Why does it have upload limits at all? Your client encrypts it, the data is sent over your internet connection to someone else's, their client decrypts it. Why would the data pass through Mozilla's servers?

I've used firefox send many times since its introduction as a pilot. I applaud its simplicity. The workflow is basically upload, send message/email containing the link, download.

In one of their videos, the URL is www.send.firefox.com - the others drop the www - is this intentional, a mistake? Why would someone use www before a sub domain like that?

They could also offer a realtime webrtc solution like snapdrop.net . Although i m not sure that works, it didn't work between my phone and desktop.

FWIW it works in Tor browser, with no CAPTCHA. Nice.

This is great! It is a shame that Box and Dropbox need you to be a paying customer to be able to share password protected shared links.

Tried it and it seems cool. Too bad that there isn't an addon to create a provider for Thunderbird 's filelink.

Ah man, I literally came up with (and prototyped) this exact thing in 2013. Minus the end to end encryption. I dropped it mostly because I wasn't sure how to prevent illegal use and didn't want to be liable.

Edit: mine was actually (partially) better because it assigned a short PIN instead of a full link, which meant you could just look at it and remember it for typing-in, instead of requiring a separate channel to "send" the link.

Nice, but transfer.sh[1] > Firefox send

[1] https://transfer.sh

Been using it since beta. Props to Mozilla for providing one of the easiest and well thought file sharing services.

This really feels like something the old Opera (not the Chromium version) would have done back in the day.

Why doesn't Firefox support p2p file sending !? Why do they do with the files I upload !?

How are they going to deal with bad content? Child porn? Pirated content? Illegal stuff?

Is there a simple way to get the direct URL of the file (e.g. to use in wget cli calls).

been using this for several months. have used it to send all kinds of files be it malware to large files. it used to accept everything. but now it asks for sign in.. why would they do they though

what is the business case for this tho? Who pays for the bandwidth??

I'm quickly running out of excuses for still using Chrome...

Yes, next to Apple's AirDrop, this is a welcome addition.

What is the use case of such a tool? Real a question.

The npm installation of send is quite easy to set up.

I wonder if they're running some malware scanners plus do they have to comply with DMCA takedowns? Based on what I see, the files are hosted on their servers, so they kind of have to, no?

Backend is written in JS. I can understand why they chose Node, but why not Typescript? This needs to be maintained and TS >>> JS.

How does it work? Is it P2P or what?

How does E2EE work if the recipient can download the file directly? I'd expect some key or password needs to be exchanged too?

How do they pay for the storage costs? What's the upside for Mozilla?

I had the expectation that it would use WebRTC before opening the link, disappointed on that side. But really glad of the privacy minded offer. I appreciate Mozilla's work and effort towards a more private and encrypted internet!

Sharesecret (my company) provides a similar service, along with a slack extension for anyone who needs a commercial product. https://sharesecret.co

I'm onboard as a regular user of send.firefox.com. How does Mozilla have the money to offer this for free?

Does Firefox Send work on browsers besides Firefox for sending and receiving files? It's blocked at my office, so I can't test it.

Swisstransfer.com is more or less the same, but with 25Gb and no sign up

I wonder if they've fixed the issue where one can force reuse of a link by slowing down a download, and sharing the URL ? Hence turning it into a cheap file hosting service:

https://news.ycombinator.com/item?id=15450524

I haven't been able to upload a file to try.

For senders and recipients who have execution privileges, OnionShare has:

Much lower trust assumptions

Functionality for dropboxes

https://onionshare.org/

https://github.com/micahflee/onionshare

This is cool, but I’m wondering if there is some sort of “secure drop box” equivalent. Basically I generate a set of GPG keys, anyone can post to a web form which encrypts the uploaded data, in browser, using my public key, and uploads it somewhere (my server, s3, Dropbox, doesn’t matter as the private is local on my computer). I could then download the files, decrypt them locally and use them.

We get a lot of customers who want to send us secure data (customer info, etc...) and I’d love a way to make it easy for the customer but still secure.

Does something like this exist, or is this still a pipe dream? Basically FF send, except I provide a known public key to use, rather than it being generated on the fly, requiring the user to find a way to send it to me out-of-band.

