How to send 90Gb of information between users?

(sorry, this one is kinda raw, but ask for clarification in case of need )

yes, u need a server, setting up ur own is profit for yourself, similarly to a chat bot, where the bot is ur server and the chat relays it… paying for it or depending on a centralized entity seems to be a bad idea when relay servers give u the best possibilities to overcome the problems around nat… torrent sounds good, in terms of accessibility, but then the data is public (i guess), or the other end shoud mess with decryption, and if u use a different os, then that adds to complications… ipfs (kubo) can do the magic, but im not sure about its user experience on the other end, while happy linux users can remain happy with it… tor/lokinet/whatever with a hidden service can solve the nat/network problem, but then a server program still needs to be set up to create such a hidden service… (yes, u can ssh into ur home server without opening a port, without having a public ip (no nat), without having a static ip or ddns, without the need to be afraid of a ddos attack or whatever else, but that instance of sshd shouldnt be visible beyond local host, or otherwise that could allow deanonymization (and ddos), but im not sure how relevant can that be if only u know about the hidden service… im yet to jump into this world, as doing things right for possible future anonymity is really hard even with tails/whonix/whatever, and a step-by-step transition kills the possibility… i think…) so… syncthing. it is the most human friendly solution… and relay servers/mixnets!! those are keywords for the best toys we can wish for… they fix the internet, which is poisoned by nat and dynamic ip, and which asks for a lotsa servers with a lotsa businesses of others, to squeeze the red juice out of the ppl, while this is a game that nobody can win when everyone wants to play the same… (homo homini lupus est… ) now these are like free bridges between the ppl, and local software can take back its role… u dont even want to depend on a single entity to provide that bridge, if it can decide about ur future, which is the case when u have an account, they can take away ur swag and ur contacts… good for one of many channels, not good, when thats all u have… with decentralized solutions, u depend on the network, a single netwok, which can either move or break as a whole, it is already a much better thing without the possibility of pulling out the rug from under ur feet, its urs, maybe the swarm can hide u, probably hardly understood by most ppl u would like to use it with, but it is a serious thing when done correctly… u wont fork a network in case of issues with such, but u can simply set up relays for syncthing, simplex chat and whatever goodies, and life moves on without losses… i guess the more is the better, where consider serious cryptography, multiplatform presence, userfriendliness, adoption, dependency, universal accessibility (like cli tools and fuse based solutions (filesystem is the best interface! everything speaks its language…), or having a protocol with many implementations…)

Except these days it might be a truckload of µSD cards.

Of course networking bandwidths have increased massively over the years but then so have storage densities. So this is still an interesting comparison (for a given pair of locations, the source and the destination).

Sneakernet needs to take into account the bandwidth needed to load the removable media (in both usages of the word “load”). For 90 GB we can basically ignore that but for a truckload of any removable media, then or now, it will be a significant factor.

And of course once you’re done with that 90Gb, you can turn off the service. It doesn’t need to be there all the time.

sure, sounds like a good habit to have, like not hanging on root shell all the day (i develop an os on my fleet, so i can and will ), but my point was that syncthing wins (except for the theoretic case of having some solition at hand which is readily available), and then i took the messages after mine like if those solutions would still be serious competitors or suggestions or whatever… well, not exactly, but i still wanted to make it clear by summarizing the landscape as i see it…

I just don’t understand why there are not more solutions as easy as OnionShare. For example Matrix has file sharing with a limit of 100mb on official servers, but why not integrating a peer to peer service for larger files? Sure, these are not stored “in the cloud”, but at least you can send it when both are online, but cloud is not always required or wished. It could also be a dedicated program for peer to peer transfer between two people.

I guess if the business model is “free”, at least at the entry level, they want to keep you interacting with their site.

I think it can be more difficult to do peer-to-peer via a web browser. Having to download client software adds complexity.

So probably the model should be that if you want to transfer more than the “free” amount of GB, via their server, you have to sign up to a paid plan, which still may be relatively inexpensive, particularly compared with getting on a plane.

I’m speaking about Matrix. You know, that donation driven communication protocol used for chat etc. They even build a P2P call system called Element Calls. There is no business reason to not implement it.

But “as easy as OnionShare” does not mean people should use a web browser. A P2P software for both ends would be enough.

Hello, everyone.

Thank you very much for your answers and recommendations.

I see that this is a popular topic, and yes, it is important.

But I will try to clarify my request a little, using this example.

Alice wants to send Bob a 90-100 GB file.

Alice is not a Linux user; she uses Windows, while Bob uses Gnu/Linux.

