Send: A Fork of Mozilla's Firefox Send

Send: A Fork of Mozilla's Firefox Send(github.com)

666 points by andredz 5 years ago | 141 comments

kickscondor 5 years ago |

Some other WebRTC file transfer options:

* https://wormhole.app/ (my recent fave, by creator of WebTorrent, holds for 24h, https://instant.io by same)

* https://file.pizza/ (p2p, nothing stored)

* https://webwormhole.io/ (same, but has a cli)

* https://www.sharedrop.io/ (same, does qr codes)

* https://justbeamit.com/ (same, expires in 10 minutes)

* https://send.vis.ee (hosted version of this code)

* https://send.tresorit.com/ (not p2p, 5 GB limit, encrypted)

I track these tools here: https://href.cool/Web/Participate/

carbonatedmilk 5 years ago | |

love Wormhole, but that animated background chews up an incredible amount of battery power on my M1 Macbook Air (even when the tab is in the background). Please wormhole crew, turn it off.

feross 5 years ago | | |

We recently made a one-line change that massively reduced GPU usage, specifically:

- Intel integrated graphics: 60% reduction

- AMD Radeon: 40% reduction

- Apple M1: 10% reduction

What was the change? We removed "opacity: 85%" from the <canvas> element. We were using opacity to slightly darken the animation but now we just darken the texture image directly.

Farow 5 years ago | | |

You can "hide" it with uBlock Origin by blocking large media elements in the popup.

pimterry 5 years ago | | |

100% agree - I've used Wormhole a few times when I try to quickly get data into interactive VM sessions, because it works great otherwise, but the graphics consistently grind the whole thing to a halt.

I really don't get the reasoning. It looks kind of cool, but it makes it super unusable for a bunch of use cases from very old computers to interactive sessions on raspberry pis to constrained VMs. And those are exactly the kind of places where I want friendly easy tools to copy files across for quick system admin or to get logs back out! Doesn't seem like a good tradeoff.

FriedrichN 5 years ago | | |

Set webgl.disabled to true if you're using Firefox.

BiteCode_dev 5 years ago | | |

And if you have a sucky connection, it's slow has hell to load.

arafatamim 5 years ago | | |

Turn on "reduced motion" setting on your Mac.

FounderBurr 5 years ago | | |

Wouldn’t it be easier for you to manage what you expend your battery on?

iagovar 5 years ago | |

Hmmm, it seems like https://webwormhole.io/ has changed from last time I used it. https://wormhole.app/ seems more similar to what I remembered as frontend.

I remember trying many of those services and I decided to use this one because I could send large files without any problem (was trying to move sqlite dbs that were several Gbs, as it seemed to stream the file instead of trying to store it on ram first, but now I see wormhole.app allows up to 10GB, and I don't remember to have any limit.

WebRTC services seem to have problems to get up to speed, but for streaming files between devices it seems the best solution in terms of friction.

lxgr 5 years ago | | |

The speed problems interestingly seem to be caused by a bug in an implementation of SCTP used by most (all?) WebRTC browser implementations:

https://github.com/saljam/webwormhole/issues/55

The symptom seems to be that the SCTP data rate drops with increasing latency (which used to be a problem with very old TCP implementations too, but all modern ones handle high-latency networks much better).

dennis-tra 5 years ago | |

I‘ve also built a file transfer tool (CLI) with emphasis on decentralization. It’s a fully decentralized p2p file transfer tool based on libp2p:

https://github.com/dennis-tra/pcp

I‘m currently trying to make it interoperable with https://share.ipfs.io/#/ which resembles the functionality of the posted tool.

kickscondor 5 years ago | | |

Seems very similar to 'hyp beam': https://github.com/hypercore-protocol/cli

dschep 5 years ago | |

There's also https://snapdrop.net which seems extremely similar to sharedrop.io but has an additional useful feature of letting you send messages which I sometimes use to send links to devices that aren't logged into any service.

kickscondor 5 years ago | | |

Ah neat! I've added all of the links in the comments here to my list - great to see what's out there and to combine our collections.

fckthisguy 5 years ago | |

As I recall, there's a difference between file.pizza and webwormhole. file.pizza allows the sender to specify files and then generates a share url, whereas webwormhole creates a share link first. The latter can be useful if you're not sure exactly what you'll send before you share the link.

Dumbdo 5 years ago | |

There's also https://github.com/schollz/croc which is a very simple P2P CLI transfer tool.

fljsdflsdfjdslf 5 years ago | |

Missing https://dropbox.com/transfer

ehsankia 5 years ago | | |

Is that using WebRTC, or are they hosting the files on their backend?

elliebike 5 years ago | |

I’m a fan of Kipp! Not p2p, but has optional encryption

https://kipp.6f.io/

ca98am79 5 years ago | |

I made these:

https://file.io

https://temporary.pw

Ansil849 5 years ago | |

> I track these tools

How frequently do you validate that they are still functional?

