I built a file transfer tool that can’t spy on you even if it wanted to

I got tired of explaining privacy policies to people. Every time I needed to send a file to someone, I had to pick a service and implicitly trust it. Trust that it wasn’t reading my files. Trust that it wasn’t training a model on my documents. Trust that when it said “we don’t look at your stuff” it actually meant it. I couldn’t verify any of that. Neither could you. So I built phntm.sh. And I want to be honest about what it is, what it isn’t, and where it’s still rough. The core idea Zero-knowledge means the server genuinely cannot read your files. Not “won’t.” Cannot. Here’s how it works. When you drop a file into phntm, your browser generates a 256-bit AES key. The file gets encrypted client-side with AES-256-GCM before a single byte leaves your machine. Only the ciphertext goes to the server. The decryption key gets embedded in the URL fragment, the part after the #. Here’s the important bit. Browsers never include the fragment in HTTP requests. It’s in the spec. RFC 3986. When you

I built a file transfer tool that can’t spy on you even if it wanted to

Related Articles

DJI’s Avata 360 is a more functional, flexible 360 drone

Senators Demand to Know How Much Energy Data Centers Use

Step 4: Controlling Direction — and Starting to Track Position

Eufy Omni C28 Review: Affordable and Full-Featured

X Factory Cars: A Smarter Way to Experience New Car Finance

Related Articles

News
DJI’s Avata 360 is a more functional, flexible 360 drone
The Verge • 2h ago

News
Senators Demand to Know How Much Energy Data Centers Use
Wired • 2h ago

News
Step 4: Controlling Direction — and Starting to Track Position
Dev.to • 2h ago

News
Eufy Omni C28 Review: Affordable and Full-Featured
Wired • 3h ago

News
X Factory Cars: A Smarter Way to Experience New Car Finance
Medium Programming • 3h ago