• peregus@lemmy.world
    link
    fedilink
    arrow-up
    6
    ·
    10 days ago

    Send lets you share files with end-to-end encryption

    How is this possible if the only thing that is shared between sender and receiver is just a link (that is provided by the website)?

    How can we trust https://send.vis.ee/? Who are they?

    • RmDebArc_5@sh.itjust.works
      link
      fedilink
      arrow-up
      13
      ·
      10 days ago

      How it works: I don’t know about this service in particular, but usually the shared contains the encryption key so like this: example.com/files/file_id/encryption_key or something similar

      As for trust: This appears to be a individual, so you will have to just trust it when using the public instance. However, since it is FOSS, you can audit the code and spin up your own instance

      • Handles@leminal.space
        link
        fedilink
        English
        arrow-up
        4
        ·
        edit-2
        10 days ago

        spin up your own instance

        Absolutely. If you’re at all worried about sending files through third party sites, set up your own. Provided you trust your own security skills, of course.

        I would certainly be more interested in having an install under my own domain than using some rando’s that I don’t know.

      • peregus@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        10 days ago

        How it works: I don’t know about this service in particular, but usually the shared contains the encryption key so like this: example.com/files/file_id/encryption_key or something similar

        But if the key is in the URL, that’s provided by the server, where’s the utility of the encryption since the server knows it and so does everyone that has the URL?

        • flux@lemmy.ml
          link
          fedilink
          English
          arrow-up
          1
          ·
          10 days ago

          So the trick is to use the #fragment part of the URL, that is not sent to the server.

          Of course the JS one downloads from the server could easily upload it to it, so you still need to trust the JS.

          • peregus@lemmy.world
            link
            fedilink
            arrow-up
            2
            ·
            10 days ago

            But the JS code could be checked on the webpage, correct? If so, the page could be trysted (if vetted).

            • flux@lemmy.ml
              link
              fedilink
              English
              arrow-up
              2
              ·
              9 days ago

              In theory, yes. But if you follow the link and that leads to downloading the JS and running it, you’re already too late inspecting it.

              And even if you review it once (and it wasn’t too large or obfuscated via minification), the next time you load a page, the JS can be different. I guess there could be a web browser extension for pinning the code?

              The only practial alternative I know of is to have a local client you can review once (and after updates).

    • chebra@mstdn.io
      link
      fedilink
      arrow-up
      5
      ·
      10 days ago

      @peregus @dl007

      Wiki End-to-end encryption:
      > The messages are encrypted by the sender but the third party does not have a means to decrypt them, and stores them encrypted. The recipients retrieve the encrypted data and decrypt it themselves. Because no third parties can decipher the data being communicated or stored, for example, companies that provide end-to-end encryption are unable to hand over texts of their customers’ messages to the authorities.

      You don’t have to trust the server.

      • peregus@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        10 days ago

        The recipients retrieve the encrypted data and decrypt it themselves

        Ok, but how can the recipient decrypt it if he doesn’t have the key? The only thing that’s shared is the URL and if the key is in the URL, well, I don’t know what’s the use for it since the server knows it.

            • chebra@mstdn.io
              link
              fedilink
              arrow-up
              0
              ·
              10 days ago

              @peregus It’s explained in other threads here. The key is in the url but behind # and that part is invisible to the server. protocol://host:port/path?query#fragment, server will only see …?query, so both participants can decrypt, but server can’t => E2EE

              • peregus@lemmy.world
                link
                fedilink
                arrow-up
                1
                ·
                10 days ago

                But it’s the server that creates the URL in the first place, so it must knows it, right? …or wrong?

                  • peregus@lemmy.world
                    link
                    fedilink
                    arrow-up
                    1
                    ·
                    10 days ago

                    Oh, ok, now I get it. So it could be checked by a third party if that code is really created by the browser and if it’s not sent to the server, correct?

    • redxef@feddit.org
      link
      fedilink
      English
      arrow-up
      3
      ·
      10 days ago

      The fragment of a URL is not sent to the server, so that’s where such platforms usually store the key. That’s also the way cryptpad does it. You can thus share the URL and with it the key.

      Of course, you still need to trust the platform. The sourcecode link at the bottom of the page links to https://github.com/timvisee/send who forked from mozilla/send and links back to the web page.

        • Captain Beyond@linkage.ds8.zone
          link
          fedilink
          arrow-up
          1
          ·
          8 days ago

          If you trust the client that is encrypting and uploading the file - which runs on your computer and thus can be audited, modified, or even entirely replaced by you. You do not need to trust that the server (which ideally is also free software, but in practice is a black box you don’t have any visibility into) is sending you trustworthy code.