12 comments

[ 5.7 ms ] story [ 49.3 ms ] thread
This feels like a more advanced fork of cocaine.ninja.
> However, although there are nearly a billion possible auto-generated urls for the download link and they generally only last a short time

Not enough. One leak can potentially ruin your reputation. So now, I fire dozens of thousand requests per minute and over a couple of hours I'll get something -- assuming there is dozens thousand of files at any given moment.

How many would you recommend for better security? The thought was that these links wouldn't last long, and the files are deleted upon expiration. But of course trusting obscurity for security is a flawed concept in itself. But looking for a good middle ground.
reCAPTCHA and throttling after suspicious number of failed attempts by an IP.

Four digit PIN prompt that gets displayed even when requesting invalid URL. Make PIN verification backend request include some nonce associated with original request, and force nonce to be regenerated if PIN verification fails. PIN is also as easy to communicate verbally as URL.

This only works if you trust the owner of destructible.io.
This is the same with Github, Dropbox, Google, Apple, Bitbucket, Any email provider... Shall I go on?

You always have a risk when you're storing your data at a 3rd party. Yes, some are new and have less reputation, others are old and have a terrible reputation, others are old and have a great reputation - but none of that stands for anything because your data is in the hands of someone else in every case.

If you don't want that, don't use it.

You don't have the risk if you store it cryptographically. My first use of Dropbox was moving stuff in Truecrypt volumes. I found even laypeople could be taught to do that as it was somewhat tedious rather than difficult. For implementers, CompSci keeps cranking out all kinds of ways for one to use 3rd party storage in untrusted fashion. Just gotta clone one of them with OSS code.
Oh, I completely agree! I have probably 5 separate TrueCrypt volumes in my Google Drive. That said, that's only maybe 15GB of my storage, and around 80GB is unencrypted.

It's all about what level of convenience you're willing to expose yourself for. I keep anything I want private in TrueCrypt, anything I don't mind "public" (Or at least exposed to Google / NSA) unencrypted as then I can access it so much easier from my phone, etc.