We try our best to ensure only users who have the pre-defined URL generated have access to your file. From front end to the back end datastore, the entire process of retrieving your file undergoes encryption. The file itself (on the datastore) is NOT encrypted unless setup per the user. In case of a seizure or breach, there are multiple snapshots taken of the datastore back end which only contains the uploaded content. Restoring from a snapshot is an option we can take in case of data loss. In the event of a seizure due to abuse and or other non ethical means, the datastore can be relocated and purged if needed to abide by australian law. (Cached content may still reside within the AU during the transfer process)
Is there an API?
This is currently in the works. There is a beta API that is being used by select users and will be rolled out publicly within the next few months.
What is the point of this service when there are others alike?
We wanted a way to make file sharing reliable and fast for user --> user. There are other services that achieve anonymous file hosting with an easier UI for simplistic sharing. We are no different.
Who can see my files?
We have a small team of 3 administrators who can see and remove files if needed. Files uploaded are NOT opened, reviewed, and or seen by anyone on our team. The datastore is NOT accessible via this manor for anyone on our team to review a file. A strict UI will only show the name and file type and basic "strings" (if an application) for vetting. Only when a report of a threat actor comes in via email are files vetted for review.
Where are the files hosted?
The files are hosted in both Sweden and temporarily cached within the AU. Both servers are purchased via bitcoin (anonymously) to minimize the risk of an admin leaking users sensitive files due to a seizure of the platform. They are both a "net install" of Debian 10 with basic net-tools installed along with an Apache web server. The front end is unfortunately Cloudflare for reverse proxy protection due to a bot problem. (A wildcard "*" has been placed for all TOR traffic to disable CF's captcha.) If you have questions regarding the network design. Please see below. (Public status can be seen here: Status.)
| CF on |
| Front End|
| | IPSEC VPN Tunnel
v | |
+-------+--+ | +----------+
| | | | |
|Front End |<------+------+Back End |<--- SW Datastore
AU ----->|Apache | | |Data |
Based VPS | +-------+----->| |
| \ +---------+
| |Pastebin |
+--------->|US Based |