We try our best to ensure only users who have the pre-defined URL generated have access to your file. From front end to the back end datastore, the entire process of retrieving your file undergoes encryption. The file itself (on the datastore) is NOT encrypted unless setup per the user. In case of a seizure or breach, there are multiple snapshots taken of the datastore back end which only contains the uploaded content. Restoring from a snapshot is an option we can take in case of data loss. In the event of a seizure due to abuse and or other non ethical means, the datastore can be relocated and purged if needed to abide by US law.
Is there an API?
This is currently in the works. There is a beta API that is being used by select users and will be rolled out publicly within the next few months.
There's less users shown then a previous date, are the numbers a lie?
We actively purge new users (history keys) that have zero uploads after a week.
What is the point of this service when there are others alike?
We wanted a way to make file sharing reliable and fast for user --> user. There are other services that achieve anonymous file hosting with an easier UI for simplistic sharing. We are no different.
Who can see my files?
We have a small team of 3 administrators who can see and remove files if needed. Files uploaded are NOT opened, reviewed, and or seen by anyone on our team. The datastore is NOT accessible via this manor for anyone on our team to review a file. A strict UI will only show the name and file type and basic "strings" (if an application) for vetting. Only when a report of a threat actor comes in via email are files vetted for review.
Do you clear metadata?
No, we do not clear any metadata. If an image and or file is uploaded, it is the users responsibility to ensure the files are clean of any personal content.
Any proof of non logging?
Unfortunately there is not a way to prove logging is disabled as there is no log for us to show you. However since Cloudflare is in place, please keep in mind they are able to see logs. Use the TOR service for any sensitive uploads (Uploads still MUST comply with the terms and conditions). This server uses Apache2 with the logging module disabled. Additionally the vHost within 000-default has logging marked out. (Both CustomLog, and ErrorLog)
Where are the files hosted?
The files are hosted on physical hardware within the US running on a dry installation of Debian. Everything is routed through an P2P encrypted tunnel from front end to back end undergoing full encryption, in addition, the files on the backend are within an encrypted volume to minimize risk of data being pulled when offline. Currently the front end proxy is hosted under Linode using Nginx with logging set to null.
Deleted a file, but the total did not change?
The site does not query the uploads directory to calculate a total. Instead, there is a directory containing flat files labeled with the names of uploaded content. This is used by the API for file deletion. The number of flat files within this directory is what’s totaled on the front page. If you delete a file from recent uploads, the file IS removed and permanently deleted.
Will generating a new history key delete my uploaded content?
No, unless you specifically delete the content yourself and or purge your account.