Hi ,
Lately, I’ve been working on a small project called deaddrop.space. I’m posting it here because I thought it might be handy to those who care about privacy and control over their data.
It’s a secure, anonymous file-sharing platform built to prioritize privacy, control, and simplicity. Unlike typical services that ask you to sign up, verify emails, or accept endless terms, DeadDrop lets you upload and share files — no accounts, no tracking, no nonsense.
Here’s how it works:
- You upload a file, set a name, password, expiry date, and max number of downloads.
- To share it, just provide the recipient with the name and password (or a direct link).
- Files are encrypted in the browser using AES-256 before they ever leave your device.
- No raw files or passwords are sent to the server — it’s zero-knowledge encryption.
That means even I, the creator, can’t decrypt or access the files.
BTW, it is open source : https://github.com/Rayid-Ashraf/deaddrop
Would love to hear what you all think — feedback and suggestions are welcome!
So you’ve built a platform with an ideal use case that you’re absolutely opposed to but have no mechanism to control or even detect.
Perhaps you should look up zero knowledge encryption.
Well, everything has its own pros and cons
Have you considered that as the host, you’re the only person who is not anonymous?
If someone did upload something illegal, and share it with a community, only one member of that community needs to get busted for you as the host to be identified as the “source”.
I’m aware that in civil cases hosts are liable for the content they host, but criminally? IDK.
Anyhow, I didn’t intend to dump on your project. I hope I’m wrong and it all goes great. I look forward to being downvoted to oblivion.
I am considering going to UAE :)
So now you’re moving to avoid jurisdiction rather than just not enabling csam?
I want to be very clear: I do not condone CSAM or any illegal activity. DeadDrop is simply a privacy-focused file-sharing service — like many tools that value anonymity, it can be misused, but that’s not its purpose or intent.
To your question: I’m not trying to “avoid jurisdiction” — I’m trying to build a service that respects privacy and anonymity, which I believe are fundamental rights. Unfortunately, any privacy tool (from Signal to Tor) can be exploited. The challenge isn’t the tool itself, but how we handle misuse without compromising basic freedoms for everyone else.
If we shut down every tool that could be misused, we’d also be shutting down freedom of speech, press, and secure communication. That’s not a solution — it’s just pushing the problem elsewhere.
That’s a very reasonable response, and I’m not sure how to put into words the reasons I disagree.
I think i would say that while privacy is important and should be valued, I believe that protecting against the harm that individuals can do with tools such as this one is a greater good for society than the harm caused by ensuring that tools such as these are not allowed.
Well, one service shuts down and they move on to another. Instead, deal with the real culprits that do these illegal things. Shutting my or anyone else’s services will make no change.