I have some thoughts for you as someone who's done this before. I used to run a file hosting site called MediaCrush with a buddy of mine. It was moderately successful, but we ended up shutting it down. I later switched to a file host called pomf.se, which eventually was shut down as well. I wrote a blog post that sums up my thoughts on public file hosting:
The problem is growth. It will quickly get too expensive and you will not have nearly enough revenue to support it. I guarantee you it will happen.
Currently I run a file hosting service with controlled growth. Accounts are not available to the public - you have to apply for one, and I approve them conservatively (130 approved, 137 rejected users as of writing). All users are also expected to donate. I think all new file hosting sites should take link rot seriously and if they don't it's a net negative on the internet. I hate that if I look at a forum post written >5 years ago, odds are all of the images will be broken.
If anyone wants an account on my website, I might be inclined to approve a few today: https://sr.ht
I feel like WeTransfer has got this right. They have wonderful full page ads and are monetizing by selling premium accounts to corporates, which have the ability to change the ads to fit their branding. https://wetransfer.com
I also ran some file/image hosting sites in early 2000s and another reason not to do them is that people post the most vile content and moderating can cause ptsd.
This is the second, possibly third, time I've seen you link to your post about public file hosting - and this is the second, possibly third, time I'll agree entirely.
There are tons of pomf.se clones - many that have been going on for years as well. The important part for many of these hosts is that (a) enough people donate to keep it online and/or (b) the community remains small enough to remain affordable for the dev. Personally I use a combination of safe.moe and mixtape.moe.
Often times I've noticed these are "labor of love" projects where a dev can work on learning how to (a) keep a server running and (b) upgrade services without any/significant downtime, etc. Standard DevOps things. The monthly cost to these sort of people is seen as a "learning cost" in a real environment where they have hundreds of, if not thousands or more, users depending on them to not mess things up.
>I hate that if I look at a forum post written >5 years ago, odds are all of the images will be broken.
Inactivity pruning is largely to blame for this, not just new websites going under. IIRC, even Imgur does pruning after 6 months of inactivity (no views) which is totally possible on niche technical forum posts.
I think that in the end, the way to really address these issues is with WebTorrent or a similar service. When you're online, you should be:
1. contributing your own bandwidth to the images you upload
2. contribute your own bandwidth to the images you look at.
If you look at an image, maybe you should be required to seed it twice over. If you upload your image, maybe you have to seed it at least 10 times for it to stay up past a certain deadline.
As a user of image websites and, well, websites in general, I'd gladly contribute my bandwidth to help the services run. Or even act as a mirror rather than a shared peer.
What do you think about that? It could lessen the load on the image host and help scale things. I just can't seen this happening if you embed an image directly unless you embed iframes or require users to go to the site itself.
I'd question the assumption that all having web pages be immortal is a good thing. There is great value in letting natural processes erode items or things that don't get maintained.
Throughout history, we've learned to write down and preserve important stuff. Sometimes we've gotten it wrong or we create huge single points of failure (see, e.g., Library of Alexandria), but we should be careful in assuming that preserving everything is inherently better than the historical approach.
This was an interesting read and we will do our best to avoid this fate.
Right now we're focusing on patching bugs and providing a stable service, but in the future a premium service will be created which targets heavy users.
PS
You can change the status of the last active host in your list (Minus.com) to shut down as well.
The problem is one of capabilities; unrestricted image hosts delegate too much power to uploaders. An uploader should not be able to create a valid URL with any data under the hoster's domain.
In addition to what's been mentioned, another possibility is to force users to bring their own domains to the table when doing hosting; the user is free to host things from the service at their own domain, and the hoster's domains remain distinct and untainted.
"Currently I run a file hosting service with controlled growth."
Why do you do this ... that is, run a file hosting service for 130 people ? Is it a friends and family IT enabler sort of thing that you do to be nice ?
Or is there some kind of business here that I can't envision ?
Just in the way of feedback (and I might be really out of the loop/not your target market!) but here was my brain-in-action after I clicked on the link from HN:
"Hmm, this looks pretty... what is it for?