I'm working on a file sharing product, for the niche use case of sharing documents between family and professional providers (lawyers, accountants, etc).

Documents are mostly emailed to recipients at the moment (unless they're too large, in which case... um....). The main problem we see is that you end up storing documents in email attachments on your email provider, and using email search tools to try and find documents.

Would this end up the same, only with all documents ending up in the Downloads folder?

Am I wasting my time working on creating a cloud storage sharing solution, and be better working on a method of organising files on the drive, that can also send them to other people?

As I understand it, this "guarantees" privacy by embedding the key in the link-- if that's generated client-side, it never gets sent to Mozilla's servers (assuming they don't go out of their way to grab it via JavaScript) and you can have end-to-end encryption.

But, if I'm logged in, it looks like Mozilla's storing that fragment on their servers: if I upload a file from one browser, then sign in on a different browser, I can see the link I generated (including the fragment) from the first browser in my list of uploads, and I can download the file.

Doesn't that negate their end-to-end encryption if Mozilla servers have access to the keys?

I'm surprised that no one raised their concern about javascript encryption. Usually, some will point out that the user will have to trust the delivered client side code first. Has javascript encryption finally got mainstream now?

Looks more like wetransfer.

In the past, I used https://volafile.org/ for sharing files that will be deleted within a week. Volafile doesn’t do end-to-end encryption like Firefox Send, but it allows you to upload files over 2.5 GB.

Volafile’s multi-file “room” functionality, with chat, makes it more suited for sharing files among multiple people, while Firefox Send is optimized for sending a single file to a single person or a targeted group.

Bur Firefox is a browser. Why would you associate this with Firefox instead of making it a Mozilla service? It only leads to the Firefox brand deteriorating even more quickly.

Wow, this is really awesome and really cool! First I've heard of it. Just tested it and it worked great.

Is it possible to audit the tech? Is Firefox send open source?

Non-descriptive headline. Borrowing some copy from the announcement makes it better:

"Firefox Send: a free encrypted file transfer service"

Relatively new, are additional expiration options:

1 to 100 downloads, 1 is the default; or 5 minutes to 7 days, 1 day is the default. And an option to protect with a password.

Upon expiration, entering the URL behaves the same as if you enter a bogus URL, it's basically denied to have ever existed, i.e. it doesn't say this URL has expired.

I keep seeing comments about Search Revenue and keeping this free. It would be useful if Mozilla is getting more Firefox users out of it, but it likely won't be in any significant number.

So what happen once this get popular and waiting to be abused? Just like Mega. Who is going to continue and foot the bill?

That sounds great!

Tutanota also provides free encrypted file transfer service.-- Tresorit Send:https://send.tresorit.com/ ,which allows you to upload and share up to 5GB files using the same end-to-end encrypted technology.

How to they pay for the storage costs?

Obligatory https://xkcd.com/949/

The eternal problem of uploading and sharing massive files seems to always have new solutions.

There's croc with relatively small binary for all non-mobile platforms: https://schollz.com/software/sending-a-file/

I have a few sites like this, but very few people use them. These days, box and related sites have absorbed all the file uploads.

About 15 years ago, my sites were pushing 400-600mb/s non stop. Nowadays, I barely hit 1% of my network cap at each VPS location.

Not as far as I can tell. Mozilla also has (or had, I forget whether it's still a thing or not) a built-in WebRTC client they called "Hello", but that was a different thing.

This seems to be a known bug if you have used the old version of send in your profile that may be fixed now. If you try it in a private browsing window and it works, it's probably that bug.

this doesn't seem that impressive technology wise, but maybe i'll remember to use it.

Is there a web plugin for this yet.

Nice!

File Transfer https://xkcd.com/949/

Hope Firefox Send solves this ever present problem ;)

I can't believe that there isn't a simple service to transfer data between my cellphone and my computer without going through the internet. iTunes is terribly bloated, MTP is a mess, and Bluetooth is slow and frustrating.

Back in my hacker day I used to have an SSH server open on my cellphone and use it to transfer files back and forth with my computer. Why isn't there a mainstream service like that?

How "private" is it? Do you store metadata? i.e. if I upload a file and it expires, do you also delete any trace of me, including my IP address?

