Top Qs
Timeline
Chat
Perspective

OnionShare

A file sharing application over Tor network From Wikipedia, the free encyclopedia

OnionShare
Remove ads

OnionShare is an open source file sharing application, which uses the Tor network to share files. It is available on most major platforms. It also lets users host websites and chat in a secure and anonymous manner. It uses peer-to-peer sharing over Tor to preserve privacy and anonymity.[4][5][6][7]

Quick Facts Developer(s), Initial release ...
Remove ads

Features

Its main features are:[8][9][7]

  • Sending and receiving large files peer-to-peer over tor network.
  • Chat ephemerally.
  • Host a website.

The distinguishing feature of OnionShare is that users can do these things while maintaining anonymity.[4] Because of this, sensitive document sharing and whistleblowing activities are a primary use-case of the app.[10]

Sending files

Sending large files over the internet can be a hassle without centralized servers.[4][11] OnionShare made it easier to share files because of its peer-to-peer nature. This also circumvented surveillance, possible because of centralized services. The circumvention is allowed by hosting shared files on tor network.[12]

Hosting websites

OnionShare allows hosting static websites without JavaScript from the app.[5] This feature became available as of version 2.2. These sites can be visited by any browser that supports .onion sites, such as Tor Browser.

Usage

OnionShare is most notably aimed at being used for sharing sensitive files and whistleblowing.[10][13]

Remove ads

History

OnionShare was released in 2014. Its initial release was hampered by the RIAA and MPAA, who wanted to limit peer-to-peer file sharing solutions. They both actively lobbied against peer-to-peer protocols and software in which they had a hard time finding investment and development for, hence why it took so long to release such a tool.[4]

In February 2019, OnionShare 2 was released. It came with macOS sandbox enabled by default, support for v3 onion services, translations, etc. The .onion addresses were ephemeral by default, as always.[14]

In October 2021, OnionShare patched two low risk vulnerabilities which were uncovered in a security advisory by IHTeam.[15][12]

In December 2021, Radically Open Security published their penetration report of the audit conducted on OnionShare.[16][17] It was financed by Open Tech Fund and targeted version 1.1. The most impactful vulnerability found allowed to render arbitrary HTML inside the desktop application and a denial-of-service attack based on previously undisclosed Qt image parsing. 2 elevated, 4 low and 3 moderate severity issues were found. All issues were resolved before publication of the report.[17]

Remove ads

References

Loading related searches...

Wikiwand - on

Seamless Wikipedia browsing. On steroids.

Remove ads