Peer-to-peer technology is often characterized as a facilitator for copyright piracy, as it removes the need to upload files to a third party server (such as those run by services like Dropbox or Mega), where they can be relatively easily monitored by copyright bodies, law enforcement agencies, and the NSA.
However, while undoubtedly useful (and widely used) by copyright pirates, P2P can be an invaluable tool for journalists and whistle-blowers who need to transfer sensitive files securely and anonymously, directly from one machine to another without any meaningful possibility of interception.
This problem resulted in the appalling incident where Greenwald’s partner, David Miranda, was detained by UK police and held for questioning at Heathrow airport for nine hours, because police believed that a USB drive he was carrying contained 58,000 documents obtained from Edward Snowden (it was, but police attempts to access the drive were foiled by the use of TrueCrypt).
Lee’s response was to build OnionShare, a lightweight P2P file sharing program that routes all data sent through the Tor anonymity network,
‘If you use a filesharing service like Dropbox or Mega or whatever, you basically have to trust them. The file could end up in the hands of law enforcement. This lets you bypass all third parties, so that the file goes from one person to another over the Tor network completely anonymously… It’s basically 100 percent darknet,’ says Lee.
Onionshare will only run when a Tor instance is also running, and works by starting a local web server which is only accessible as a Tor hidden service, ‘generating an unguessable URL to access and download the file.’
‘As soon as the person has downloaded the file, you can just cancel the web server and the file is no longer accessible to anyone’, Lee explains (although it is possible to leave the server running in order to send files to multiple recipients).
The recipient does not need to be running OnionShare, but only needs to open the URL in Tor Browser to receive the file. A great thing about this system is that it allows the sender to remain anonymous, even to the recipient.
Onionshare is now available (with a GUI frontend) for Windows, OSX and Linux, and can be downloaded from here.
Please be aware that at the time of writing the app is in the early stages of development, so caution should be used in high risk environments, and ‘ultimately, everyone uses OnionShare at their own risk.’
Note that BitTorrent Sync is another P2P based secure file sharing app, but it is a very different beast, and is more suited to transferring your own files between devices. Check out our full review of it here!