Personal Identification Information
Users visit our Site anonymously. Obscured Files does not store logs upon the activity of our Site. The only time we can collect any personal information is when the user uploads a file. A user can upload a file with personal information embedded in such file. While we try our best to protect users information from being posted on our site, the user themselves are responsible for actions to keep their anonymously.
Third Party Information Collection
Web Browser Cookies
We have no cookies on this site. Instead we use randomly changing cryptographic post data to authenticate downloads.
How We Use Collected Information
Obscured Files may collect and use Users information for the following purposes:
To run and operate our Site
We store uploaded files on our server. When a User makes a request for a file, and the request is valid, we serve the requested file to the requesting User.
How We Protect Your Information
On our Clearnet site we provide a high security SSL certificate. The security of such certificate can be security audited at any time. At the same time, please check out our header security. We also have been setup with verisign's DNS servers that are outfitted with DNSSEC to protect against DNS cache poisoning while also providing origin authentication, data integrity, and authenticated denial of existence. These security features provides protection for all information transfer from the User to the Clearnet Site. The Hidden Service is within the encrypted network of tor. All connections are already encrypted and DNS leaking is no longer possible so these protections are not needed to securely transfer information.
All files, with the exception of pictures and webms, are stored outside the web directory with obscured file names. Files are only accessable to the User when given the appropriate download link. When serving we pull the assigned (original if Obscured Filename not selected) name of the uploaded file from a database and serve the requested file named as such. Photos and Webms are only stored for one hour, after which they get deleted from our servers.
To protect Users anonymously, we have rebuilt this site exceeding standard file security practices, do not store any logs, provide a hidden service site to enhance privacy for users that still think we do store logs (hidden services can not retreve IP addresses), we jailed our web server directory, initiated some of the highest possible PHP security practices, prevent as much as possible disk writes (All sessions are stored in RAM), and have even set a $100(US) reward for disclosing an exploit.
Sharing Your Personal Information
Unless the user uploads or posts personal information, we do not have any. If the user did upload personal information, it would only be accessable from appropriate download link. If a User chooses to password protect their download link there is no way to access the file unless the appropate password is provided on the appropate download link. All randomly generated passwords are saved in hash format.
Your Acceptance Of These Terms
By using this Site, you signify your acceptance of this policy. If you do not agree to this policy, please do not use our Site. Your continued use of the Site following the posting of changes to this policy will be deemed your acceptance of those changes.
This document was last updated on April 12, 2016