Send: Open-source fork of Firefox Send

Original Article ↗ Hacker News Discussion ↗

Self‑hosting, limits, and UX

  • People like the Firefox Send fork for easy large-file sharing, but note 2.5 GB size and 3‑day retention defaults.
  • Commenters say the 2.5 GB cap is just configuration inherited from Mozilla’s old limits; other instances run higher limits.
  • Local encryption in the browser is highlighted as a reason to keep limits for performance / UX.
  • Self‑hosting is considered straightforward, with a Docker Compose setup available. Some protect uploads behind access controls (e.g., Cloudflare Access).
  • Minor bug reports: link not easily copyable on Firefox for iPhone.

Security, abuse, and legal concerns (especially CSAM)

  • Several worry that easy, anonymous, large-file sharing attracts CSAM and malware, as happened with Firefox Send, which was reportedly used heavily for malware and spear‑phishing.
  • Debate on how authorities interact with such services:
    • Some think operators might be pressured to shut down if their service is heavily used for illegal content.
    • Others point out formal CSAM reporting flows via NCMEC and that automatic tools (e.g., from cloud providers) exist.
    • Clarifications that in some jurisdictions, online service providers must report detected CSAM and can face penalties if they do not.
  • Suggestions: user‑deletable links, auto‑delete after first download, very short retention, or closed groups with key‑based access. Concerns that such measures invite griefing or harm legitimate use cases.
  • Long discussion of hypothetical CSAM detection models:
    • Proponents want an “iscsam image.jpg”‑style tool for sysadmins.
    • Critics warn about adversarial evasion, reverse‑engineering models, false positives, privacy, and mandatory reporting obligations.

Alternatives and related tools

  • Many alternatives mentioned: Swisstransfer, filetransfer.io, Bitwarden Send (smaller limits), filebin, pwndrop, ProjectSend, and others.
  • Peer‑to‑peer and LAN tools are popular for direct or local sharing: WebRTC‑based tools (webwormhole, ToffeeShare, Snapdrop), croc, LocalSend, Syncthing, Tailscale send.
  • Some prefer group storage “buckets” with organization and chat (e.g., shared cloud folders + messaging) over ephemeral one‑off links.

Mozilla, forks, and maintenance

  • Clarification that original Firefox Send was open source and discontinued, not closed‑sourced.
  • Thunderbird team is reportedly working on its own Send‑like fork with encryption.
  • Some ask about the fork’s maintenance status due to sparse recent commits; unclear if it’s “done” or just slow‑moving.

Environmental angle

  • One commenter argues services like this can reduce email attachments, potentially lowering CO₂ emissions.
  • Others criticize focusing on per‑email footprints as a distraction from larger sources of emissions, though they agree better-than-email file sharing is useful.