It has a huge area that says "click here or drag and drop to start uploading"... but uploading what? And why?
Let's scroll down and read the 'about'!: "Fast", "Compatible", "Encryption"... um... ok but WHY?! Is it personal file storage for me (Like Dropbox?) or is it like a public FTP server? Or something else? If I drag and drop my tax return there is it suddenly shared with the entire world? Why do I want this thing?! Back to the HN comments to find out more!"
Something like that anyway! According to the comments it seems to be more like a rapidshare/mega thing - and now that I get it I'll keep this site in mind for sure!
I guess it might be a cultural thing, but it seemed pretty obvious to me that it's something in the style of Mediafire/RapidShare/Hostr, before they all went to crap.
The upload box is the first and almost only thing that you see when you go to the page and the purpose is to make the process simple so that you don't have to click through to a second page in order to start uploading.
You do however have a point as it could be confusing for some new user who haven't uploaded files before. We'll try to add an info box or some additional text to make the message more clear, thanks for pointing it out.
From looking at "upload.js" you are using AES in counter mode.
var aesCtr = new aesjs.ModeOfOperation.ctr(encryptionKeyBytes, new aesjs.Counter(-1));
Please use https://github.com/bitwiseshiftleft/sjcl which supports a very high-level sjcl.encrypt(passphrase, plaintext) API and has been audited, instead of using crypto primitives.
One specific issue is you are only encrypting, not authenticating, so if the servers are compromised someone could send back a fake plaintext.
> if the servers are compromised someone could send back a fake plaintext.
The server is sending the JS responsible for doing the encryption, no? If the server is compromised, all bets are off. You must trust this third party with your (unencrypted) data, unless you verify the JavaScript each and every time.
AES-CTR is indeed what's currently being used.
SJCL is definitely an option and we will compare the two to see if there are any large advantages to switching over, thank you for your suggestion.
The reason to why the content isn't being authenticated is due to memory issues in the browser, but we're close to adding a solution for that as well.
Overall the encryption feature is currently in BETA and there will be large amount of improvements before it's finalized.
Re authentication: the site uses HTTPS, and doesn't HTTPS provide authentication that you are connected to the right server, receiving only data from that server (assuming the server and it's contents aren't compromised)? Or are you referring to another type of authentication
I'm operating DropJar.om and I can say it's a big headache. For some reason I keep getting DMCA notices from all kinds of lawyers and the occasional take down notice from police when ISIS videos are uploaded there. No income and tons of complaints. http://dropjar.com
There's a referral link in the lower right corner of your site. A few seconds after the page loads, clicking anywhere on the page takes you to hidemyass.com.
I don't know if this was intentional on your part, but if so it's pretty deceptive.
"For some reason I keep getting DMCA notices from all kinds of lawyers and the occasional take down notice from police when ISIS videos are uploaded there. No income and tons of complaints."
Everyone I have shown Oh By[1] to has immediately wondered "Oh, could you upload an image instead of text ?". The answer is no and will always be no, for these reasons.
It's evident right here on HN - limiting people to text weeds out a lot of the children/griefers/criminals.
I'm curious, what police force is it that reports the ISIS videos? Is there once in particular that seems to be hunting for them or do you get notices from a bunch of different ones that have had the videos reported to them?
The key is absolutely does not contain enough entropy, because your key material is only comprised of the ascii-printable hex chars converted into a byte value. So instead of a byte having 256 different possibilities, a byte now will only be one of 16 values. Bruteforcing these keys would be incredibly trivial. To decode the hex into actually random key material, you would have needed to do something like hexToBytes("5827800f46cef978"), which would yield a correctly random byte array of [88, 39, 128, 15, 70, 206, 249, 120]. Note that this is half the proper key size required for AES-128.
I also want to echo the concerns already voiced by others in saying that key material needs to be generated from a strong random provider, and not just from the hash of the file.
I say this in the interest of privacy of those who might use your service, so please don't take any offense: please disable the encryption feature entirely until you can get assistance from someone with extensive experience in implementing crypto, because as it exists now, the implementation is fatally flawed.