I wonder which cloud service they are using to store the files.

There's also a command line interface somewhere

I wish Mozilla focused on core Firefox functionalities instead of coming up with so many small side projects that don't target their typical audience. Since Chromium-based browsers are not an option, many of us are stuck with Firefox as the only remaining choice. But even Firefox has to be heavily customized before it's completely deGoogled and stops contacting various motherships.

As a side note Nightly build for Ubuntu has been broken since version 61 and there's no sign of any effort to fix it.

I must say I am disapointed.

I thought this would be some cool realtime system to send from browser to browser, using WebRTC or something. Something that doesn't involve them paying for file servers, by the way.

I believed in Mozilla ! But no, here we are and I just don't see the difference between this and Mega.

EDIT: except for the auto-deletion trick that addresses the piracy problem. But still...

This project sucks. Another bullshit firefox.com product that reinvent something existing and well established (eg. Jirafeau or Lufi). I hate so much what Mozilla become.

What about Dukto [0]?

IMO if something doesn't require the internet connection, it is more likely to be called "software", not a "service".

[0] http://www.msec.it/blog/?page_id=11

You can literally do that; termux will run sshd quite happily. I'm pretty sure there are sftp servers in the app store as well, but I don't really trust them.

I run the reverse; my laptop runs sshd and then I ssh/scp/rsync from termux on my phone. But either way works.

On iOS having a file manager web server is a common workaround, some apps like VLC even have their own. The only issue is that the server stops if you switch apps. There's also iMazing which uses the iTunes protocol and is pretty good, but unfortunately is paid.

With macOS and iOS, Airdrop, as others have stated. For other platform combinations, there is NitroShare[1] which works in almost the same way.

[1]: https://nitroshare.net

SimpleSSHD is a simple ad-free open-source SSH server for your Android phone (available on Google Play). It's very useful. It only supports public-key based authentication, so you can't use a password, however.

termux + woof

woof -i <ip_address> -p <port> <filename>

termux: https://play.google.com/store/apps/details?id=com.termux&hl=....

woof: http://www.home.unix-ag.org/simon/woof.html

Edit:

1. Allows directory upload/download (tar/gzip/bzip2 compressed)

2. Local file server (doesn't go over the internet)

3. Allows upload form (-U option)

4. Allows file to be served <count> number of times (-c option)

To add to the options (for Android phones):

https://f-droid.org/en/packages/org.primftpd/

There are a few around...I use File Explorer which can actually start an FTP server from my phone (iPhone) that my PC can connect to over LAN. It also can be a client to a remote FTP/file share.

You run a simple HTTP server on your computer, then download your files over Wi-Fi using your phone's browser. Works nicely.

    cd my/directory && python3 -m http.server 80

Plugging in a USB cable still works fine. I think the problem is if its too easy then people will be copying files off of each others phones without permission.

You can try WebTorrent (P2P) based solutions, maybe https://btorrent.xyz could help.

How about https://snapdrop.net/ ?

there is https://snapdrop.net/ but it didnt work for me

KDE connect?

Airdroid

Dozens of responses, and not one mention of Dropbox. Works perfectly for this exact purpose on Android.

I also use copy/paste between my Mac and iPhone quite a lot, which is a Handoff feature

I've been using sway for a few weeks as well. I just used it once to share a file from my phone, and here's what I did:

    export $(dbus-launch)
    kdeconnect-cli -l
    *then I sent the file from the phone*

It could be launched on start; there's also appindicator-kdeconnect that should work with a tray icon, as well, AFAIK.

It's supposedly UI agnostic and just requires QT5. Probably you can build it from source, and it will open as a normal app, in its own tile.

Thank you! This is great input to us, it just needs a few more details to become actionable: bugs filed (for things that are not by design, of course, like the extension API), repro steps and detailed information provided. If I can reproduce it, I can file bugs myself, but I still need to get some clarifications on how to reproduce.

How do you do this on your iPhone? I, and others, are of the opinion that this cant be done.

Access to images and videos is read-only. So it can't be used like a USB drive.

It does have a LAN sync mode...but it's supplemental at best. Plus, the clients need to bootstrap and authorize through the Internet first.