Alice and Bob have smartphones. Alice has an iOS phone, while Bob has an Android phone.

The 90-100 GB file needs to be sent very urgently, so it needs to be encrypted.

Alice lives in Italy and Bob lives in the USA.

Bob and Alice do not know what SFTP with SSH RSYNC FTP is.

They want to install an application on their computer or phone that is intuitive and preferably has a GPL-3 licence.

ffsend is a good example, but all data passes through a server that is not controlled by Alice and Bob, and someone could intercept their data and use quantum programmes to decrypt it.

If we are talking about online services such as https://filesender.org/, there should be no Java, Google trackers, or other junk that I see.

Maybe, even so, just installing an SFTP server at one end and an SFTP client at the other end is viable.

I’ve used FileZilla as an SFTP GUI client on Linux (and Windows) and it works well (although I admit that I have not shipped 90 GB through it). The client will also do FTPS. The client will also do plain (unencrypted) FTP but that might break your requirement unless you encrypt the file at rest first (which is straightforward on Linux but I would have no idea how to do so on Windows).

I don’t know what FileZilla Server is like to install or configure, not on Linux, and most definitely not on Windows.

If you are neither Alice nor Bob, maybe you should help them out by trying out FileZilla.

I would forget about phones though as far as transferring files via FileZilla. This option is going to work better on big computers.

for Alice: GitHub - pixelspark/sushitrain: Securely synchronize files with your devices on iOS using Syncthing

there is an another ios app, möbius sync, which is basically a paid/closed source app, but Alice should be fine with that too

ANother option is to use the TOX network, most clients except maybe Briar have file transfer, video, audio, chat, and sometimes some sort of discussion forum like foldered discussions. What is nice is the protocol is designed for two users to pierce a NAT and transfer files. TOX is encrypted but slowed as it uses the TOR onion routing or so called ‘darknet’ network. I use qtox on linux android users might use Trifa.

croc!

Not GPL3… self-proclaimed libre license. The only thing is, you know, GitHub.

I’ve used it (very occasionally) for years. I believe that it is peer-to-peer and the “server” is really just a lighthouse to pass parameters to the receiving peer so they can connect (encrypted) to the sending peer.

Hello.

Thank you for your reply.

Yes, it’s a good programme, used by HyperbolaOS users Hyperbola - Package Search

But this application has a slow file transfer speed, in my experience.

Thank you for your reply.

The application only needs libre source or open source ; closed source is not even considered.

Thank you for your reply.

Perhaps your recommendation is the only application that can fulfil my scenario, as the developer also claims.

Yes, it’s MIT, I wanted something more flexible, but I see that this programme is in the Parabola repository, I’ll take a look and study how it works.

Sounds like these people have lost control of their software (both using proprietary most likely).

If it were me, and you were not going to do the “flashdrive in the mail” style transfer because of time, then if we cast aside names of software technologies I would first consider on a high level:

1. Will Alice host a server and Bob connect to that server directly at the IPv4 or IPv6 level (to “download”)?
2. Will Bob host a server and Alice connect to that server directly at the IPv4 or IPv6 level (to “upload”)?
3. Will a middleman server be used as a relay?

I think options #1 and #2 are better for privacy – in such case, encryption is simpler and almost always end-to-end by default with most technologies. Therefore, governments and internet providers have blocked #1 and #2 by default in most situations. Because Alice and Bob have lost control of their software (assuming Bob isn’t some Android guru who somehow has “good Android”) then it stands to reason that they probably also don’t have #1 or #2 available from their ISP. The only one that would even maybe be possible is #2 if Bob is sufficiently skilled, but he probably isn’t. An example of this is the sftp / ftps suggestions above, or the althttpd suggestion, which would most likely all be programs Bob would install on his GNU/Linux machine. But they are assuming that Bob also controls his network and router, and can use router permissions to allow worldwide access to his secure ftp server and/or his secure https upload server (if althttp does uploads). In reality, given that Bob is morally okay with using an Android phone, we know it is probably the case that Bob’s router answers to his ISP and not to him, and he probably doesn’t have router permissions to the device in his house to open the port to allow incoming connections to the server on his GNU/Linux computer.

