this post was submitted on 05 Nov 2024
116 points (97.5% liked)

Open Source

31220 readers
255 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 8 points 1 week ago (25 children)

Send lets you share files with end-to-end encryption

How is this possible if the only thing that is shared between sender and receiver is just a link (that is provided by the website)?

How can we trust https://send.vis.ee/? Who are they?

[–] [email protected] 3 points 1 week ago (2 children)

The fragment of a URL is not sent to the server, so that's where such platforms usually store the key. That's also the way cryptpad does it. You can thus share the URL and with it the key.

Of course, you still need to trust the platform. The sourcecode link at the bottom of the page links to https://github.com/timvisee/send who forked from mozilla/send and links back to the web page.

[–] [email protected] 1 points 1 week ago (1 children)

Oh, now I get it, the whole system works if we trust the guy that provide that system.

[–] [email protected] 1 points 1 week ago

If you trust the client that is encrypting and uploading the file - which runs on your computer and thus can be audited, modified, or even entirely replaced by you. You do not need to trust that the server (which ideally is also free software, but in practice is a black box you don't have any visibility into) is sending you trustworthy code.

load more comments (22 replies)