Looking at the name first I thought it was some kind of parody - like /dev/null for uploading servers... Yeah, feel free to upload whatever you want...
The About section fits:
FAST - yeah, nothing faster than /dev/null, ok :)
Compatible - sure, why not.
Encryption + Secure - sure, it's hard to get anything out of /dev/null :)
Simple - no kidding...
The first hint that it might actually not be a parody site was the Preview part and then the file size limit in FAQs.
Even the Which file types are accepted? / All of them. combo
works great for the /dev/null premise.
Feedback: the navigation bar at the top is quite unusable from an UE point of view. The positions of the icons (and therefore the hovering position) change as the mouse hovers them. It is quite annoying.
Also, in the FAQ: "How can this be a free service? Magic"
This sounds to me as: "stfu, don't ask, you are not clever enough to understand" or "there is some dirty way to get money from you, better don't ask".
I agree with both comments, especially the faq language. Often times, lightheartedness in the tech space comes across condescendingly. A simple explanation here would suffice...and if it is truly magic, I'm all in.
What's different to so-called 1-click hosters (rapidshare, mega, uploaded, ...)? What's your business model? How do you want to keep DMCA claims at bay? Does this work mobile?
I like it. But I would like a more concrete answer to how long the files are kept. "As long as possible" is not really a great answer. I don't expect it to be there indefinitely, but something like "For at least 5 days. And no guarantee longer than that" would be fine with me.
It's a difficult question to answer exactly how long a file would be kept as the deletion is based on two factors:
- How active the file is (e.g if the file isn't downloaded in X days).
- How much space that's available on the storage servers.
As mentioned in a previous comment, the site's operating on small margins so the majority of the income will go to expanding the storage in order to make sure that your file is never deleted (unless you request).
At the current rate your file would never be deleted (again, unless you request it) and at a bare minimum your file will be stored for at least a week without downloads so you don't have to worry about your file being deleted before your downloaders get to it.
This will be updated in the FAQ section to avoid confusion as well, thanks for pointing it out.
I might be wrong, but it seems to me that the encryption key for the file is the truncated SHA256 hash of the file itself.
This is not how you want to generate an encryption key.
Edit: also, password protection is enforced server side, and has nothing to do with encryption
The key is the truncated hash of the file for the purpose of file deduplication. However, it will not impose any security risks as the person who wishes to decrypt it would have to know the hash of the file which requires them to already know the contents of the file making it useless.
The password encryption is indeed server-side, but it is mainly there to protect the file against anyone who somehow finds/guesses the URL and it's a useful feature if you want to slightly increase the level of security without encrypting the file with AES.
I liked the service but I'm afraid it will end up like all the 1-click-hosters: as a storage for pirated content, blacklisted in most corporate networks.
Few comments:
Animated backgroud is very distracting. I'm constantly reacting to the new icons floating into the screen.
Underlined "Or" in "Click Here Or Drag & Drop To Start Uploading" makes me think it's some kind of a link. Any reason to underline it?
If I upload multiple files (which worked well) I want to be able to copy all the URLs at once. Displaying them in a text box would be good.
Protect sensitive files with encryption.
Only users with the URL will be able to view it. "
This is not encryption - you should change the copy to tell what encryption is used (AES-128 from the info here), even if it's beta. Some more information on that will be welcome.
I give it a week or two before it gets shut down because of the inability to deal with uploads of child porn and other disgusting stuff.
Best of luck anyway, and good luck dealing with law enforcement. Make sure you put some text on the front page indicating that you will collaborate with LE and it might save you from a little bit of bad stuff.
I ran something like this for a couple of years and shut it down because I was tired of dealing with the filth.
I have a tough time trusting a new service where I cannot figure out where this business is located / registered, where they have a physical presence, the person/team who built this service. Having more details in an About Us section would help it look more legit.
