Hacker News new | past | comments | ask | show | jobs | submit login

Neat idea, and props for the https. Are the files encrypted on the server?



There's an example on how to encrypt the files before sending them to the server:

  # Encrypt files with password using gpg 
  $ cat /tmp/hello.txt|gpg -ac -o-|curl -X PUT --upload-file "-" https://transfer.sh/test.txt 
  
  # Download and decrypt 
  $ curl https://transfer.sh/1lDau/test.txt|gpg -o- > /tmp/hello.txt


Exactly, who trusts server side encryption anyway?


The first cat does absolutely nothing in your example.


are you sure? how else would you pipe to GPG?


Just redirect gpg's input from the file?

    gpg ... < hello.txt | curl ...
Its stdin will be the file instead of a pipe, but few programs care about the difference and fewer still in such a way that you'd prefer to use the pipe.


It doesn't appear so, no. The raw bytes seem to be dumped to temp files, local storage, or S3 [1][2] without mention of any sort of encryption step (or reading of a secret somewhere). As mentioned below, you could encrypt before uploading of course. Someone please correct me if I misread though.

[1] https://github.com/dutchcoders/transfer.sh/blob/master/trans...

[2] https://github.com/dutchcoders/transfer.sh/blob/master/trans...




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: