This could be fairly convenient. Now, to state the obvious, better security would be...better :)
Mozilla has just rolled out an experimental service called Send that allows users to make an encrypted copy of a local file, store it on a remote server, and share it with a single recipient. And once shared, the encrypted data gets deleted from the server. Send solves what used to be a common problem, sending a large file …
Saturday 5th August 2017 12:53 GMT inmypjs
to check for hashes associated with known unlawful images and videos.
So the acid test for a service like this to be safe to share kiddy porn is an immediate fail.
That kim.dotcom bloke already provides something like this on his MEGA file hosting service. Last time I looked 50GB for free and the files don't poof after a day. I think I would trust his service more.
Wish Mozilla would concentrate on making a good browser.
Saturday 5th August 2017 23:21 GMT Infernoz
Re: to check for hashes associated with known unlawful images and videos.
Providing a separate digest of the unencrypted content of _private_ end-to-end encryption is security negligence; it violates privacy and may even aid cryptographic cracking!
Any IP arguments for passing/retaining hashes are a irrelevant; IP businesses routinely abuse fair use and false positive block, and IP is a stagnant swamp anyway. Also, the political arguments against complete cryptographic privacy are corrupt thuggery to protect politicians and elite from the public, not protect the public; the real solution to Islamic terrorism is rapid deportation/voided-nationality, banning Wahhabi funding of Muslim organisations, banning Mosques (Sharia Courts), and banning Islamic schools.
Mozilla should stop wasting time on redundant fluff like this, kick out _all_ the SJWs, who used specious SJW tactics to get rid of the previous head (now running Brave), finally make a browser which never stalls all windows (_still_ not f'ing there yet!), and damned well retain the old extension APIs until they provide much better migration support in the new extension APIs. The extensions are the main reason why I still use alt. builds of Firefox, like Waterfox, never the Mozilla builds with damned Pocket etc.
Sunday 6th August 2017 08:59 GMT Flocke Kroes
Saturday 5th August 2017 12:55 GMT Nick Kew
While this may be a reasonably secure arrangement, it's far from perfect. AWS might be able to recover a deleted file or be forced to retain them, given sufficient motivation, and the key might be recoverable from log files or the messaging service used to send it.
What's that based on? What leads you to suppose Moz, AWS, or any intermediary ever had sight of the private key?
I'm not saying you're wrong: I haven't studied the source code or even the docs (have you?), so I don't know (and I'd be wary of using anything more automated than commandline PGP to encrypt something really sensitive). But I'd be very disappointed in the Moz team if they were to open that kind of backdoor.
 At least, until we have reports of infiltration of the team by agents of governments such as UK or Oz.
Saturday 5th August 2017 13:42 GMT Anonymous Coward
"log files or the messaging service used to send it."
I suppose this only reflects that the handful of ways to send the necessary key aren't necessarily trusted. I suppose a smart cat would have used [something like] this for the bulk data and PGP in the email. And for log files, FDE. But you said it-- everyone still has to trust Mozilla's code ;) (typed in FF 47 that was compiled over a year ago)
Saturday 5th August 2017 14:00 GMT Anonymous Coward
urgh, edit window. this machine has been off for most of a year-- I don't advocate running an old non-LTS FF or anything. nowadays I can't even advocate running the current FF, as Mozilla is in topsy-turvy world. Waterfox seems OK. and you know how it is with Funtoo, a single month without 'emerge system world' potentially turns the next run into a project
Saturday 5th August 2017 15:29 GMT Anonymous Coward
Sunday 6th August 2017 12:21 GMT Ben Tasker
Yeah, basically they've fallen in the same trap that many others have. They've done the easy bit - encrypting the files, and left the users to deal with the much harder challenge: securely exchanging keys (or in this case, the URL). Compromise of that URL means compromise of the file.
I've got a BASH script that'll generate a one-time pad for any given file, and then encrypt it with it. But because of the difficulties in securely exchanging keys it's next to useless in practice.
The medium you use to exchange the key needs to be at least secure enough to send the file (if it's not, you risk compromise of that file). If you consider (say) skype IM secure enough to send the key you may as well just send the file (or break it into chunks and send each using different services).
What this might do, though, is mean that users who wouldn't normally encrypt files they're sending start doing so, because it's all but transparent to them. More encrypted traffic flying around is a good thing for all of us as it increases the size of the haystack.
Basically, I think the functionality misses the mark a bit. But, because it's conveniently located in a popular application it may still have some positive benefits.
Saturday 5th August 2017 17:32 GMT Peter Prof Fox
I may not have understood
Surely encryption is easy and scriptable on the local machine.
And FTPing a file to a known location the same.
And deleting is FTPish and at a time of my choosing.
