[ericmoritz]

I don't know for certain without digging into the code but they are probably using the WebCryptoAPI and doing everything client-side to encrypt the file.

The URL that is shared contains the key for the file. You'll notice that the URL contains a fragment identifier, i.e the #foo part of http://example.com/#foo, this isn't transmitted to the server by the browser and therefore the key isn't exposed beyond who the URL is shared to.

https://www.w3.org/TR/WebCryptoAPI/

[ericmoritz]

Yup, that's exactly what they're doing: https://github.com/mozilla/send/blob/65c24990cd1646bc8c6e6c0...

[criddell]

Doesn't it come down to us trusting Mozilla though?

[dragonwriter]

Yes, since they could change the JS without notice from to do something different, and could conceivably be ordered by a government to do so generally or targeting a specific set of users.

[brianberns]

I hadn't considered that possibility. Interesting idea. Thank you.