I tried File Pizza several months ago, and neither I nor the recipient could get it to work.

kickscondor 5 years ago | | |

Links are checked at least once daily - I do have a few that are recently broken that I need to address - but File.pizza is okay again. I have switched the main link to Wormhole, because it's now my preferred option - and because File.pizza has been up and down for me in the past as well.

lancepioch 5 years ago | | |

I swear I've tried it several times over several years. I've never gotten it to work.

NeoLaval 5 years ago | |

http://Gofile.io File sharing and storage platform, unlimited and free

rorykoehler 5 years ago | |

https://snapdrop.net/ is another

ctpide 5 years ago | |

We build a web app for e2ee file transfer:

https://arcano.app

puchatek 5 years ago | |

That website or yours should be its own hn article.

seriousquestion 5 years ago | |

Thanks, useful site!

timvisee 5 years ago |

Maintainer here, thanks for posting!

Feel free to ask any questions.

Want to try it out? I've a public instance at: https://send.vis.ee/

Other instances: https://github.com/timvisee/send-instances/

A docker-compose template: https://github.com/timvisee/send-docker-compose

surround 5 years ago |

An observation. This is the second time today we've had a submission link to github, even though the main repo is on gitlab (the first was https://news.ycombinator.com/item?id=27047243)

forgotpwd16 5 years ago | |

How is ClearURLs' main repo on GitLab when their main site[0] links to both and their docs[1] link *only* to GitHub?

[0]: https://clearurls.xyz

[1]: https://docs.clearurls.xyz/latest/

Izkata 5 years ago | | |

The README on the repo itself links to gitlab, including the "create an issue" link: https://github.com/ClearURLs/Addon/#contribute

fouric 5 years ago |

This is excellent! I've been missing Firefox Send ever since they took it down.

However, it needs to be hosted somewhere.

...and if I'm going to be using a hosted service, I'd like the ability to easily pay for it (so that it doesn't eventually collapse or resort to shady things like ads), either though donations or microtransactions for bandwidth/storage.

Unfortunately, there's no good microtransaction service.

Wasn't Mozilla working on one? Where did that go?

...and thus, we've gone full circle.

And I'm typing this comment in a Chrome browser, because my company is migrating away from Firefox due to "security issues".

timvisee 5 years ago | |

This is a comment for my instance specifically, but you might find it nice to know:

The https://send.vis.ee/ is mostly funded by donations right now. I do not plan to take it down, unless the cost becomes a problem. I'll never resort to ads.

If this ever happens, I'll likely show a warning beforehand. Some time later I'll disable the upload page, and will take the rest of it down the week after. Files have a maximum lifetime of a week anyway. So if you discover this when uploading, you can simply switch to some other service. Existing links should not break.

There's a donation link on the bottom of the page (https://vis.ee/donate). But feel free to use it without a contribution.

matham 5 years ago |

Do you know what led Mozilla to stop this experiment (I'm assuming spam)? Will this not be an issue for your instances as well?

IainIreland 5 years ago | |

The announcement is here: https://support.mozilla.org/en-US/kb/what-happened-firefox-s...

Quick summary: it was being used for malware and phishing, aggravated by the trustworthy-seeming firefox.com URL.

simias 5 years ago | | |

I think the shifting "product focus" is probably the main factor here, simply because such a service being used for malware hosting was completely predictable from day 1. When they started they probably thought that it was worth it, then later on they changed their mind. That or they were incredibly naive.

timvisee 5 years ago | |

They said they stopped due to spam, but there might be more to it because they also had quite a lot of layoffs that period. I don't know.

I can imagine spam being a problem with such a service with a well recognized brand name.

itake 5 years ago | |

This is self-hosted, so probably easier to apply security through obscurity.

redkoala 5 years ago | | |

That means no security at all. Without a way to link files being hosted to identity or inspecting the contents of the files, there is no barrier to prevent spam and illegal files from being hosted.

Black101 5 years ago | | |

they have a public instance... and just like Mozilla's version you can self-host... but either way we need more services like this.

gsich 5 years ago | |

Storage in S3 is not cheap.

Jhsto 5 years ago |

After trying all these WebRTC options and the NAT traversal service (STUN, iirc) always being down, I ended up using IPFS instead. With public gateways from CloudFlare it is very easy to effectively drag and drop files and have them accessible via the IPFS-to-HTTPs gateway.

livre 5 years ago | |

For the rare times I have to do this I run a local server and the free version of CloudFlare argo tunnel. It provides an https url so the upload/download is safe from ISP snooping, there are also no size limits, you can send a 30GB file if you need to do that.

https://blog.cloudflare.com/a-free-argo-tunnel-for-your-next...

dennis-tra 5 years ago | |

https://share.ipfs.io/#/ is also very convenient for simple p2p file transfers.

spaniard89277 5 years ago | | |

How does this work. Does the file need to pass through a server before reaching the other end? or is it streaming directly between sender and receiver?

