| A few I've found: * You're sitting next to someone at a conference (remember those?) and want to hand them a file: fewer steps than email, the wormhole code is easier to transcribe than most email addresses, the file lands where you want it to rather than in a spam folder somewhere, and neither of your email providers or the network in between them can snoop on or modify the data in transit. * You're ssh'ed into a remote machine, via two layers of proxy servers, deep in a directory structure with lots of spaces and quotes and backslashes and other shell metacharacters in the path, and you want to transfer a file from there back to your desktop. You have no idea how to quote everything properly. So you wormhole it to yourself. * I'm on zoom or the phone with a friend and want to send something from my desktop machine to their laptop. I can read the wormhole code off the sending machine, speak it to them over the phone, they can type it into their machine. The codes are optimized for spoken clarity. * I'm debugging something on the little computer attached to my television and want to copy a logfile off to a real machine. I've got a terminal window open on the screen, and a shell, but that account doesn't have an email address, nor is it listening on SSH. I could write a python one-liner that listens on an HTTP port, but there's no security to that. I can 'wormhole send LOGFILE' and read the code from the screen, and type it into my laptop. By "safely" I mean: confidentiality against anything outside your two computers (eavesdropper only learns the length of the data, as is true for most networks), and integrity (nobody in the middle can modify the file, or cause you to receive something different than what your partner sent). The security of most common file transfer methods depends upon some intermediate server, or two, or a dozen (in the case of email). If by "untrusted computers" you're making a distinction between distributing files to computers that you already know about, vs to computers that you've just met, then yes, that's exactly right. If your laptop and your desktop already know about each other, there are a bunch of tools that work better for a lot of cases, like a shared network filesystem or AirDrop. Magic-wormhole is kinda aimed at how to introduce two machines that don't already have a connection. The wormhole code is a way to leverage the connection between the humans who control those computers, into a secure shared encryption key between the computers themselves. |