For desktops, yes, but my default assumption for a phone is that it's on a mobile network

I love it as well, but my one gripe with the Android app is that it does not support read/write sync on external storage (SD cards). This means, in my case, that I have to share photos from my phone in a read-only fashion. It's not a deal-breaker by any means, but it's annoying, because if I want to add photos to my collection that were obtained elsewhere (e.g. my underwater camera), I have to transfer those files to my phone first in order for them to properly propagate to all my other devices.

Here is the related issue: https://github.com/syncthing/syncthing-android/issues/29

Is it a technical limitation, insufficient developers, or a license issue? IIRC GPL doesn't work with the store.

In addition to NUMEROUS 3rd party tools, Google already provides a tool exactly like AirDrop for Android.

It's a feature of the Files app https://play.google.com/store/apps/details?id=com.google.and... which has over 100M installs.

Look at the 3rd screenshot.

ENCRYPTED FILE SHARING

Files’s offline file sharing is secured with WPA2 encryption, providing a more secure file transfer. Files app uses Bluetooth to set up encrypted and direct fast wifi connection, so that you can transfer app APK or large files in seconds, send videos or pictures to your friends. Safe and secure.

SHARE FILES OFFLINE

Share your pictures, videos, documents, or apps with others nearby who also have the app. With fast speed up to 480 Mbps, it’s fast, free, and it works without the internet, so it doesn’t cost mobile data. Just pair up your phone with anyone nearby who has Files app.

Other vendors used to allow you to do this back when internal storage was vfat formatted but it's not been an option these days because Windows and Macs wouldn't have the file system drivers to read the storage.

This is why MTP was created. However MTP is - in my experience - complete garbage and creates as many problems as it solves.

> Why is it a necessity to store information for 90 days? Why not 10 or 30?

Is there something special about 10 or 30? (You wouldn't ask the same question about 10 or 30?)

Legally you have to retain this type of information for at least 90 days. That sucks but it's the law.

Yeah, I agree - MTP is abominable on every device Ive used too.

>And helping law enforcement is inherently terrible because

Helping in the sense that they open themselves up to be strong-armed by LE

Android phones don't do this anymore, for the technical reason that allowing a computer to mount a filesystem directly requires that the phone unmount it. Mass storage expects a block device, so there's no wrapper that one could provide that would make this work with the native filesystems of the phone.

What could be done is to dedicate a file on the phone as block storage, and expose that as a mass storage device. This would suffer from the same problem (of the phone not being able to access it at the same time), but if it's dedicated "flash drive emulation" space then perhaps this behavior won't be as surprising to the user.

Argh! I just went through this with a friend's iPhone when he asked spur of the moment to have a video on his iPhone displayed on some monitors for a presentation. The monitors are driven by a Win10 computer. My first thought was to transfer the file from the iPhone with Bluetooth to the computer, but apparently an iPhone can't be paired in that manner. So lame. The video was too big to email, so I used send.firefox.com and uploaded the video to it, and then downloaded the video to the computer. Thanks to the iPhone's protective wall that little stunt cost my friend 200MB of cellular data. The computer didn't have iTunes, and there was no Lightning cable available so direct hardwired transfer wasn't an option either.

> Nah, Android phones have done this forever

Your only option today is MTP on Android, and it stinks.

At one time, Android did support showing up as a mass storage device. I know when I first got a G1, then the phone I had after that - both you could plug in, and they appeared as a mass storage device. Just like a USB thumb drive.

I don't recall if you could use the file system at the same time on both sides; I doubt it, though. This was never a problem for me. It just worked - just like a thumb drive.

Then something changed; I don't recall which Android version, but they gradually phased out the phone appearing as a USB drive, and started to phase in MTP. I recall MTP being absolute POS on Linux, barely workable everywhere else, and where it did work, it was slow.

It's gotten better over the years on all platforms, but it still isn't anything like it should be.

My theory on why they switched was to keep people from easily side-loading APKs, and backing them up easily, etc. I think it was all part of the battle to keep people from really owning their phones, keep them from rooting them, etc. The ever and ongoing battle in which nobody really wins, everything is left as rubble, and the results are futile, because if they lock things down completely, the people that want things open will just leave to create their own devices, and they don't really gain much.

