Thanks! The pricing is very affordable. Will definitely consider it for increasing the size limit

Thank you so much for testing it out and taking the time to open the issues, really appreciate the feedback! I’ll take a look and work on them soon.

The person submitting the report would need to provide the file name and password.

Well, DeadDrop uses name + password modal as well as direct link.

If you are referring to DMCA (should have directly mentioned it), then NO, this content is not gonna be allowed. Those files will be permanently deleted once it is reported.

Yes, once there’s enough traffic, I plan to add an option for sharing larger files. The cost will depend on the file size.

Can you please clarify what do you mean by YCMA?

Well, DeadDrop is still in its early stages of development and right now deaddrop is focused on sharing sensitive images and documents. Moreover, I don’t have money to pay the bills but will increase the size limit once the site gets good traffic. However, I can provide you upto 100 MB for free, DM me.

So with that logic, if a person reports CSAM to police. The police first has arrest the person who reported it. Am I right?

Thanks for mentioning this, I really appreciate it. I will considering implementing hash scanning before encryption to help prevent illegal content.

Oh boy! Didn’t know about that. But how do other platforms like dropbox, whatsapp and telegram tackle these problems. Don’t they first have verify a content to delete or report about it.

Well, one service shuts down and they move on to another. Instead, deal with the real culprits that do these illegal things. Shutting my or anyone else’s services will make no change.

Yes, fork the code from github and host it on your own server.

By verify, I mean to check whether there is really something illegal in the file or not

I want to be very clear: I do not condone CSAM or any illegal activity. DeadDrop is simply a privacy-focused file-sharing service — like many tools that value anonymity, it can be misused, but that’s not its purpose or intent.

To your question: I’m not trying to “avoid jurisdiction” — I’m trying to build a service that respects privacy and anonymity, which I believe are fundamental rights. Unfortunately, any privacy tool (from Signal to Tor) can be exploited. The challenge isn’t the tool itself, but how we handle misuse without compromising basic freedoms for everyone else.

If we shut down every tool that could be misused, we’d also be shutting down freedom of speech, press, and secure communication. That’s not a solution — it’s just pushing the problem elsewhere.

Thanks for the detailed and thoughtful reply — I really appreciate the time you took to lay this out.

I know Aaron Swartz — big fan.

You’re right about many of these points. The biggest challenge with any web-based cryptography project is trust in code delivery, especially when it’s dynamically served. That’s a fundamental limitation of browser-delivered JavaScript, and I fully acknowledge it.

You’re also absolutely right that true zero-knowledge isn’t just about encryption — it’s about removing trust assumptions. The server still being able to serve malicious JS is a valid and well-known concern. That’s why I’ve made the code open-source and encourage self-hosting for anyone who doesn’t trust DeadDrop or me.

To clarify a few things:

-No JavaScript is sent after the file metadata is submitted — only the encrypted metadata and the file are transferred after the password is verified locally. I’m also planning to encrypt metadata (including filenames) to limit what the server can see.

-DeadDrop uses salted encryption. I’m using a proper key derivation function (PBKDF2) with a salt, which makes brute-force attacks significantly harder.

You’re right that unless users host the project themselves, they have to trust me — just like users of Signal technically have to trust their app stores and client builds. So, trust is a fundamental principal for a service like this and I promise the code that is delivered on the browser is same as on the github. However, if you don’t trust my instance, you can review, fork, and self-host it easily.

I’m not claiming DeadDrop is flawless — just that it’s a sincere attempt to build a privacy-first, zero-knowledge file-sharing tool. I am truly grateful for your feedback, thanks again.

( Yeah, worked with VPN ). This website is great but very different from deaddrop

is this only me

Fair point — I should’ve been more careful with the wording. I’ve open-sourced the code exactly so that people can audit, test, and critique it. I don’t expect blind trust, and I’m not claiming it’s perfect, just that I built it with privacy in mind.

If you have concerns, I’d genuinely appreciate feedback or a review. My goal is to improve it, not just promote it

It is a P2P service. While as Deaddrop is like a cloud storage to temporarily save and share a file

That’s definitely not the intention. It’s built for people who care about privacy, not for anything illegal.

Sorry about that — I recently open-sourced it and forgot to add the link. I’ll update it as soon as possible!

I am considering moving to UAE :)

Then, what are you gonna use, cash?

Thanks for the suggestions. I will consider it in future

Well, it is open source ( https://github.com/Rayid-Ashraf/deaddrop )

Yeah, that is the problem, If I started doing this, what is the point of being anonymous then.

Well, everything has its own pros and cons

Look, problems like CSAM can’t be solved just by shutting down the platforms used to distribute it. If one site goes down, they’ll just move to another. Problems like this can only be solved by addressing the root cause. However, on my end, i will do my best to tackle this issue.

I guess the people who care about privacy use Crypto. If i incorporated regular payment system, it will violate the core principle of the website i.e. to protect privacy and anonymity.

I must admit send.vise.ee and deaddrop.space are both similar or I can say send-vis.ee is better. Deaddrop is still in its early stages of development, so if you guys have any suggestions or want anything that can make deadrop different. I am open to consider them.

Absolutely not. DeadDrop is built with privacy and security in mind, strictly for legitimate, ethical file sharing. It’s designed to empower users to share sensitive but legal information safely, not for any illegal activity.

I do not support or tolerate any use of the platform for sharing harmful or illegal content like CSAM. If such misuse is detected or reported, the file will be permanently deleted and the IP address will be blocked.

To be honest, there is not much I can do about it. However, if anybody found any illegal content, He/she can report it to me with name and password. I will verify the file and permanently delete it if their was anything offensive or illegal.

(Thanks !) Well, the send’s website mentions that " Send will be terminated on May 24th. Costs are getting too high to keep hosting this service."

Sorry about that — I recently open-sourced it and forgot to add the link. I’ll update it as soon as possible!

Deadrop is open source. You can check out the source code here: https://github.com/Rayid-Ashraf/deaddrop

Sorry, can you clarify which site are you referring to as i couldn’t find it. However, if I compare it with other file sharing sites, it works on Name + Password model, uses zero-knowledge encryption and has a lightweight and simple UI

Yes, it does cost me. For now, there is a 10MB limit. If this worked great, i will add a paid plan to upload big files. The payment would be done in crypto and cost will depend on the file size. In this way, i could keep the service running as well as protect the privacy and anonymity of the user