This brings us to option #3 which is probably what Alice and Bob will actually use. In my case, what I would probably do then:

• Assume that Alice as a Windows user is confuddled in the brain and doesn’t trust GNU/Linux. This means that Alice does not trust Bob to tell Alice what software to download either, since Alice is compromised at the system level by the Windows technology.
• Assume that Bob is sufficiently handy with computers and can make stuff work, and is OK with trusting package managers to install software
• Given these assumptions, if I were Bob then I would buy time on some VPS that has root privileges because I already have a number of these that I rent anyway in my life, and they are exceedingly usful because they allow me to pretend as if I had a #2 solution from earlier in this message even though new wold order government is preventing Bob from doing a #2 solution from above.
• Also assume that the rented VPS nodes in the cloud, despite giving the user root permissions, are actually compromised at the system level and everything the user does on those rented computers is under surveillance
• As such, on the rented computer, ask the VPS provider for an operating system which provides Bob with:
  • Root/sudo full access
  • Some Debian based distro, Trisquel or PureOS if they are offered and if not probably just base Debian since we assume this remote node is compromised anyway
• Now, Bob logs into the rented 3rd party computer using ssh without installing any software. This is possible because the 3rd party computer has the special permission from the new world order to have a public IP address that is accessible.
• Inside the rented cloud computer, Bob modifies the sshd daemon configuration file and adds the setting GatewayPorts Yes which permits SSH tunnel redirects on the server, then restarts the sshd daemon on the server
• Now Bob not only has this (otherwise pointless) middleman server, but a way to specifically tell the server to allow SSH tunneling
• Bob goes to his GNU/Linux computer and chooses:
  • If he trusts his configuration to be hardened against public internet (which is likely not system default !!!) then he simply enters a one line command ssh -NR \*:21312:localhost:22 user@255.255.255.255 where we replace 21312 which a port number invented by Bob that he will later share with Alice, and we replace user@255.255.255.255 to the credentials on the rented VPS
  • If Bob does not trust his configuration to be hardened against public internet, then he uses a second spare GNU/Linux computer he has lying around (maybe an old raspberry pi or other throwaway device from when he thought that kind of device was good before he learned of GNU freedom) or else he creates a VM using any VM technology (perhaps QEMU, it’s OK) on his GNU/Linux computer
• Now bob has some GNU/Linux machine with reverse tunnel so that when someone on public world wide internet tries to SSH protocol access 255.255.255.255 server, it will redirect and give them access to the physical machine inside his home
• At this point, Bob asks Alice to open up Windows Powershell (since Alice doesn’t trust Bob to install anything on her Windows PC because she has Windows brain)
• It is already the case that the GNU tools called ssh and scp are installed on Windows Powershell by default without Alice knowing, as they are on all modern supported Windows computers, since Microsoft greedy overlords actually trust these tools anyway even though they do social media to achieve a future where Alice doesn’t
• Therefore, Alice uses command ssh-keygen or equivalent in her powershell (without installing anything) and she generates a secret key and also a public key. If it concerns you, choose a key type that is quantum resistant. (Maybe Bob needs to explain this to Alice, but the option to do so should already be there without installing any programs.)
• Now on any chat service, Alice sends her public key to Bob. At this point, Bob goes into his hardened VM or secondary GNU machine inside his house – the one that has a forwarded hole to the public internet pointed at it – and he creates a new account on that system for receipt of file from Alice. He creates a new account because he believes Alice might be compromised, especially due to her Windows computer which itself might be compromised by design by the new world order government.
• On the new account, Bob goes to the .ssh folder and adds Alice’s public key for access permission.
• Now, on Alice’s computer, again without installing anything, she uses the Windows Powershell and does a secure copy with scp -p 21312 my90GBfile.whatever alice@255.255.255.255:~/, being sure to designate:
  • The special port number known only to her and to Bob, for which I use 21312 in my example
  • The user account alice which does not exist on the remote 255.255.255.255 (replace with your rented VPS node IP), but rather alice account only exists on the hardened physical machine (or VM) that Bob has nearby

When Alice sees that the upload has completed, she notifies Bob on their standard compromised chat systems of the new world order, which are obviously the only chat systems they have access to, and at this time Bob kills the ssh -NR command with CTRL+C on the hardened system, dropping the access from world wide internet to his hardened GNU/Linux computer. Then he logs into his VPS and stops paying for the rented cloud computer, if that is what he should choose to do. Some of these charge by the hour so the price could be literally only pennies if he kills it when the transfer is done – sharing sufficient personal information to rent the cloud computer is probably more costly to Bob than renting the actual cloud compute.

At this point, Bob can use whatever technology he feels like to transfer between his hardened machine – where he must use root access to suck the 90 GB file out of alice account’s home directory – to then place it on his own PC.

