Show HN: Fileport – Teleport Your Files

[gigaparsec]

Hello HN,

Fileport is an online service that provides the fastest way to send files over the internet.

Typically, email providers have file size restrictions and online cloud storage can be cumbersome to use. Fileport is the simplest way of transferring large files from point A to B. Intended for creative individuals like artists, video/audio editors, photographers showcasing their work or anyone whose work depends on exchanging large files.

Fileport is capable of “streaming” files to the recipient (or multiple recipients) as you upload them. You can upload multiple files or folders which can be downloaded in a compressed format, even while uploading. Files are automatically checksummed for integrity during the upload process.

There is a subscription available for users that require more features, like Photobooks. Photobooks are online photo & video albums that provide an ultra fast and clean web interface with all original files available for download.

Files up to 2 GB can be uploaded by anyone without the need of an account.

[gigaparsec]

Something that the HN crowd will appreciate: the entire SPA is 143 KB (HTML+CSS+JS+Fonts) and it doesn't make any requests to external domains (like GA).

[ocdtrekkie]

Is there like a well-stated law yet, that any file transfer service which can be used without authentication will get buried under use for illegal content sharing until it gets shut down? There probably should be.

This looks super clean and super convenient, and that's why I expect it to get obliterated by bad actors unless it's doing something really magical to avoid problems there.

[gigaparsec]

There is a clear Abuse Report link in the bottom of the main page and every download page for DMCA or related abuses that are listed in the ToS.

[ocdtrekkie]

My concern is less about it being impossible to legally operate, but that the amount of illegal/spam/malware content that will utilize the service within the free tier will make it impractical to operate.

[gigaparsec]

WeTransfer, Filemail and others seem to be doing fine. But you are right, the overhead of dealing with abuse content might be substantial.

[vxNsr]

In that case what separates you from them?

[gigaparsec]

Feature-wise?

- Streaming downloads; you don't have to wait for the upload to finish

- Fast uploads; there's a mini benchmark in the background that picks the best upload location

- Verified upload integrity on each file chunk

- Photobooks

[jay-barronville]

To be clear, the encryption support is only HTTPS and at rest but NOT end-to-end?

[gigaparsec]

We don't support E2EE (yet), for a few reasons

- It wouldn't work with the photography features

- Normal HTTP downloads would be out of the question - you have to assemble blobs on the client, which, last I checked, doesn't play very well with large files on some browsers

- I'm not convinced that the current iteration of "password in the URL fragment" JS E2EE is the best solution

Questions I would ask to a proponent of full-JS E2EE: do you actually inspect the minified & bundled JS of your favorite E2EE web app to see if it's implementing encryption correctly? Is it using CBC mode with the same IV? Is it leaking the URL fragment? Are you sure the JS bundle won't change under you on the next request? Are you sure that when you email your link it's not being transferred over plaintext, nullifying the encryption in the first place?

I think that full-JS E2EE lulls users into a false sense of security for the sake of convenience.

That said, we're looking into implementing E2EE in a different way at some point in the future.