As an aside - that's a direction I've been thinking about pursuing. There are now some relatively cheap 4G modules out there, and some open-source "phone" operating systems for the Raspberry Pi and other embedded controllers (with varying levels of "working-ness"). I'm just getting tired of not really owning my own phone, and I want to do something about it.

My current phone is an S7 (TMobile version) - and they've made it hard as heck to actually root; it seems like every time they come out with a way to do it, Samsung/T-Mobile updates to prevent it. I'm just tired of the whole cat-mouse thing; I want things completely open, even if it means I have to write my own apps.

Android and iOS user. I"m not defending it per say because the frustration of a real shell existing (I've jailbroken iOS and used it) but no access to it is real.

The argument from apple is even if you put a warning label on on a setting "allow filesystem access over SSH" for example, if you give users unmanaged file or other systems access, it will be exploited and in reality, what most users (or at least my mother and father) want is to just use their phone and never think about it.

It's fair not to like it and it may be wrong, but to imply that apple did it just to frustrate power users is either misinformed or dishonest.

Lastly there's a cool ios project https://github.com/tbodt/ish that gives you an emulated shell. Works pretty well.

You said "Android phones don't do that anymore", "that" referring to "have it show up as a removable storage device".

Pointing out that the protocol used is leaky or bad in some technical way doesn't change that Android phones do in fact show up as removable storage devices when connected to (at least Windows) PC's. Your original assertion was incorrect.

samcday even said they just wanted to copy some files around. You don't need to be able to modify files in-place from the PC to accomplish this.

I’m a little confused, you don’t want to use 3rd party apps (like a Microsoft app to interact with nearby MS stuff) AND you don’t want to use Apple 1st party apps?

It sounds like the only thing that would’ve satisfied you would’ve been for iOS to natively understand whatever the Microsoft system is for broadcasting videos? I agree it would be delightful if Apple and Microsoft could agree on a “I’m a short term drop-point” “send to any nearby open drop-point” API, but the absence of this doesn’t seem likely to be either Microsoft’s or Apple’s fault.

The Apple way to do this would’ve been to send an iCloud email. Apple Mail would’ve uploaded the file to a server, and a short-lived link would’ve been created, to avoid SMTP size limits.

Pretty much exactly what you ended up doing but manually via Firefox Send.

> MTP is a horrible protocol which renders the abstraction very leaky in my experience

Nevertheless, it's still removable storage that can take the place of the most common use case of portable flash drives: moving files around from one computer to another. Which is explicitly what we were originally talking about.

Pointing out that it doesn't work for some other use case that you yourself brought up doesn't make any sense. That's not what everyone else was talking about.

Well, I'm sorry to have upset you, and I hope that the precise technical situation is now clear to anyone reading this thread.

At least on BSD, you want to be able to separate external 3rd party libs and system libs in case they overlap, so that is why BSDs don't automatically include things under /usr/local.

That has been discussed :-)

They'll recognize it as the browser they don't have any maybe should get because it's now positively associated with cool new features like this. :)

I think what helps is that there's two (or more) parties to a file transfer: the sender and the recipient. Someone who uses Firefox might start using Send, and then the recipient(s) finds out that they can use it too. And if they're using Send, the might start to consider using Firefox, or to create a Firefox account first.

Why? Why wreck a good thing so no one else can enjoy it?

The torrent protocol is already there. Don't put that cost on the Mozilla Org.

I certainly hope that Mozilla can/will detect and punish this sort of abuse.

This is why we can't have nice things.

That should be fine, though I'm pretty sure I have some episodes that are above that.

The key is in the fragment and thus is not sent to any server.

> To my knowledge, the link is only invalidated if the person actually downloads the file.

I've used one-time-link services sometimes, and posting the link to Slack causes Slack to make an HTTP fetch looking for metadata, which then invalidates the link.

What if the download was interrupted because, e.g. the other person had a temporary issue in their internet connection? Does the server at least detect that the entire file has been sent over the socket? Does the server at least check that, on a TCP level, receive all the ACK packets it is meant to receive? Of course this still isn't foolproof but it's a good way towards detecting interrupted downloads.

