←back to thread

Send: Open-source fork of Firefox Send

(send.vis.ee)
276 points leonry | 6 comments | 19 Oct 24 12:17 UTC | HN request time: 0.865s | source | bottom
Show context
bachmeier ◴[19 Oct 24 17:24 UTC] No.41889123[source]
If you don't want to self-host and you don't want to trust someone else's service (I don't know anything about this server) you get Bitwarden Send with the $10/year premium plan.
replies(2): >>41889301 #>>41889804 #
1. KomoD ◴[19 Oct 24 17:46 UTC] No.41889301[source]
> and you don't want to trust someone else's service

You still have to trust Bitwarden aka someone else's service?

replies(2): >>41889314 #>>41891621 #
2. jacooper ◴[19 Oct 24 17:49 UTC] No.41889314[source]
Its e2e encrypted, and the client and server code is open source/source available.
replies(2): >>41889452 #>>41889529 #
3. notpushkin ◴[19 Oct 24 18:07 UTC] No.41889452[source]
This is also end-to-end encrypted, and the client and server code is open source/source available.

The reason to use Bitwarden could be that you already trust it with something else, and could have taken time and audit that it is indeed legit, or trust others to complain loudly if they find something wrong with the code. Personally, I’d self-host it (or the open source, lighter on resources Vaultwarden), just as an additional safeguard.

4. hypeatei ◴[19 Oct 24 18:18 UTC] No.41889529[source]
How can you guarantee the build is from the open source code? (i.e. doesn't contain a small patch with hostile behavior)
replies(1): >>41897239 #
5. bachmeier ◴[19 Oct 24 23:26 UTC] No.41891621[source]
Yeah, I didn't word that very well. We tend to trust services like Bitwarden and Fastmail. I should have probably said a service you've never heard of.
6. EasyMark ◴[20 Oct 24 18:04 UTC] No.41897239{3}[source]
You probably can’t but if you’re one of those people who keeps passwords with Bitwarden, you probably trust them, and it’s nice to have this service as well.