.thunderbird.net/2024/10/thunderbird-annual-repo...
Firefox Send used E2E encryption. The key was generated on the web client and not shared with the Send server.
https://web.archive.org/web/20200226024845/https://www.wired...
The excellent FileLink plugin for Thunderbird already makes it a sinch to transmit a file via a Next/Owncloud instance instead of as an attachment to an email. Worth running a *cloud instance just for it imo.
https://gitlab.com/joendres/filelink-nextcloud
Good, that will distract them for a while and will prevent them from actively making TB even worse with every release.
I like keeping my software secure and up to date, but I dread every TB upgrade, wondering what stupid cosmetic change will trip me up this time.
It could incidentally be closed source, then. I stand corrected.
Sometimes devs & teams of devs wait until their code is finished to put it online. I tend not to – most of my unfinished code open source code is online. I understand the pros/cons of each way though.
That's weird, I thought the original also decrypted them. (You pass the key in the hash fragment, which your browser doesn't send to the server.)
I wouldn’t be surprised if that hash fragment is sent to URL previews in otherwise encrypted chats. I did that too in my own program and it felt wrong. https://codeberg.org/macchiato/encshare-app I think I’ll change it, if not in my old project then in the next one.
What I'd love to have is a deposit of files to be shared within a group of people.
Say we're 8 friends traveling through the middle of Greenland (read: no niceties like WiFi), and on the evening we want to share the photos of the day with everyone else.
In short, an evolution of the myriad of file sending copycats that exist: the same idea but for a shared bucket of files (I don't think doing N individual shares fits the bill, that'd just be a poor man's solution for the lack of a proper alternative)
Commenting this in hopes that the HN popular wisdom knows about something similar! :)
> ...What I'd love to have is a deposit of files to be shared within a group of people...
Agreed, this is the key need! For sharing individual files, i think there are plenty of decent options - including this fork of FF Send, which by the way i have used and works perfectly fine. But, that whole desire to have a shared "bucket" or as you called it "deposit of files" or something similar, where a group of people can use as an area to constantly and consistently share files - and i would add to have those files be organized in a meaningful way - is still not something that i see executed really well.
For my family, its pretty simple in that have an existing shared area within our Onedrive, and manage files there...but there are at least 2 problems with that: 1) there isn't an embedded chat/communication mechanism...so files are separated from context of activity; and 2) what happens if the group that wants to share the bucket isn't family, or not connected on a single service like onedrive?
For simple sharing of files *that are ephemeral/not intended to be preserved nor organized properly* lots of people simply use a chat service. I use a dedicated, persistent room within matrix (yes, that matrix which is used for chat/instant messaging), and use it as my own little pastebin, file transfer/sharing system, etc. But, that approach lacks an organizability/findability of whatever files are loaded into it. So, sharing could be achieved for many participants via chat room, but there won't be a nice, easy way to find files shared from say X weeks ago.
I know that i added chat onto what was mentioned about having an area/deposit of files to share, but i feel having such a bucket in isolation may not be enough...i think some combination of chat or communication AS WELL AS an easy to organize bucket of sharing files is the key...i feel that once that nut has been cracked in a way that provides great UX, then whatever that service will be can have the potential to swallow at least a few existing services like dropbox, onedrive, google drive, etc....or, at least for some non-trivial percentage of users out there.
IPFS is probably the closest open-source thing here, but the UX for non-nerds is not great.
Maybe one could modify an existing server based file sharing app and add a public/private key mechanism that only people who have shared their keys with the server will get to keep their files on the server, if they key doesn’t match what the client signed with and was pre-registered it gets deleted instantly. That would prevent CSAM etc from a hostile intrusion. Of course it requires vigilance of the group. I envision this working for small groups who have email or Signal contacts with each other. It needs that “it takes a village to manage a friends share” mentality.
As others have said, I use a combination of LocalSend on all my devices (Win64, Linux, iOS…) and a Syncthing folder that I call QuickSync and added as a shortcut to all of my file managers a few years ago. Syncthing, in particular, works so well that you don’t even notice it, until you have a file conflict. It’s a great solution to have files synced easily.
Can you also use it to send files to, say, a colleague in the same office?
Or to a client asking for a file in an e-mail?
I have no idea. If you’re on the same LAN, I assume you can use LocalSend, although I haven’t had any luck with it on my corporate, segregated, network. I’m betting it doesn’t work with complicated configs or MAC address filtering.
https://github.com/localsend/protocol
Defaults:
- Multicast UDP for discovery
- HTTP for file transfer
Will work in an office, but not for a email transfer to a customer
For those of you with a server on their hands, please consider hosting ProjectSend[1] to share files with friends. I haven't used it extensively but it's great for sharing files here and there. (I'm not affiliated in any way, just a happy user)
[1]: https://www.projectsend.org/
This is cool, sharing files larger than 1GB still remains challenging these days.
How easy is it to self-host? I don't see any Docker instructions.
https://gitlab.com/timvisee/send
P.s. Kind of odd that the site links to Github, but the GH repo is only a mirror of the official Gitlab.
https://github.com/timvisee/send-docker-compose
swisstransfer.com, up to 50GB
There is also filebin.net: https://github.com/espebra/filebin2/
And pwndrop: https://github.com/kgretzky/pwndrop
And lots of others.