What if I'm on a network I don't trust? Is the only option to set a passphrase? More importantly, the UI doesn't call this out explicitly, so uninformed users may think it's "secure enough" without a passphrase.

Well I'm glad I asked, because that sure is neat!

If they did, you could abuse it by just trasfering every byte except the last, add that in a custom link to complete the file transfer and have unlimited distribution ;) I think it's best the way they did it.

I appreciate you took the time to run a test to answer my question. Thank you.

Firefox might consider keying off the initial IP seen upon retrieval and extending the TTL of the object until the final byte has been retrieved.

Did you test to see if the download could be resumed?

In an ideal world, partially-downloading the file would expire the link, but the server would still allow the file download to be resumed (but not restarted).

Minio is your friend. (S3 compatible self-hosted, open-source object store).

I recently implemented a text/snippet sharing tool that uses Minio instead of S3, because I like to self-host everything.

https://minio.io/

FWIW, It took me about 5 minutes to get it going after I updated nodejs to version 10. It took me another 5 minutes to realize it setup a local filesystem storage in $TEMP automatically. I was impressed with how easy it was to get going, and that it picked sensible (though not well documented) defaults :)

The default npm install; npm start will give you a self-hosted app. The docker one is a different beast.

Maybe for 1080p. It's 10-15GB for 4k.

Indeed, you can rest assured that this will be used to share passwords that should not be shared this way. I would be surprised if it hasn't been already.

> I suppose an alternative would be to generate a data: URL, but if it has to include all the crypto code, I wouldn't expect it to be nice and compact.

Sounds like a challenge for the code golfers.

I would imagine that to be Firefox itself and Firefox for Android/iOS. I've seen people easily set up syncing on Google Chrome because they already have a Google account to which they might even already be logged in, while they're completely unaware that Firefox has a similar feature.

If you already have a Firefox account, the barrier to using Firefox Sync is lower, and with that, the barrier to using Firefox for Android/iOS is lower.

I've used for a contract project I worked on. It wasn't bad, but it was difficult to filter when there was a lot of messages.

It's something only Firefox has. And it should absolutely be in its core. Preferably without requiring a custom CSS file to hide the old tab bar.

It's a BSD world thing :). Local (i.e. non-system) executables and libraries go under /usr/local around here (i.e. libraries under /usr/local/lib, binaries under /usr/local/bin and so on, the hierarchy under /usr/local has the same structure as that under /usr).

  [target.x86_64-unknown-freebsd]
  linker = "/home/drewg123/bin/cargo-ld"

  #!/bin/sh
  exec /usr/bin/ld -L/usr/local/lib $*

Is there an autotools equivalent in Rust land?

Minio is an S3 proxy, allowing you to use different storage backends with systems that support S3-compatible blob storage (like Seafile).

In my case I have Minio in front of Azure blob storage, so Seafile is storing data in that.

I host Seafile and Minio using Docker Compose, which was super-simple to get started with.

The problem with that table is that this only lists the entry methods, which are supported in all browsers. However, the actual work is hidden behind parameters, not all of which are supported by all browsers, and some have to be in weird combinations. One example is that Edge does not support PBKDF2 in any form, which makes many of their further support a bit weird to use.

Here's a site where you can test your browser's compatibility with many combinations: https://diafygi.github.io/webcrypto-examples/

The SubtleCrypto portion of the API is slightly less supported in that it appears to have spotty/non-compliant IE and Edge coverage.[1]

1: https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypt...

This place has basically ruined me for writing. I used to sort of know how to do it! The idea of writing a top-to-bottom "browser Javascript is evil" post is intimidating to me now. It was intimidating when I wrote the post referred to above! And that one wasn't even good!

I'll work on it.

Then you understand "How do they handle abuse though? Like, people using it to host, say, pirated TV shows?" remains an open question.

But at least you only need to trust them now, and not every incarnation of them in the future =)

This is where WebCrypto in browser extensions begins to get interesting, I think.

Ah. In that case, I seem to recall they performed user research among users of their browsers that uncovered that sending files to others was still a major pain point. It's also a way in to promote a Firefox account, and Firefox in general.

