Hacker News new | past | comments | ask | show | jobs | submit login

Interesting, it seems to work very similarly to Firefox Send.

For communications in the other direction, such as when you want to make sure the other person sends you the content securely, there is https://github.com/whitesmith/hawkpost (disclaimer, this was an hackathon project I participated some years ago). Hawkpost doesn't even store the encrypted content.

I wonder if there is a solution that would correctly deal with both situations (never requiring the other end to sign up or know anything about encryption).




By the way, Mozilla's Send is down, but I'm maintaining a fork with a public instance. :)

https://send.vis.ee/ (https://github.com/timvisee/send)


That is very neat!

That said, I think a lot of the value of Firefox Send, which I used a bunch, was that it was maintained by a trusted brand in Mozilla. Indie groups won't have that reputation. And if I wanted to self-host, I would just use magic-wormhole.


Definitely. But many still use it, partially because of `ffsend` (https://github.com/timvisee/ffsend), so it's nice to have around.


Do you have any problem with spam? Afaik that was one of the main issue why Mozilla shut down the service originally, it was _too good_


Not that I know of. Got a DMCA only once.

Mozilla's instance was obviously associated with the big names 'Mozilla' and 'Firefox' which made it easy to abuse. That isn't an issue now. I guess that helps.


The Mozilla one was being used to deploy malware, so you should watch out for that in advance. Frankly, I don't know how though, and I think Mozilla couldn't figure it out either -that's why it was shut down instead of fixed


This is really clever. And looks like it's easy to self-host via Docker.

> I wonder if there is a solution that would correctly deal with both situations (never requiring the other end to sign up or know anything about encryption).

I'm actually in the midst of building out a tool for that exact scenario[0]. You can send it to anyone so long as you know the email or username they use for a service that implements OAuth. If they successfully authenticate and the server sees their username / email match up, it sends back the encrypted data to the frontend, which then decrypts it with the key in the URI fragment. It's neither audited nor open source just yet, so I don't recommend using it for actual secret sharing until then.

[0] https://intended.link/


This is a fantastic idea! Bookmarked. Is there a GitHub repo of this? I would be more than happy to contribute some PRs.


There hopefully will be one soon! The backend was written haphazardly in a weekend, so once I clean it up to save myself some embarrassment, I'll open up the source on Github. I'll send you an email if that happens (using the one in your HN profile).


Thanks for the link to Hawkpost, it looks really cool!


you might also be interested in https://github.com/magic-wormhole/magic-wormhole


one of my favorite tools, i just wish there was a good GUI for it.


I've been building a Rust macOS app for it, actually - could use testers in a week, I think. Let me know if you're interested?

https://twitter.com/ryanmcgrath/status/1368027469068963843/p...


There's a webapp version (clone?) of it: https://webwormhole.io/

There's also a nice go port (single binary) of it: https://github.com/schollz/croc


Have you tried this? https://github.com/Jacalz/wormhole-gui




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: