{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreid6yiowht7lgmmhwzxmejb7mpvkane2wuk4rcl7pr4iffhnh7qfk4",
    "uri": "at://did:plc:haakkg7y3xdghcdmprxeexso/app.bsky.feed.post/3mksrk6e2jtf2"
  },
  "path": "/t/internxt-cloud-storage-file-sharing/11990?page=3#post_55",
  "publishedAt": "2026-05-01T18:36:09.000Z",
  "site": "https://discuss.privacyguides.net",
  "textContent": "I read their whitepaper on cloud storage and left with the impression that none of their products have been reviewed by cryptographers. Their extension allows anyone to use their France server without creating accounts to their production APIs. If I was able to generate a PoC that abused their infrastructure to anyone wanting to piggyback in half an hour, I wouldn’t put my data on there.\n\n\n    // ===== TOKEN MANAGEMENT =====\n    // Fetch anonymous token from Internxt VPN API\n    const Zn = async () => {\n      const e = Yn(gt); // https://vpn.internxt.com\n      const { data: t } = await axios.get(`${e}/users/anonymous/token`);\n      return t;\n    };\n\n\n\nand then they go on and have practices like this:\n\n\n    // ===== PROXY AUTHENTICATION INTERCEPTOR =====\n    // Inject credentials into proxy requests\n    chrome.webRequest.onAuthRequired.addListener(\n      function(n) {\n        if (n.isProxy) {\n          return {\n            authCredentials: {\n              username: t.connection ?? \"FR\",\n              password: t.token ?? \"\"\n            }\n          };\n        }\n        return {};\n      },\n      { urls: [\"<all_urls>\"] },\n      [\"blocking\"]\n    );\n",
  "title": "Internxt (Cloud Storage & File Sharing)"
}