Overview

HTTPS SSH

Stasher

P2P is a hero no one wants, and on the web, uploading sucks. Stasher shares a folder on your computer to a web service. It's time to stop cowering in the UX shadows.

Technical:

  • An HTTP Client which polls a Server for Commands - see Protocol Specification - Core
  • One or more Controller servers which provide a service - see [Unlock new achievements] below

Audience

  • You're on Bitbucket, so this information is written for coders and digital professionals
  • General purpose information will be written and presented through PR, maybe a separate article, and maybe a website in the future
Jobs:

Looking for developers, who will work fixed price for small scopes. We are not talking huge money here, but some money - ~AUD500. Post a proposal ticket/issue for me to consider, and we'll take it from there.

There is already one proposal up with a bounty in Issues.

Why? What's broken?

  • Peer to Peer is a hero no one wants - UPnP is insecure, so port forwarding rarely happens, and then it's used mainly for piracy. In the end distribution isn't really a problem. Most web services which matter use CDNs like CloudFlare, and the internet infrastucture is increasingly centralised. The world moved on without P2P.
  • Uploading sucks - the user experience is terrible. Central services like MegaUpload prove there was plenty of friction with P2P. Only distributors needed to put up with uploading. The subscribers simply downloaded like any other url.

How does Stasher fix it

  • One ridiculously simple piece of software
  • Software runs on your computer, which connects as a HTTP client to a Control HTTP server
  • You have a user account with configuration with those services
  • Those control servers can scan over those files, upload and download as needed

Unlock new achievements

  • Master Control - an access control service which helps you connect other web services
  • Sync - a service can sync your music across multiple devices
  • Photo Gallery - a service can share your photos in a Flickr way, but no manual uploading
  • Organise - a service can sort your music for you in a standardised way
  • Deduplication - a service finds and removes duplicate files, saving space
  • Backup - a service can store copies across devices and services for you
  • Distributed Archive - a service can leverage spare disk on your devices. Get paid to store encrypted archive data for other companies. Leverage spare storage across your enterprise. The power is already on.
  • Inactive Data Archive - a service can use your disk to store your older data. Saving them money which can be passed to you.
  • Portability - It's your data. Facebook could store a copy of your posts in json form, and then other services can be allowed to read that data for reposting.
  • Push - a service can send you recommended content
  • Desktop Background push - a service sends you backgrounds of the week to a folder
  • Transcribe from dictation - a service checks a folder for .mp3 files, gets them and extracts the text, leaving the text in a file on your computer
  • Search - a service indexes and you can search through your files
  • Break mobile app isolation - it's your data, a mobile app can implement the protocol and let you access your data
  • Virtual Machine Compression - Differencing with data blocks from a standard OS install.
  • Remote video production - Start working on video production on the other side of the world while filming.
  • Upload from Camera - When WiFi is connected, files are automatically uploaded to your connected service and deleted off the camera.
  • File Transfer and Deployment - Policy document deployment (use desktop search), update web applications, transfer of secure documents between organisations, suck scanned documents directly into Document Management queue.
  • Security Camera Clips - More secure IoT from the foundations. Behind a firewall by default.
  • There might be a few more, but you get the point - Stasher is best

Is it secure? Of course.

  • You can always run it in a Virtual Machine, to isolate from your other information
  • Encrypted communication - HTTPS is supported. It's up to you if you use VPNs and more.
  • Personal Trust Network - servers can have self-signed certificates, and when trusted server is added, the associated certificate will also be entrusted
  • Encrypted files - that's up to you. BitLocker, VeraCrypt and more.
  • Access control - Per server command limits
  • Files or folders prefixed with a dot (.), will be ignored
  • The first version of the system will have thorough sanity checks on data
  • .Net/Mono is a well trusted secure platform to build software upon
  • Unit tests for Client
  • Client Fuzzing Tests
  • Feature idea for Relay Service, which could give a Phone App you have, the ultimate power to approve configuration changes to your Stasher Network.
  • You can't remotely execute software through Stasher, only access shared files, and run certain safe remote functions { HASH, THUMBNAIL, FRAME, LIST, 7Z, RECOMPRESS }
  • Even though everyone should know you listen to Celine Dione, we have you covered.

How will it work?

Flickr Example:

  • Visit Flickr website
  • Edit your profile
  • Click Add to Stasher
  • Stasher will open on your computer
  • Details of the access is displayed
  • You click Accept
  • Now your photos are automatically uploaded to Flickr
  • Now you can subscribe to new photos to display on your desktop

The Roadmap

  • I start it - the first version should be enough for eternity
  • You extend it - a few extra features could be handy, but please keep it simple
  • You make services which connect to Stasher clients
  • PR and glory - see Public Communication

What's important for this project overall?

  • The protocol
  • DotNet-Core Client Library and Package Distribution
  • Test Client - to run tests on Controllers
  • DotNet-Core Client and Installer
  • DotNet-Core Server Libraries
  • Test Server - to run tests on Clients
  • DotNet-Core Server and Installer
  • Stasher Website (marketing)
  • Stasher Hosted Controller (paid service to make money to continue development and support)
  • Implementations of Clients Libraries and Applications from contributors which are maintained here

Documentation

New Direction?

If I use LightRouter (current private source), then Stasher need not focus on being an HTTP reverse adaptor anymore, and can expose a regular HTTP server interface from the client agent. The TCP reverse tunneling adaptor of LightRouter, can be established for long periods and may be closed down, telling the client to call back later.

Then while the client is connected, the server may request many commands in parallel, each with a RESTful URI.

Why the question mark on the heading? I have already built the HTTP Client reversing adaptor. But there can potentially be many new possibilites with a decoupled LightRouter sub-library. As LightRouter gains more features, such as security (TLS), PKI management, TCP over UDP and more.

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.