I self host this and probably the best looking and working file sharing app. Works well for me as the files are ephemeral and the upload is protected by cloudflare access.
Is there a version of this, where i can allow emailadresses to upload things/download things/share things with other emailaddresses?
Like firefox send but some version of authentication via email? I am aware that i would need a way to send emails so the emailaddresses get authentication
Just email the link? The receiver has authenticated by getting the email.
it would be nice, if i could upload something and say, okay, this list of emailadresses get the link of it.
Slightly off topic: I'm a fan of solutions like https://webwormhole.io/ - which lets you send the file directly from one computer to the other via webrtc instead of uploading to a middleman server... at the expense of not being able to generate a link that you can send to someone else and forget about.
I am partial to croc[1] which will send directly on your local network, or encrypted through a relay across the 'net.
1: https://github.com/schollz/croc
Of all the P2P file transfer tools I’ve tried (Magic Wormhole, file.pizza, localsend, etc) I’ve had the best luck with croc working under various network configurations.
For local transfers (mainly between my phone, pc and laptop) I've been using LocalSend, works great.
Wouldn’t it need to at least go through the middle man as a relay for webrtc to work? Most people are behind so many layers I don’t see how webrtc could work any other way for the average user.
WebRtc usually manages to punch a hole in my experience (which, to be fair, isn't with particularly hostile network architecture), but I believe it does go through a middle man relay if that fails.
I use ToffeeShare. It also uses WebRTC for p2p transfer. But it fallbacks to a central server if p2p can't be established (just like a TURN server)
Even if Mozilla retired the service, they should've at least kept the repository active so people can send patches.
I find this applications like this very useful to self-host. Sometimes I need to send someone a file quickly and this can come in handy. I don't need to allow uploads from everyone and I can just whitelist IPs for the upload URL.
At present I'm using Project Send.
As a side note, you can also simulate various network problems in the linux kernel via tc: https://www.baeldung.com/linux/network-failures-simulation
I based off someone's quick notes and made it a ready to use script, in case it's useful for anyone:
https://github.com/j1elo/slow-network
Your article is very interesting and details some practical use cases, thanks! I will read it to see if there are any new ideas to incorporate.
I recently launched www.64.surf that uses the URL to send files, obviously a much smaller file size, but was fun to build regardless.
Basically, base64 encode the file, inject it in the URL and then allows you to share it with other people.
If the URL contains the file, what is the difference between sending the URL and the actual file contents in practice?
Then you send the file as base64 prefixed with your URL?
Where is the use, except that's cool to build?
Cloudflare issue when loading the URL
If you don't want to self-host and you don't want to trust someone else's service (I don't know anything about this server) you get Bitwarden Send with the $10/year premium plan.
I didn't know about Bitwarden Send, thanks! Although I did just check it out and it says the limit is 100 MB, which is typically too little.
EDIT: I'm on mobile, apparently it's 500 MB on desktop.
> and you don't want to trust someone else's service
You still have to trust Bitwarden aka someone else's service?
Its e2e encrypted, and the client and server code is open source/source available.
This is also end-to-end encrypted, and the client and server code is open source/source available.
The reason to use Bitwarden could be that you already trust it with something else, and could have taken time and audit that it is indeed legit, or trust others to complain loudly if they find something wrong with the code. Personally, I’d self-host it (or the open source, lighter on resources Vaultwarden), just as an additional safeguard.
How can you guarantee the build is from the open source code? (i.e. doesn't contain a small patch with hostile behavior)
You probably can’t but if you’re one of those people who keeps passwords with Bitwarden, you probably trust them, and it’s nice to have this service as well.
Yeah, I didn't word that very well. We tend to trust services like Bitwarden and Fastmail. I should have probably said a service you've never heard of.
A command line version by the same author: https://github.com/timvisee/ffsend
What's the catch? Who is paying for storage and maintenance?
A minor bug. It’s not possible to copy and paste the link from the UI. Using Firefox on iPhone
No commits since 1.5 years. Is this software “done” or no longer supported?
is it weird that my first reaction upon reading the title is “a product with Firefox in the name isn’t already open source??”
Thank you! This is handy as hell, after firefox send gone.
I wonder what limits sends to 2.5GB ?
There are other variants with different file size limits https://github.com/timvisee/send-instances Maybe performance based or something depending on those hosting these instances?
Don't forget the encryption step is done locally by the browser before the file is transmitted to the server. As such, you better have a limit.
There doesn't appear to be a technical reason, it appears to just be a default configuration setting that was a holdover from Mozilla's imposed limits when Firefox Send was still around.
https://old.reddit.com/r/selfhosted/comments/1bwqxit/is_ther...
