Made a way to share links privately (qrc.site)

submitted 2 days ago by RommieDroid@programming.dev to c/programming@programming.dev

7 comments fedilink hide all child comments

I made this tool so you can share 'locked' links safely & anonymously with a password. It gives you plausible deniability and crowd blending when sharing privates links.🔒

https://qrc.site/anon (open sauce) 🦑

top 7 comments

sorted by: hot top controversial new old

[-] KoboldCoterie@pawb.social 20 points 2 days ago

Makes privacy-focused service

Disallows access through VPNs

Mate...

[-] RommieDroid@programming.dev 4 points 2 days ago

Sorry 😂 Thought I exempted the /anon route from headless, VPN and proxy checks but forgot one of the VPN functions, fixed now! The /anon route is not checked. It was unfortunately needed because of a very costly bot attack abusing a service I had.

[-] calcopiritus@lemmy.world 3 points 2 days ago

I don't see the use case.

There's 2 secrets here: the link and the password. And to share it with someone you need to share 2 secrets: the locked link and the password.

Why not use the same method you used to share the password to share the link instead? Without the need for this service.

[-] RommieDroid@programming.dev 2 points 2 days ago

Yeah, I appreciate the feedback. I need to do more, so the link isn't a secret, e.g. any password will decrypt any link to text so if you use the wrong password you get wrong data possibly a different link, that hides if you were wrong or right. Then you only need to share one secret via a separate channel.

[-] KoboldCoterie@pawb.social 2 points 2 days ago

Not that I'd use this service for it, but I've had use cases for this sort of thing. It's not so much about plausible deniability as OP wants to sell it as, but more about security. You send the locked link (or a PW protected file or whatever) via, say, email, and the password through a text message. Then, in order for the data to be stolen, the attacker would need access to both of those, rather than only one. It's niche, but I've needed to do it for my job before, so I can at least see the point.

[-] RommieDroid@programming.dev 1 points 2 days ago

Files are a whole other issue. If I was to make a file upload, it would be my site (encrypts & uploads data)->uploadthing.com->AWS T3 Buckets->returns link. Because if it was bad content my site cant do the decryption without being liable, so for decryption->open sauce decryption system->hosted on popular free platforms you can't block->decrypts data and hides original file.

[-] KoboldCoterie@pawb.social 3 points 2 days ago

There's already services like Box.com that offer similar functionality for files.

As a suggestion, having an option to have the string deleted after it's been accessed once would be nice as an extra layer of protection.

this post was submitted on 24 Jun 2025

15 points (89.5% liked)

Programming

21148 readers

160 users here now

Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!

Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.

Hope you enjoy the instance!

Rules

Follow the programming.dev instance rules
Keep content related to programming in some way
If you're posting long videos try to add in some form of tldr for those who don't want to watch videos

Wormhole

Follow the wormhole through a path of communities !webdev@programming.dev

founded 2 years ago

MODERATORS

snowe@programming.dev

Ategon@programming.dev

MaungaHikoi@lemmy.nz

UlrikHD@programming.dev