Can you remove the animation at the beginning, I've a bad vision and I could only read the text once it stopped moving, and I don't think this animation adds anything except eating the few seconds I give to a new website before choosing if I leave or stay. (at the opposite of the background animation that is okay)
What a stupid answer to that question! (it gives more info - "You can set an expiry time by pressing the "Options"-button that's next to your uploaded file, otherwise your files will float in the clouds for as long as possible." - but it still doesn't really give any answer)
Well, in all honestly they can't really say "forever" or "indefinitely" because that is really an impossibility. How long is "forever" in your estimation? 10 years? 100 years? a thousand?
In all likelihood, the internet itself might evolve into something different in that time. This service might get bought out, or shut down, or the original founders may (fate forbid) get hit by a bus next week.
Setting any sort of indefinite limit is opening themselves up for legal action if it is even one minute less than someone expects. "As long as possible" at least is honest enough to say that as long as there is enough interest to keep the lights on, they will be there.
[+] [-] Sir_Cmpwn|9 years ago|reply
On the profitability of image hosting websites - https://drewdevault.com/2014/10/10/The-profitability-of-onli...
I suggest you read it. In a nutshell: don't.
The problem is growth. It will quickly get too expensive and you will not have nearly enough revenue to support it. I guarantee you it will happen.
Currently I run a file hosting service with controlled growth. Accounts are not available to the public - you have to apply for one, and I approve them conservatively (130 approved, 137 rejected users as of writing). All users are also expected to donate. I think all new file hosting sites should take link rot seriously and if they don't it's a net negative on the internet. I hate that if I look at a forum post written >5 years ago, odds are all of the images will be broken.
If anyone wants an account on my website, I might be inclined to approve a few today: https://sr.ht
[+] [-] HomebrewCC|9 years ago|reply
[+] [-] atomi|9 years ago|reply
[+] [-] Nadya|9 years ago|reply
There are tons of pomf.se clones - many that have been going on for years as well. The important part for many of these hosts is that (a) enough people donate to keep it online and/or (b) the community remains small enough to remain affordable for the dev. Personally I use a combination of safe.moe and mixtape.moe.
Often times I've noticed these are "labor of love" projects where a dev can work on learning how to (a) keep a server running and (b) upgrade services without any/significant downtime, etc. Standard DevOps things. The monthly cost to these sort of people is seen as a "learning cost" in a real environment where they have hundreds of, if not thousands or more, users depending on them to not mess things up.
>I hate that if I look at a forum post written >5 years ago, odds are all of the images will be broken.
Inactivity pruning is largely to blame for this, not just new websites going under. IIRC, even Imgur does pruning after 6 months of inactivity (no views) which is totally possible on niche technical forum posts.
[+] [-] AnneDev|9 years ago|reply
As a user of image websites and, well, websites in general, I'd gladly contribute my bandwidth to help the services run. Or even act as a mirror rather than a shared peer.
What do you think about that? It could lessen the load on the image host and help scale things. I just can't seen this happening if you embed an image directly unless you embed iframes or require users to go to the site itself.
[+] [-] ballenf|9 years ago|reply
Throughout history, we've learned to write down and preserve important stuff. Sometimes we've gotten it wrong or we create huge single points of failure (see, e.g., Library of Alexandria), but we should be careful in assuming that preserving everything is inherently better than the historical approach.
[+] [-] NoFile|9 years ago|reply
Right now we're focusing on patching bugs and providing a stable service, but in the future a premium service will be created which targets heavy users.
PS You can change the status of the last active host in your list (Minus.com) to shut down as well.
[+] [-] BuuQu9hu|9 years ago|reply
In addition to what's been mentioned, another possibility is to force users to bring their own domains to the table when doing hosting; the user is free to host things from the service at their own domain, and the hoster's domains remain distinct and untainted.
[+] [-] rsync|9 years ago|reply
Why do you do this ... that is, run a file hosting service for 130 people ? Is it a friends and family IT enabler sort of thing that you do to be nice ?
Or is there some kind of business here that I can't envision ?
[+] [-] fiatjaf|9 years ago|reply
[+] [-] cwkoss|9 years ago|reply
Could be interesting to sell these placements to advertisers: if you don't donate, we'll change all your linked images to image ads after 12 months.
