94 points by goranmoomin 3 days ago | 50 comments
daniel-s 3 days ago
The site is cool, but is it not just going to be abused?
p4bl0 2 days ago
The full code for the service is here: https://paste.fulltxt.net/42
The command-line paste tool was this simple script: https://paste.fulltxt.net/txtp
In another distant past, I ran an URL minification service at http://uzy.me/, and there too because of spams, I had to discontinue it.
Spam is really killing the internet… This actually saddens me.
stavros 2 days ago
egeozcan 2 days ago
If you play the good citizen and encrypt the files, giving the key to the owners, then you also don't have any means to preemptively detect and delete that stuff, you just keep waiting on some law agency knocking at your door. Also, if you openly say "hey I'll peek into your files to see if they are legal", then they will be the ones encrypting. Disallow that? It's a nightmare to detect and abusers are really, really creative! So much dedication too!
And it's not just CSAM, there will be detailed instructions on practically any illegal thing you couldn't even imagine.
It's bad, really bad, and I've grown to accept that small, closed community services (best with real-world connections) are the only way forward.
fragmede 2 days ago
alias_neo 2 days ago
I run it on my LAN for my own use, which is what I think it's best for, but I really don't like having something like this on the web.
Luckily, I've never advertised or shown it off so nobody but myself uses it, but I'll probably take down the demo site too, soon.
EDIT: Typo
fragmede 2 days ago
alias_neo 2 days ago
The project is already open-source on Github, but I don't actively link to it in public forums because I don't want to have to deal with it being used for questionable/illegal content, which is also the reason I haven't added some of the features I'd like to, and severely limited the size and duration for the demo site.
It's been a nice toy project, I added multiple architectures support for the Docker image builds when I was working out how to do that, manifests to deploy it in Kubernetes when I was first learning that and even made it a Nix flake when I first started playing with NixOS; The code itself is written in Go with a goal of using zero external (outside of standard library) dependencies, keeping the code small and clean for non-programmers to be able to understand and uses some Go features that were new/interesting to me at the time they were added.
It'd need to grow a lot and forgo some of those goals for me to add the features I would like to see, but for something nobody will use, and I use quite sparingly myself, there's no need.
guerrilla 2 days ago
Our first technology, community, serves a purpose after all.
xg15 2 days ago
hnlmorg 2 days ago
This is why (for example) Google Drive and OneDrive have become so popular despite Dropbox being first to market.
There’s plenty of other file transfer solutions out there too but you’ll find the un-siloed ones will be lesser known than the siloed ones simply because of the power of $$$
GoblinSlayer 2 days ago
derefr 3 days ago
I would personally suggest that this site probably "wants" accounts. Yes, with CAPTCHAs (on registration.) If you want to be able to ban people who abuse your service, you'll need some thing-that-is-costly-to-get-multiple-of to ban them by. Otherwise they just keep coming back.
To still be a "console-friendly pastebin", the result of doing that costly registration process, could just be a page that gives you a (private) URL, that works like the base URL does now. https://paste.c-net.org/b/{bucket} or something, where {bucket} is a UUIDv4, or anything else with enough entropy to not be able to brute-force enumerate your way into someone else's account URL.
The uploaded files themselves could still have short human-writable top-level paths, for ease of repeating them over the phone.
Though, I notice that when you upload a file, you get a "delete key" as well as a URL. IMHO the "delete key" shouldn't be a weird nonstandard header you send with an HTTP DELETE; it should just be a URL — e.g. https://paste.c-net.org/b/{bucket}/{delete_key} — that you can HTTP DELETE directly.
In other words, make /b/{bucket}/{delete_key} the file's "true name", and /{link} a "read-only view" of the file.
daniel-s 2 days ago
dgl 2 days ago
If you run curl waste.st you also get the “manpage”
The goal was to make it do uploads without a ton of frameworks. The front page is around one request under 20K. It also has a special emoji url: https://[waste bin emoji].st that HN doesn’t support.
arjvik 2 days ago
xyz_ielh 2 days ago
GoblinSlayer 2 days ago
captn3m0 2 days ago
Timwi 2 days ago
derefr 3 days ago
> Don't break the law, don't post illegal shit, don't be an asshole.
The law in which country? All countries? Do I have to avoid uploading depictions of Mohammed, or insulting statements about the president of Turkiye?
egeozcan 2 days ago
Disclaimer: Erdogan is the ultimate ruler, he's totally the best. That guy I know totally deserved it!!11
ps. I like my vacations in south Turkey.
userbinator 2 days ago
blooalien 2 days ago
I normally take a bit of a "dim" view of generalizing certain behaviors to an entire nation's population, but this one's spot-on for certain, and I say this as an English speaking U.S.-born citizen that's lived here all my life, and pretty much grew up "online" (had Internet access since the early days, and even before that I was on local and "long-distance" BBSs quite frequently).
When this specific sort of assumption is made online or in writing / speech, it's almost always "The U.S." Totally too many folks here have a "weird world" inside their mind where there is only "here" and "everywhere else", and "everywhere else" only really matters at all if it somehow "infringes" upon the personal-space of their social-media mandated "rage button".
ttyprintk 2 days ago
defrost 2 days ago
Wowfunhappy 2 days ago
derefr 2 days ago
In effect, in a world where extradition treaties exist, the law you're subject to is the sum of the laws of all the countries your country has agreed to mutual extradition with.
(And strangely enough, I believe this is even transitive. Presuming countries {A,B,C} which have extradition treaties AB and BC, if country B can get you extradited from country A for crime 1, then country C can get you double-extradited during your detainment in country B for crime 2 — even though country A may have never signed any treaties with country C!)
But even ignoring extradition... when speaking of international diplomatic relations, the law-in-practice of "whatever country you're in" is often not the law-as-written, but rather "whatever it takes to make a foreign country happy." I.e. if a foreign country wants you punished — and your own country isn't so powerful as to be able to just tune them out — then often you will be slapped with whatever local law your own country can make fit, to get the other country to calm down.
I brought up the president of Turkiye for a specific reason: the https://en.wikipedia.org/wiki/B%C3%B6hmermann_affair , where a German who wrote an insulting poem about Erdoğan, was charged with a [rarely used, archaic] crime by the German government, after the Turkish government basically sent a strongly-worded letter to the German government implying that their relations would be damaged unless they "did something."
(Though, pleasantly, after much outcry from the German populace, the law they used to try to punish Böhmermann was challenged and repealed: https://www.npr.org/sections/thetwo-way/2017/01/25/511611581...)
RamVasuthevan 2 days ago
I can't seem to find out anything about Cathedral Networks (https://cathedral-networks.org/). They do host a cygwin mirror (https://cygwin.cathedral-networks.org/) and a GLaDOS Voice Generator (https://glados.c-net.org/)