Also, does it need to put the whole file in RAM first?

TedDoesntTalk 5 years ago | |

Doesn’t IPFS have problems with persistence? IOW you can’t guarantee a file will be available?

Jhsto 5 years ago | | |

There's two persistence types: pinned and unpinned files. Pinned files persist, but someone needs to seed them at least occasionally. Unpinned files get eventually garbage collected. If you want to share a file, you don't need to pin it if the recipient for example tells you when the download is complete. In this sense, all these WebRTC examples are more equivalent to unpinned files.

nkellenicki 5 years ago | | |

As long as you keep your node up and running your content will never disappear. So if you just want to share files with friends I can see this working well - just keep your node available.

fireattack 5 years ago |

Semi-related, but is GitHub's search by programming language feature broken on this repo?

I'm curious about "FreeMarker" being the top language so I clicked on it, surprisingly it returns zero code: https://github.com/timvisee/send/search?l=freemarker

So does "javascript": https://github.com/timvisee/send/search?l=javascript

emi2k01 5 years ago | |

Search is disabled for forked repositories in github. It's better to create a new repo and push the code if you want a fork.

Search in original repo works: https://github.com/mozilla/send/search?l=javascript

circularfoyers 5 years ago | | |

The other option too would be just to clone the repo locally and use grep, find, etc. That seems the simpler option if you just want to perform a search.

hojjat12000 5 years ago |

Naive question: The github page says 62% of the languages used in this repo is FreeMarker. I checked the repo and every file I look at is js, what and where is FreeMarker?

niea_11 5 years ago | |

I can't find any freemarker templates on the project, but apparently it's using i18n files with an ".ftl" extension which is the default extension for freemarker templates.

Ex: https://github.com/timvisee/send/blob/master/public/locales/...

sciurus 5 years ago | | |

Yeah, those files are for https://projectfluent.org/

timvisee 5 years ago | |

I don't know. Have been asking myself the same question the past month.

TheDong 5 years ago | | |

I think it's the locale files, like this one: https://github.com/timvisee/send/blob/master/public/locales/...

If you look at github/linguist, that's what recognizes languages in repos. It has this rule for FreeMarker: https://github.com/github/linguist/blob/32ec19c013a7f81ffaee...

It seems a .ftl extension means FreeMarker to linguist, so those localizations show up as such.

chungy 5 years ago | |

GitHub's language "detection" is ridiculously naïve and basically limited to examining file names only, not content.

voiper1 5 years ago |

I'm liking croc with a CLI on each end.

psanford 5 years ago | |

croc just had multiple major vulnerabilities discovered that required protocol breaking changes to fix: https://redrocket.club/posts/croc/

anaganisk 5 years ago | | |

So fixed right?

neodymiumphish 5 years ago |

I know everybody's posting tons of alternatives already, but I'm curious why https://transfer.sh isn't included. It has very simple instructions for encrypting against a recipient's Keybase GPG key, works from the site or command line, and has 14 days of retention.

Just curious, since I keep seeing Wormhome mentioned, but I never seem to see anyone mention Transfer (unless it's just a lesser known option and I happened to hear of it early).

andredz 5 years ago |

There's also a CLI for Send (ffsend): https://github.com/timvisee/ffsend

pornel 5 years ago |

The big advantage of Firefox Send was that it was hosted by Mozilla, and I could trust that Mozilla wouldn't have any backdoor in the service.

When the same project is hosted by someone that I don't know, I can't be sure that they won't modify it to peek at the files (I'm not going to perform a full code audit on every page load).

tym0 5 years ago |

Is there a way to use ffsend if I drop some basic auth in front of the upload?

timvisee 5 years ago | |

Yes! `ffsend upload --basic-auth USER:PASS FILE`

Macha 5 years ago | | |

It would be nice to set arbitrary (or at least Bearer) Auth tokens too in case you put it behind some oauth enforcing gateway like authelia

NeoLaval 5 years ago |

https://blaze.vercel.app/

SubiculumCode 5 years ago |

I'd like to set this up one up of my own servers...

Black101 5 years ago |

Best HN post in months...

cassepipe 5 years ago |

Oh, I forgot about that one. Yet another Mozilla project that worked well that was abandoned. (Remember Firefox OS? https://killedbymozilla.com/) I know what you're thinking : They did not abandon Rust ! Well I just learned from a post that recently made it to the HN front page that management was considering dropping Rust. The only reason they did not was because of someone who fought hard for it.

dralley 5 years ago | |

It wasn't "abandoned" it was shut down because it was being used by malicious parties to deliver malware, and worse.

cassepipe 5 years ago | | |

Can't any cloud storage service be used to deliver malware?