[+] [-] Sephr|9 years ago|reply
[+] [-] unknown|9 years ago|reply
[deleted]
[+] [-] mrspeaker|9 years ago|reply
"Hmm, this looks pretty... what is it for?
It has a huge area that says "click here or drag and drop to start uploading"... but uploading what? And why?
Let's scroll down and read the 'about'!: "Fast", "Compatible", "Encryption"... um... ok but WHY?! Is it personal file storage for me (Like Dropbox?) or is it like a public FTP server? Or something else? If I drag and drop my tax return there is it suddenly shared with the entire world? Why do I want this thing?! Back to the HN comments to find out more!"
Something like that anyway! According to the comments it seems to be more like a rapidshare/mega thing - and now that I get it I'll keep this site in mind for sure!
[+] [-] Nullabillity|9 years ago|reply
[+] [-] NoFile|9 years ago|reply
The upload box is the first and almost only thing that you see when you go to the page and the purpose is to make the process simple so that you don't have to click through to a second page in order to start uploading.
You do however have a point as it could be confusing for some new user who haven't uploaded files before. We'll try to add an info box or some additional text to make the message more clear, thanks for pointing it out.
[+] [-] gressquel|9 years ago|reply
[+] [-] megawatthours|9 years ago|reply
One specific issue is you are only encrypting, not authenticating, so if the servers are compromised someone could send back a fake plaintext.
[+] [-] deathanatos|9 years ago|reply
The server is sending the JS responsible for doing the encryption, no? If the server is compromised, all bets are off. You must trust this third party with your (unencrypted) data, unless you verify the JavaScript each and every time.
[+] [-] NoFile|9 years ago|reply
The reason to why the content isn't being authenticated is due to memory issues in the browser, but we're close to adding a solution for that as well.
Overall the encryption feature is currently in BETA and there will be large amount of improvements before it's finalized.
[+] [-] jamescostian|9 years ago|reply
[+] [-] oron|9 years ago|reply
[+] [-] GunlogAlm|9 years ago|reply
I don't know if this was intentional on your part, but if so it's pretty deceptive.
[+] [-] rsync|9 years ago|reply
Everyone I have shown Oh By[1] to has immediately wondered "Oh, could you upload an image instead of text ?". The answer is no and will always be no, for these reasons.
It's evident right here on HN - limiting people to text weeds out a lot of the children/griefers/criminals.
[1] https://0x.co
[+] [-] goatsi|9 years ago|reply
[+] [-] NoFile|9 years ago|reply
Judging by your username - is there a connection between you and the infamous file hosting site Oron that closed down a few year ago?
[+] [-] tokenizerrr|9 years ago|reply
[+] [-] sullivanmatt|9 years ago|reply
The key is absolutely does not contain enough entropy, because your key material is only comprised of the ascii-printable hex chars converted into a byte value. So instead of a byte having 256 different possibilities, a byte now will only be one of 16 values. Bruteforcing these keys would be incredibly trivial. To decode the hex into actually random key material, you would have needed to do something like hexToBytes("5827800f46cef978"), which would yield a correctly random byte array of [88, 39, 128, 15, 70, 206, 249, 120]. Note that this is half the proper key size required for AES-128.
I also want to echo the concerns already voiced by others in saying that key material needs to be generated from a strong random provider, and not just from the hash of the file.
I say this in the interest of privacy of those who might use your service, so please don't take any offense: please disable the encryption feature entirely until you can get assistance from someone with extensive experience in implementing crypto, because as it exists now, the implementation is fatally flawed.
[+] [-] kk_cz|9 years ago|reply
The About section fits:
FAST - yeah, nothing faster than /dev/null, ok :)
Compatible - sure, why not.
Encryption + Secure - sure, it's hard to get anything out of /dev/null :)
Simple - no kidding...
The first hint that it might actually not be a parody site was the Preview part and then the file size limit in FAQs.
Even the Which file types are accepted? / All of them. combo works great for the /dev/null premise.