This accomplishes:

• Use of secure transfer technology (quantum secure)
• Windows user installs nothing b/c they don’t trust GNU/Linux user because Microsoft is inside their brain
• GNU/Linux user doesn’t give Windows user access to their PC b/c they don’t trust Windows
• Not introducing a software supplier as a third point of trust separate from the default operating system installs of Alice’s Windows and Bob’s GNU/Linux (this is a big one, if you don’t care about this then use whatever software you want, I guess)
• The cloud server in the middle only redirects encrypted packets, the receiving side of the encrypted communication is the physical machine or VM of Bob and not the cloud compute

If we are renting stuff now and our people are normal=lazy and like to save some money a cloud storage can be had for about <$1-$5 for one month/100GB assuming Alice doesn’t already have a subscription or a lifetime plan, Alice can get between 100GB up to exobytes with GUI, web interface, a CLI access, even mount the service as a NAS drive to upload and send a zero knowledge encrypted, publicly sharable, password protected, and possibly anonymous link with an expiration date if desired. Alice can send Bob a link that downloads like everything does in the windows/mac world directly from the browser to HDD or USB flash drive. Now once Alice and Bob are happy with the transfer they can cancel the service at one month. It is even possible to buy this via crypto to keep it anonymous as possible with some services frequently wiping IP access logs etc.
I personally have a few hundred GB on stacked privacy cloud lifetime plans mounted as NAS to a very light privacy VPS, I pay both in crypto. Together they do almost anything I could ever need and I can also use the cloud storage service extra link/share/stream/sync features beyond being my 20GB server’s extended HDD, I recommend it to most power users.

Did you also have a look at the code: GitHub - filesender/filesender: FileSender server software?

It seems you can also host it yourself. They are also on Mastodon: FileSender (@FileSender@social.edu.nl) - SURF Mastodon. Maybe you could express your dislike of Java and Google trackers there

To me it seems pretty good, well maintained software.

@Dlonk
OpenSSH: Post-Quantum Cryptography (save the link, its all we need to know)
my point is there is no pq key yet (but ssh is pq secure for now)

@jam is that why u chose croc? (or whatever else?) croc has no ios app if im right (both are official on the 3 main desktop systems), i didnt check its android sister project, but only the older ios app is proprietary for syncthing, and i wonder whether u misunderstood me or u had other reasons… i already investigated croc back in time, i expected to find it in my notes, but i couldnt (cuz dunno), and i evaluated it as usable in case, but inferior according to my memories… currently i found that its author is in a constant problem with paying for the single relay server, all the traffic goes through it from all the users, which is solved way better in syncthing, and then 2 years ago someone already told him how should things go with 13 thumbs up, mine is the 14th: This project needs your help again · Issue #453 · schollz/croc · GitHub , but the topic died out… i see it as a low end hobby project compared to syncthing, while it is enough to be usable now, with a questionable future… fixing it is like reimplementing syncthing, or borrowing the solution (both are written in go), or just moving there…

tox can be a thing, previously i factored it out for whatever reason (i guess i saw it as abandonware, but maybe that was something else, or i wanted a pq solution), recently i opened a bunch of tabs for it, but im not yet at a conclusion… that filesender stuff can be utilized too, the more is the better (if their weaknesses are known/solved/acceptable), but i see it also as inferior, relays just fix the internet, those are the future, even if their operator costs will land somewhere, but that holds for the tons of free online ai tools available all around today, but they are there…

the other day i experimented with ipfs, it was so awesome to see my swag on a http gateway after a few new and simple lines in my terminal… (the rest is somewhat off topic) im about seeking means for publishing without the need for installing swag by AverageJoe123 to differentiate my stuff from cave paintings, but i think the updatable directories arent available there, so it would require a different entrance point, and those gateways downgrade it kinda badly… maybe nostr (told here by some1, thx! ) can be my solution if it has good enough means to access it, but thats already a different case than urs, but ipfs can solve ur problem… (running my own server or using git will be considered if i find nothing better… ) otherwise the public presence and the juicy swag for the 1337 can get different solutions…

Thank you for your reply.

This may come as a revelation to you, but 99.9999% of people in the world are like Alice and Bob.

I am 200% sure that Google, Microsoft and other corporations have almost taken over the IT market. And 99% of your friends are just like Alice and Bob.

It has gotten to the point where professional IT specialists recommend Google Pixel phones with the PROPRIETARY Titan M2 chip as the best anonymous and secure smartphones. This is complete nonsense! I always laugh at these hackers.

99% of people do not know how to configure a VPS and everything else you wrote above.

We need cross-platform, intuitive applications that you can install and use right away.

Interfaces that are not overloaded. GPL-3 and similar licences. With open source code. Not for me and you, but for those 99.99%!

At the moment, I see a compromise solution in the form of the CROC programme. I cannot recommend anything else to people who ask me what SSH is, etc.