It's getting the secret key to the recipient that's the tricky part.
As I understand it, the secret key changes every time and isn't known ahead of time. So what's the benefits again?
Saturday 5th August 2017 18:58 GMT Nolveys
Next Year's New Abandoned Project
I'm seeing this thing ending up on the same pile as Firefox OS and friends.
Why not spend the time and effort working on Firefox or, hey, how about Thunderbird? There is still a strong need for desktop mail clients. I tend to use Thunderbird because it's the least poopy of a selection of very poopy products. There are a *lot* of things that could be done with Thunderbird to make it better. The IMAP implementation is buggy as hell, on-disk mail storage goes off the rails on a regular basis, the address book file format is batshit insane, the list goes on.
Oh well, off we go to reinvent the wheel, badly, and then throw the semi-functional result on the giant tire fire of abandoned projects.
Saturday 5th August 2017 22:21 GMT Anonymous Coward
Sunday 6th August 2017 06:21 GMT Anonymous Coward
Re: Next Year's New Abandoned Project
"There are a *lot* of things that could be done with Thunderbird to make it better."
Agreed, but my fear is that if Mozilla did turn its attention to Thunderbird it would start ripping out useful features and dumb it down until it was no longer fit for purpose, just like they have been doing to Firefox.
Saturday 5th August 2017 20:18 GMT John H Woods
Monday 7th August 2017 17:56 GMT Cynic_999
Re: Security through obscurity...
Or is it for those edge cases where you have access to secure transmission of a key, but not of a file?
Not really an edge case as the article points out. You can use PGP and email to send the key securely but you cannot send a large (>100MB) file via most email services. This is a one-to-one service, which is perfect for PGP.
However I would still encrypt any sensitive files separately before uploading (could also use PGP for that). If Firefox intends to use hashes to identify viruses and illegal files, they could well also be intending to use it to identify copyright material (music, films etc.)
Saturday 5th August 2017 22:35 GMT jake
Question for all y'all...
How many times have you been using your browser (for anything!) and suddenly decided to send off a couple hundred megs of encrypted data to another party and thought to yourself "Ya know, I wish I could do this from my browser!"? ... Answers on a postcard.
Seriously, talk about an unneeded, unwanted, unnecessary "feature". How about making the browser smaller, faster and lighter instead? Feeping creatureism is almost always a sign of impending demise.
Sunday 6th August 2017 08:04 GMT Adam 1
Sunday 6th August 2017 08:40 GMT brotherelf
Sunday 6th August 2017 08:53 GMT jake
Re: Question for all y'all...
How many of these proverbial people who think "the computer", "the internet", "the web" and "the browser" are one and the same could conceive of a reason to encrypt a couple hundred megs of data? More to the point, how many of them would even know what encryption is, much less that it's an option?
Face it, this "idea" doesn't have a target audience. It's being added just because they can. And that is not a good sign for anybody who wishes the project well.
Monday 7th August 2017 04:45 GMT Updraft102
Re: Question for all y'all...
"Alas, Mozilla's main target audience doesn't understand your question because to them, "the computer", "the internet", "the web" and "the browser" are one and the same, like it or not."
And that's a big part of what ails Mozilla. Chrome is already custom built for those users; Mozilla has always been more popular with for power users than people who don't know the difference between those things. In its fruitless effort to go after a market they are highly unlikely to get, they're forsaking their existing user base.
There's a lot of that going around, it seems.
Sunday 6th August 2017 07:18 GMT Anonymous Coward
why bother when there is keybase ??
Keybase is a free, open source security app. It's also a public directory of people.
The Keybase app helps you perform cryptographically-secure operations with people you know on the Internet: chatting, file sharing, even publishing public documents. It's all easier and safer with Keybase.
Sunday 6th August 2017 08:52 GMT luminous
Re: why bother when there is keybase ??
Because I don't want to install an app just to send a file?
And if I need a client to send me some large files, there is no way I'm going to tell them to install an app so that they can. If I can send them a link, then they can drag and drop a password protected zip file and it's almost done - it's so much easier. The key can be shared in a chat app that supports end to end encryption - easy, and they can tell me the zip password over the phone. Nothing I deal with needs more security measures than this.
Things like WeTransfer have offered a similar service for years. There are use cases for this sort of thing. I would love it if everyone could use FTP but it's very rare that you find someone who even knows what it is these days.
Sunday 6th August 2017 20:43 GMT Anonymous Coward
Long solved problem
Encrypting the file name remains an open issue.
I'm puzzled. Cryptomator solved all of that quite a while back and it works. Has anyone from the Moz team looked at that or did they just decide that the world needs Yet Another encryption utility, and Not Invented Here was not acceptable?