Hi ,
Lately, I’ve been working on a small project called deaddrop.space. I’m posting it here because I thought it might be handy to those who care about privacy and control over their data.
It’s a secure, anonymous file-sharing platform built to prioritize privacy, control, and simplicity. Unlike typical services that ask you to sign up, verify emails, or accept endless terms, DeadDrop lets you upload and share files — no accounts, no tracking, no nonsense.
Here’s how it works:
- You upload a file, set a name, password, expiry date, and max number of downloads.
- To share it, just provide the recipient with the name and password (or a direct link).
- Files are encrypted in the browser using AES-256 before they ever leave your device.
- No raw files or passwords are sent to the server — it’s zero-knowledge encryption.
That means even I, the creator, can’t decrypt or access the files.
BTW, it is open source : https://github.com/Rayid-Ashraf/deaddrop
Would love to hear what you all think — feedback and suggestions are welcome!
How would they if they can’t see it
Good point. I should’ve read the overview more carefully.
That being the case, my next question: Is this intended to be a CSAM sharing platform, or is it just naively a CSAM sharing platform?
Absolutely not. DeadDrop is built with privacy and security in mind, strictly for legitimate, ethical file sharing. It’s designed to empower users to share sensitive but legal information safely, not for any illegal activity.
I do not support or tolerate any use of the platform for sharing harmful or illegal content like CSAM. If such misuse is detected or reported, the file will be permanently deleted and the IP address will be blocked.
So naively then.
Do you have a suggestion on how to combat this while not snooping on a users files? Or are you just enjoying the soapbox?
No, there isn’t a solution.
You can’t ethically provide anonymous no-knowledge hosting.
So if you are doing nothing wrong you have nothing to hide?
This project just looks like it was tailor made for CSAM.
That’s definitely not the intention. It’s built for people who care about privacy, not for anything illegal.
There is significant overlap between those two groups.
Yeah. I’m kind of surprised no one else is really concerned about that. The legal ramifications of hosting a service like this are no joke.
Do you also think the government should be reading everyone’s mail? Should they be scanning every device capable of storing data ever shipped?
They’re basically just poo-pooing the ideas of privacy and security, no more than “the government and corporations need access to everything you do because someone somewhere is doing bad things.”
It’s the same idea as “encryption bad because terrorists,” and “gun company bad because murders,” some people blame the people doing the bad thing, and some people blame the tool used or who created it.
I mean, how do you expect anyone to enforce that? That’s like looking into every envelope or package sent through mail…
Look, problems like CSAM can’t be solved just by shutting down the platforms used to distribute it. If one site goes down, they’ll just move to another. Problems like this can only be solved by addressing the root cause. However, on my end, i will do my best to tackle this issue.
Usually you just keep logs and then it’s up to the police to enforce, obviously not anonymous though.
Yeah, that is the problem, If I started doing this, what is the point of anonymous then.
That’s like sending letters to your water utility to ask them how they intend to stop people from drowning.