[dead]
Exactly what i need to be able to not depend on m0zilla
In my opinion, the idea behind Firefox send was a real step towards a more greener IT. The elephant in the room here that no one is talking about is the impact of the email with attachment on climate change. In 2018 (that's the best I could find) nearly 600 billion emails are distributed every day around the world. Im' pretty sure this is a lot more nowadays. No matter the truth, this colossal figure is not without impact on the environment. From the PC to the data center to the small lithium battery of a smartphone, email consumes electricity and its consequences on greenhouse gas emissions are far from negligible.
Studies on the subject (very few actually, if you have intel on that matter, let me know) have already been conducted and reveal that a simple email with an attachment of 1MB produces around 15 grams of CO2[1]. Obviously, this figure increases with the size of the email. This is the case, for example, when the email includes large attachments or if the email is sent to several recipients.
With the use of the IMAP protocol, one email sent has at least 6 permanent copies (from the sent item in the sender email client to the inbox of the recipient, through sender and recipients email server which hopefully have long term archiving).
A solution like firefox send with automatic shredding of the file after an expiration period to replace email attachment would drastically reduce the consequences of email usage on greenhouse gas emissions. It would also resolve other issues related to sending files by email, but that would make this post waaaayyy to long :-)
[1] http://www.helixee.me/limpact-ecologique-des-e-mails/ (in French)
I'm sorry but if you're bean-counting email co2 usage and coming up with a unit of like 15 grams of a physical substance per email then by that logic we should basically all go ted K luddite on our computers and phones, and simply throw them the fuck out the window right now. Imagine the pounds of CO2 I emit playing sonic the goddamn hedgehog why don't we.
I think environmentalists need to find more effective focuses than these if we want our goals to be achieved and for us to be taken remotely seriously
I agree. This is also the type of mentality that if one throws it out to the public makes everyone throw up their hands and say “do we worry about browsing the internet now? That’s a lot of CO2 too?”and then people get tired of worrying about it and just say “toss it all, I don’t care any longer”. There is fatigue that sets in when we’re supposed to constantly worry about everything so might as well worry about nothing and not fix the really big problems like where we source our energy from and getting rid of fossil fuels and the chemicals that corporations are trying to convince us are not that bad into our bodies. Now I gotta worry about emails and the most energy efficient file transfer methods? I don’t think so.
No matter the amount of CO2 emitted, can we agree emails and attachment produce a certain amount of it and that we could probably do better with alternate solutions than sending files by email. In that context, the idea behind firefox send was one possible way of being more efficient. That's all what I'm saying.
You dont have to have the same goals, its pretty serious but also its ok in the grander scheme of things if you don't want to think about this stuff. This wasn't even about "messaging", it was just a thing with a nice environmental upshot. No reason to be defensive.
Hope you have fun playing Sonic I guess?
Yeah he goes fast haha
No seriously, just extrapolate that for a second and try to tell me with a straight face that all the gamer kids playing with whatever it takes to render a modern game, and by the logic I'm reading from that french article those kid are basically each a victorian age factory spewing out so much carbon gunk we're going to need to bring back chimney sweeps, like yeah I don't really think that the logic of restricting emails is going to change a lot when people are literally just out there playing video games.
I'm being "defensive" because as an environmentalist I think that we need to get real and target the real emitters. It's mostly military functions, international shipping, and still going and generating power in the first place using non renewable sources that maybe we should be focusing on rather than this BP-orchestrated carbon footprint bullshit that they foisted on people as a psyop to convince us that we're the problem that need to change
Right, but you're just offering fatalism back, right? Its fine, but that's not like an argument against it. Its just articulating the problem again but saying its impossible to solve.
No I'm offering that it's incredibly wrong to go bean counting email co2 usage when this is a dead end solution blaming end users for a problem caused by large corporations. It causes people to take environmentalism less seriously and doesn't change a thing for the greater good.
It's not letting me reply to your further comment but here's some links for you to really 'get it'
https://www.clf.org/blog/the-truth-about-carbon-footprints/
https://www.theguardian.com/commentisfree/2021/aug/23/big-oi...
I'm a little confused. GP was simply pointing something out as maybe a good aspect of this kind of file transfer flow. It doesn't matter what "people think of environmentalism" in this case (and so many other cases). Environmentalism != the environment. Nobody was chastising you for having too big an email attachment.
In general I dont get this line where people think this stuff is all just a huge PR (as press relations) issue. It doesnt matter what you or I think. We are kinda way past that. There is no cultural battle to win, and even if there was, it really wouldn't matter!
How did you get 6?
I run my own infra and on my end I see 1 permanent server side copy and 1 temporary local copy.
1. local copy of the file on the sender computer
2. local copy in the send item once sent
3. a copy on the sender email server
4. a copy on the receiver email server
5. a copy on the inbox of the receiver
6. add one if the file is saved as a local copy on the sender computer
And this does not take into consideration backups (like local backups and email server backups). Also, the number increases obviously by the number of recipients (points 4, 5 and 6).
(edited for layout)
I don't know why you keep counting two server side copies for each side.
It's 4 total if both sides cache the file indefinitely and 2 otherwise.
edit:
Okay, I see, you are talking about physical files.
Sure then there might be up to 6 copies of the file.
I see I'm being downvoted which is ok but to the down voters, I genuinely wonder why ?