I run 0807, a file host I host myself.
You drop a file, you get a short link, and you choose when it disappears.
I am posting it here because the whole thing is built around privacy, and because I would rather lay out the real threat model than call it "secure" and let you find the gaps later.
The privacy side:
- No account, no sign up. An upload is not tied to any identity.
- No ads, no third party trackers, no analytics. Nothing is loaded from outside domains, so no fonts or scripts phoning home.
- The server does not log IP addresses or requests. The rate limiter holds an IP in memory for a few minutes to count requests, then forgets it. Nothing is written to disk.
- Reachable over Tor through an onion service.
- Auto delete by time (one hour to thirty days, or never) or after a chosen number of downloads.
- Optional password on files and on text notes.
- Files up to 20 GB.
- Executable types like exe, bat and scripts are blocked so it cannot be used as a malware drop.
The honest part, which this community will and should ask about:
it is not end to end encrypted. The server can read what is stored, on purpose.
I want to be able to remove illegal uploads when they get reported, child sexual abuse material above all. A server that cannot see its own contents cannot act on those reports, and I am not willing to run one that cannot.
So I gave up that form of secrecy in exchange for being able to take that content down.
What that means for you in practice the password is casual access control, not protection from me as the operator or from anyone who breaks into the server.
If you need real confidentiality, encrypt the file on your own machine before uploading and share the key separately.
Treat 0807 as a way to move files around with self destructing links and no account, not as a vault for secrets you cannot afford to expose.
It is open source, and I host the code on my own server instead of GitHub, so there is no third party in that loop either.
You can read every line check the no logging claim yourself suggest a change, or open an issue all without an account:
Questions and criticism welcome. If you think the encryption tradeoff is the wrong call, I will read the argument
Wouldn't people looking to host illegal content also just do this?
With that in mind, wouldn't it be better to implement E2EE and have that user trust?
I get where you're coming from, but that's the unfortunate dilemma of file hosting, I'm afraid.
You're right, and I won't pretend otherwise. Someone determined to host illegal content can encrypt it client-side and I'd never see it.
But that isn't where most of the abuse on an open drop host comes from. The whole point of dumping that content somewhere is that the link is easy to click and the file just opens.
Client-side encryption breaks that the recipient needs the key, nothing previews or streams so the lazy and opportunistic uploads which are the bulk of it stay in plaintext.
Being able to remove what I can actually see is real harm reduction even if it never catches the careful ones. Locks don't stop a determined burglar either, we still fit them.
The deciding factor for me is reports. With plaintext, when someone flags a file I can look and pull it. With E2EE I'm structurally incapable of acting on any report even when I want to.
I'm not willing to run a server where, if you show me there's CSAM sitting on my disk, I cannot take it down. That's the line and it's not a technical one
As for the trust E2EE would buy, anyone who genuinely needs confidentiality already has it they can encrypt before uploading to any host, mine included.
So adding E2EE here would cost me all of that moderation ability in exchange for convenience my privacy-minded users can already get themselves. For a casual share-with-expiry tool, that trade isn't worth it to me. You're not wrong that it's the dilemma of file hosting.
I just landed on the side of being able to answer a report, and I'd rather be honest that the password is casual privacy than sell E2EE I'd then be helpless behind.
I was going to say as I started to read through this, it’s either brave or foolhardy, especially with the TOR integration. That sounds ripe for abuse. Even with your precautions that sounds like a risk I personally wouldn’t want to take, but good luck to you!
As for TOR, that’s my biggest concern right now especially regarding abuse. So far everything’s going well, and if things get out of hand, I’ll remove the onion.
Thank you. I hope to keep the project going for as long as possible