Hi ,
Lately, I’ve been working on a small project called deaddrop.space. I’m posting it here because I thought it might be handy to those who care about privacy and control over their data.
It’s a secure, anonymous file-sharing platform built to prioritize privacy, control, and simplicity. Unlike typical services that ask you to sign up, verify emails, or accept endless terms, DeadDrop lets you upload and share files — no accounts, no tracking, no nonsense.
Here’s how it works:
- You upload a file, set a name, password, expiry date, and max number of downloads.
- To share it, just provide the recipient with the name and password (or a direct link).
- Files are encrypted in the browser using AES-256 before they ever leave your device.
- No raw files or passwords are sent to the server — it’s zero-knowledge encryption.
That means even I, the creator, can’t decrypt or access the files.
BTW, it is open source : https://github.com/Rayid-Ashraf/deaddrop
Would love to hear what you all think — feedback and suggestions are welcome!
So naively then.
Do you have a suggestion on how to combat this while not snooping on a users files? Or are you just enjoying the soapbox?
They’re basically just poo-pooing the ideas of privacy and security, no more than “the government and corporations need access to everything you do because someone somewhere is doing bad things.”
It’s the same idea as “encryption bad because terrorists,” and “gun company bad because murders,” some people blame the people doing the bad thing, and some people blame the tool used or who created it.
No, there isn’t a solution.
You can’t ethically provide anonymous no-knowledge hosting.
So if you are doing nothing wrong you have nothing to hide?
This project just looks like it was tailor made for CSAM.
That’s definitely not the intention. It’s built for people who care about privacy, not for anything illegal.
There is significant overlap between those two groups.
Sure, but there are also a lot of people doing good things who are persecuted for them, do you think it should be impossible to do any kind of activism just because other people commit crimes?
Yeah. I’m kind of surprised no one else is really concerned about that. The legal ramifications of hosting a service like this are no joke.
Do you also think the government should be reading everyone’s mail? Should they be scanning every device capable of storing data ever shipped?
Of course not, but that doesn’t have anything to do with this.
How? The only way to prevent the site or the postal service from potentially being used for sending CSAM is indiscriminate surveillance.
This project is not analogous to the postal service.
The postal service is absolutely necessary for a contemporary economy. As such you do bear the risk that it may be used for nefarious purposes but in the event the service does discover contraband, it’s not anonymous in that the recipient can be identified.
Offering anonymity as a service means providing safe harbor for users with unethical or immoral intent.
Everyone needs secure data storage, but anonymity is a whole other thing.