this post was submitted on 10 Jul 2023
58 points (95.3% liked)

Selfhosted

39677 readers
260 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
58
Paaster.io - End-to-end encrypted pastebin. (github.com)
submitted 1 year ago by [email protected] to c/[email protected]
21 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 1 points 1 year ago (1 children)

Paaster doesn't assume the users intent for the service. People can share a wide range of data in pastebins and users don't always want this to be public.

[–] [email protected] 0 points 1 year ago (1 children)

This just seems like misunderstanding the point of a pastebin, and also what tools are appropriate. At least to me, depending on privacy demands, you'd use an existing cloud filesharing service like box for basic privacy, or if your correspondent understood encryption and privacy, you'd use something like Signal to share either a compressed image or data, or the actual file.

[–] [email protected] 2 points 1 year ago* (last edited 1 year ago) (1 children)

We'll obviously people are finding / needing a use for a service like this. Paaster has 340+ stars & a similar project Privatebin has 5.1k stars.

Sometimes you want to share data briefly with others or to only a specific groups of people (private forums, game lobbies etc) so being able to do so quickly and securely can be extremely useful.

Also this is a privacy page, why should your Pastebin data be stored in raw text and easily indexable by the host? Obviously pastebin data has the potential to be sensitive (look at the amount of people leaking things on pastebin.com)

Also data leaks do occur! Why should all your pastes be publicly viewable when you only intended to share it with people XYZ platform etc.

The fact your unable to imagine use cases and benefits of such services / projects honestly amazes me.

[–] [email protected] -1 points 1 year ago (1 children)

I guess I just don't get how you have share with "large" group of people and private and secure? I mean, pastebin anyway had a timeout. And the paaster github even says you have to run your own instance for security and privacy. If I'm running my own server, I presumably don't need to encrypt my data from myself. If I am running my own server, and the security is explicitly the link, it's not actually secure because the link grants access. But that's to be expected, anything more and you get into needing to authenticate everyone, which is the exact opposite of easy or quick.

And for anything I'm concerned enough about to not share with the internet - I wouldn't be posting on a game lobby or forum. Or I mean, if I trust the forum privacy, why not just... idk... post the text content to the forum?

My issue here isn't that I don't see the need for a pastbin sort of service, my issue is I think for the vast majority of usecases you've listed and I can imagine, you're getting security theater, not actual security and privacy.

[–] [email protected] 2 points 1 year ago* (last edited 1 year ago)

And the paaster github even says you have to run your own instance for security and privacy.

It says a "instance you host or trust" this is true of any web app (including Proton etc.)

Even if you self host data leaks can occur.

The fact you don't see the need for a encrypted pastebin only speaks to your limited imagination.

Matter of facts are, people share data not wanting it to be indexable or open to data leaks by the server, data in pastebins can be sensitive & people are using E2EE pastebins.

Here is a use case what matches all your arbitrary requirements. "User wants to share sensitive data over a insecure channel (like discord), they can send a Paaster link what deletes after view, so if Discord ever tries to view it in the future they cant see the data."

E2EE now labeled security theater 🤣

Maybe your specific use case doesn't benefit off E2EE, but can't believe I have to explain this. You aren't the center of the universe and use cases of E2EE pastebins aren't limited to your specific use case.

Even pastebin.com sees the benefit of "private" pastes, but according to your logic this shouldn't even exist too!

Anyways this conversation has lost any sense of productivity & obviously your care or understanding of privacy is minimal.

As a final question (what I don't want a response to) is, should every paste ever always be accessible by everyone?.... Hopefully your answer is no & you can put 2 & 2 together.

Have a good day & use any data collecting, raw text, insecure platform you want!