[+] [-] thewavelength|9 years ago|reply
Feedback: the navigation bar at the top is quite unusable from an UE point of view. The positions of the icons (and therefore the hovering position) change as the mouse hovers them. It is quite annoying.
Also, in the FAQ: "How can this be a free service? Magic" This sounds to me as: "stfu, don't ask, you are not clever enough to understand" or "there is some dirty way to get money from you, better don't ask".
[+] [-] timup|9 years ago|reply
[+] [-] chillacy|9 years ago|reply
[+] [-] arekkas|9 years ago|reply
[+] [-] daemonk|9 years ago|reply
[+] [-] NoFile|9 years ago|reply
- How active the file is (e.g if the file isn't downloaded in X days).
- How much space that's available on the storage servers.
As mentioned in a previous comment, the site's operating on small margins so the majority of the income will go to expanding the storage in order to make sure that your file is never deleted (unless you request).
At the current rate your file would never be deleted (again, unless you request it) and at a bare minimum your file will be stored for at least a week without downloads so you don't have to worry about your file being deleted before your downloaders get to it.
This will be updated in the FAQ section to avoid confusion as well, thanks for pointing it out.
[+] [-] fcremo|9 years ago|reply
Edit: also, password protection is enforced server side, and has nothing to do with encryption
[+] [-] NoFile|9 years ago|reply
The password encryption is indeed server-side, but it is mainly there to protect the file against anyone who somehow finds/guesses the URL and it's a useful feature if you want to slightly increase the level of security without encrypting the file with AES.
[+] [-] overcast|9 years ago|reply
[+] [-] kentwistle|9 years ago|reply
Tried to upload a 9.66 GB test file but am getting following error message
"File Size Limit This file is too large. The largest file size that can be uploaded is 1.25 GB"
What am I doing wrong?
[+] [-] NoFile|9 years ago|reply
It's been changed and you can now upload files up to 10.2 GB, thanks for pointing it out.
[+] [-] zalanak|9 years ago|reply
[+] [-] orless|9 years ago|reply
Few comments:
Animated backgroud is very distracting. I'm constantly reacting to the new icons floating into the screen.
Underlined "Or" in "Click Here Or Drag & Drop To Start Uploading" makes me think it's some kind of a link. Any reason to underline it?
If I upload multiple files (which worked well) I want to be able to copy all the URLs at once. Displaying them in a text box would be good.
[+] [-] zhan_eg|9 years ago|reply
Protect sensitive files with encryption. Only users with the URL will be able to view it. "
This is not encryption - you should change the copy to tell what encryption is used (AES-128 from the info here), even if it's beta. Some more information on that will be welcome.
[+] [-] jacquesm|9 years ago|reply
Best of luck anyway, and good luck dealing with law enforcement. Make sure you put some text on the front page indicating that you will collaborate with LE and it might save you from a little bit of bad stuff.
I ran something like this for a couple of years and shut it down because I was tired of dealing with the filth.
[+] [-] JamesBaxter|9 years ago|reply
CTRL+F finds no other asterisk on the page, what's the caveat?
[+] [-] test1235|9 years ago|reply
http://i.imgur.com/IEHrxm7.png
https://nofile.io/f/KrLDHQyKt4J
[+] [-] calvinbhai|9 years ago|reply
[+] [-] allan_s|9 years ago|reply
[+] [-] brak1|9 years ago|reply
> As long as possible
What a stupid answer to that question! (it gives more info - "You can set an expiry time by pressing the "Options"-button that's next to your uploaded file, otherwise your files will float in the clouds for as long as possible." - but it still doesn't really give any answer)
[+] [-] cyberferret|9 years ago|reply
In all likelihood, the internet itself might evolve into something different in that time. This service might get bought out, or shut down, or the original founders may (fate forbid) get hit by a bus next week.
Setting any sort of indefinite limit is opening themselves up for legal action if it is even one minute less than someone expects. "As long as possible" at least is honest enough to say that as long as there is enough interest to keep the lights on, they will be there.