Of course Mozilla's not in it for the money, so there's not a direct line from Send to more revenue. Firefox is their main tool to protect the open web, and Send is a way to get more people to use that. And of course, being able to send files encrypted is good for the web as well.

Indirectly, it is primarily financed by the search engine deal in Firefox.

The open web is more than just a browser. The cost is minimal when you have your own infra instead of AWS’ bandwidth gouging.

You got it! The only thing you'd have to worry about is malicious JavaScript on the Firefox Send website which I believe would be highly unlikely. And of course, you must keep your link secret.

Yes, such a CLI tool would help protect you against a MITM with malicious JavaScript.

It's not a new idea, the megaupload successor first did it as far as I can remember

It's cool, but not exactly novel. Mega has done it this way for years.

Yes and no, depending on your threat scenario.

I would assume Signal to have a proper signing infrastructure in place, so that the keys used to sign new releases are not available to the server hosting/deploying the actual update files (or providing them to Google/Apple for that matter). So simply taking over that server would not be enough, as malicious updates could not be installed.

Assuming Moxie goes over to the dark side, however, you are screwed. There's nothing stopping your Signal app from bundling all your plaintext messages once you've entered your password and sending them off to China, save maybe a firewall you have in place. Google or Apple might stop such an update during their reviews, but I wouldn't bet on it.

> On my Android device, I also have auto-update turned on, because my only option is to turn it on for every app or none of them.

Open the Signal store page and click the dots in the top right of the screen and untick Automatic Updates.

You can absolutely disable app and OS auto-updates on iOS.

> In a web app, a single compromised server will compromise all security instantly.

This is only true if the server has access to the keys of your data. E2EE typically means that it doesn't, only you do.

If it works, it prevents mass surveillance and makes insider attacks much more difficult.

Absolutely. Security and secrecy are not binary, though, it's a spectrum. There are many things where you would mostly want to avoid dragnet attacks and undetected intrusion but don't have concerns for targeted attacks like the one you are describing.

I think this fills the gap for when you want to share not-critically-secret stuff with non-technical people and would today likely send it over something like e-mail, Drive or Dropbox.

True, but I don't think I'd use this website for anything I'm that concerned about. At that point, I'd encrypt it myself with something like gpg or openssl on the command line.

This fills a handy gap for a lot of people with smaller needs.

Yes. I would like to add though, that you can set an optional password as well. Without it the link would be useless. You can share it through a different channel.

Their Github page specifically mentions AWS S3 as a requirement. So they are using it.

Is there a cheaper S3 alternative that you recommend or that Mozilla's likely using instead?

So the takeaway I'm getting from this and a few other comments is that, in general, running automatic updates for most software is still more secure than not, since a 0-day is more likely than a compromised server.

E2E encryption is still valuable, because assuming that the codebase is delivered/signed separately from its app servers, it decreases the number of available attack points. It's usually easier to secure code delivery than it is to secure your entire backend/database. It's even easier than that to secure a private key that you never put on your delivery servers in the first place.

JS has some additional concerns regarding stuff like Spectre and random number generation, but ignoring those for a sec, E2E encryption is in theory viable and valuable on the web, assuming you've split your backend from your code delivery endpoint and are taking extra steps to secure those specific code delivery servers.

But E2E encryption on the web could be improved a lot if we expanded code-signing for browsers. We download code over SSL, but that's just to make sure no one MITMs the server itself. We could, in theory, have some kind of signing system for raw assets that was completely unrelated to the connection to the server -- a "only allow Javascript to download/eval on this domain if it's signed with a key that's not even stored on the delivery server at all" policy. But we don't have anything like that yet.

Is that a reasonable interpretation?

Your description is very simplistic, but yes, you have to trust the code that's delivered to you. For example, no Android/iOS user would check every single update to E2EE apps they install for backdoors. However with web, there's an opportunity for a backdoor in every single request and the server can ship different code to different users. In my opinion, using web cryptography is still worth it, but it's definitely more risky than native apps.

Sure, but having access to encryption/decryption/key derivation is pretty much equivalent to having the key in most circumstances. Plus, JS generates the key and sets "extractable" flag.

It's intuitive for lay users that the links are secret, yes. What lay users have trouble understanding is that putting something in an email automatically makes it not secret.