"The real play is when you've got small networks of co-workers or friends who can share whatever they want securely," Rogers said in an interview. "It could be a group of government officials sharing secure documents or it could be Justin sharing video files with AOL Dulles."
IMHO (yours may differ) much of what we use the internet for, namely person-to-person or person-to-small-group communication, could be accomplished using such software, as an alternative but not a replacement for doing these tasks over someone else's website. Those websites have grown to such ridiculous size, backed by entire datacenters, that people refer to them as "services" and "platforms". But for the task of communicating over the internet, as the programmer saying goes, "There's more than one way to do it." With the gigantic websites run by other people, there's an incentive for advertising. Large audiences and easy access to them, not to mention the ability to eavesdrop and track behaviour. With small networks managed only by the participants using software they choose, that incentive does not exist because advertising is relatively infeasible. For example, the top commenter in this thread states he has been running a WASTE network for years. How does one inject advertising and track consumer behaviour on his network. The answer is they don't. And IMHO that's one reason why this category of software is so useful.
The replies here strangely ignore the issue of the third party intermediary, the commercial motives, the single point of failure.
Who is the third party when using software like WASTE. There is none. There is no "monetisation". A commenter thread has been running WASTE running since 2003.^1 There is no Bay Area-based "WASTE, LLC" or "WASTE, Inc."^2 that must, among other things, pay thousands of tech bros, remain "free", be allowed to operate in all countries and stay in business, let alone for 20 years.
WASTE predates "cloud computing".
1. Went from being top comment to being critiqued by tech bros.
This is still an issue in 2023. Dropbox and Google Drive aren't new, and ironically Megaupload is now a Dropbox/Drive competitor Mega + Rapidshare is long dead. But emailing files or physically sharing on a USB drive is still the best way to share files ad-hoc. Dropbox etc does work, but you have to make a new account and mess around with settings and permissions.
WebRTC has been supported in browsers for at least 10 years.
To that end you can use a website like https://www.toffeeshare.com/ to send files directly to another person via your browser via a P2P connection, without an account.
Because its remaining an issue enables "value extraction". Magic wormhole would work if people knew about it but somehow software that promotes itself by honest word-of-mouth has difficulty competing with software that is bundled with Windows or is made by the world's largest advertising corporation.
I would argue the installation of magic wormhole is hard. Python is a pain and usually scares me away from installing it. I dont want python pooping all over my system.
There is no release artifact that I can easily open and run on the github page.
Wetransfer is exactly made for this purpose. Or if you have Apple and the file is not larger than 5GB, it’s sent through Mail Drop which does the same thing but seamless.
I was almost going to mention Drive and OneDrive and iCloud, but I realized that these are not secure sharing methods, unless your target audience also has accounts on the same cloud service. You can share to "anyone with the link", and practice security through obscurity.
This isn't security through obscurity at all, the links contain a random secret and aren't public. You might as well say a password is security through obscurity because it can be guessed...
Anyone who has the link can access the file. There is no authentication. It's only as "secret" as the email you put it in, or the Zoom chat room it was dropped into, or the web page it is published in.
The shared links do not contain a secret at all. The base64-encoded part of the link is the file object's UUID! Look at it as you copy a shared link, vs. seeing it in the URL bar. It doesn't change as you edit the file, move it to another folder, or share it out. It won't go away until you've deleted the file! If you notice that someone has a link and they shouldn't have it, then you'll just have to copy-paste the content into a new document, and throw the compromised one in the Trash. Goodbye, revision history and all metadata.
Common use cases involve sharing to groups of people, you know, more than one person who might keep a "secret"? What if you've shared a link to 30 people, how do you ensure that 31 can't open it?
"Three men can keep a secret, if two of them are dead."
As opposed to passwords, which people know are secret[citation needed], links are shared. I mean, Google Drive literally calls it "Sharing", so who will stop sharing after the intended recipients have got it?
I think this is my biggest issue with the enterprise file sharing solutions; it's way too hard to manage access to files and to do simple sharing. like at face value it seems easy if you just want to drop a file to a friend or coworker, but it gets much more difficult when you want to actually enforce any controls on it.
Sharepoint and Google drive really feel like they have gone out of their way to make the permissions scheme as convoluted as possible, and it's never clear for me whether I've shared it in a way that permissions can propagate from those I shared it with or not. sometimes I can further share a received Sharepoint document without issue, other times I cannot, and I don't know what the difference is. some of my shared docs that are only shared with specific users can be shared freely apparently, other times when it gets shared further I get automated emails with access requests, even though the public access list is disabled/empty on both cases.
I really wish that the user:group:world wide model was the basis for these permission schemes and it was easier to just set people/groups and the specific actions they can take on a shared file/document. I get why the companies call it sharing, but it shouldn't be thought of as sharing, it should be Grant Access. I think it gives a better mindset for what you're actually doing, and the design should be around the idea you're giving access, not sharing, which is not the same thing to me.
At the risk of not fully slaking your thirst for orthogonality, I discovered just now that Google Drive does indeed have user:group:world access control. You can share to specific users with Google accounts. You can also share with a group: https://support.google.com/a/users/answer/13004062?ref_topic...
I was rather shocked to learn that the mechanism for creating groups, in the sense of access control, is the Google Groups product, also known as collaborative forums, or one of Usenet's modern homes. And this feature works for individual users as well as Workspaces for Business. I just created a Google Group consisting of my three personal accounts, and I shared a Doc with them!
The three levels of sharing persmissions on Drive are: "View", "Commenter", and "Editor". The second level also permits "editing suggestions" which will prompt the Doc owner to accept or reject. These also have semantics for folders.
And then, there is a little options-gear where you can twiddle additional permissions for certain levels of access. In my personal account, they're permissive by default. Meh.
I have a few qualms with this webcomic:
1. For a Linux user, you can already build such a system yourself quite trivially by getting an FTP account, mounting it locally with curlftpfs, and then using SVN or CVS on the mounted filesystem. From Windows or Mac, this FTP account could be accessed through built-in software.
2. It doesn't actually replace a USB drive. Most people I know e-mail files to themselves or host them somewhere online to be able to perform presentations, but they still carry a USB drive in case there are connectivity problems. This does not solve the connectivity issue.
3. It does not seem very "viral" or income-generating. I know this is premature at this point, but without charging users for the service, is it reasonable to expect to make money off of this?
Does this still work? I mean, can we actually get it looked over and make sure it's not going to turn everything into a screaming botnet, and fire it up?
While I applaud the idea of decentralising Internetty stuff, there are all these massively overengineered monstrosities like Mastodon out there that have shit user experience and break down at scale at an exponential rate.
WASTE looks like it might be fun to run alongside "slow internet" services like NNTP and non-ad-heavy websites.
IMHO (yours may differ) much of what we use the internet for, namely person-to-person or person-to-small-group communication, could be accomplished using such software, as an alternative but not a replacement for doing these tasks over someone else's website. Those websites have grown to such ridiculous size, backed by entire datacenters, that people refer to them as "services" and "platforms". But for the task of communicating over the internet, as the programmer saying goes, "There's more than one way to do it." With the gigantic websites run by other people, there's an incentive for advertising. Large audiences and easy access to them, not to mention the ability to eavesdrop and track behaviour. With small networks managed only by the participants using software they choose, that incentive does not exist because advertising is relatively infeasible. For example, the top commenter in this thread states he has been running a WASTE network for years. How does one inject advertising and track consumer behaviour on his network. The answer is they don't. And IMHO that's one reason why this category of software is so useful.