I wanted a dead-simple way to share text, links, or code without creating accounts or dealing with messy UIs. So I built Zync(https://zyncshare.vercel.app/) — paste, share, done.
- Share plain text, links, or code instantly
- Replies work without login
- Everything auto-expires in minutes or hours
- No tracking, no ads, no clutter.
Would love to hear what you think. Is it something you’d actually use?
What’s the privacy policy of your website? How do you plan to prevent abuse of your service?
Thanks for the insight! This is just a MVP that I buit and posted online for reviews to know if this is worth expanding more. As the other commenters have said I was planning to do either a simple CAPTCHA or optional PIN protection — whichever feels smoother for users. Zync was meant to be a frictionless sharing tool, but I definitely want to strike the right balance between ease of use and basic protection.
Might be a good use case for Anubis, in addition to the URLParam passwords mentioned elsewhere. Enough protection to prevent trivial brute force scraping, while also being basically invisible to users.
So what you’re basically saying is to add a secret key to the shared link itself, so the user doesn’t have to do anything extra, but their privacy is protected behind the scenes. I looked into it and just added a 6-character access key for every Zync(shared link), plus basic rate limiting to stop mass scraping. It’s invisible to users but blocks most common abuse. Will keep improving it based on all your feedback appreciate it a lot!
It says that once the content is accessed, it vanishes. So, you can have a max 2 day expiration length, but as soon as someone follows the link, it’s gone? It’s not a bad idea, but it is prone to abuse. I could write a scraper app that would give me all of the active URLs and in doing so would delete any message attached to them. I personally wouldn’t, because it doesn’t serve much purpose, but if there were a malicious agent, it wouldn’t take much to wreak havoc. It wouldn’t even be a DDOS level attack, just a simple scraper using minimal resources.
Truly, though, I do like it. I just think that the automatic removal might be a risky feature.
Thanks for your detailed feedback! the current logic (auto-expiry after first view or a max of 2 days) is meant for simplicity and privacy. I posted an MVP to understand if this is worth it to continue building but seeing all the comments here it seems the major issue next is security. As the others mentioned I was planning to do either a simple CAPTCHA or optional PIN protection — whichever feels smoother for users. Appreciate you taking the time to explain the risk — that really helps me plan the next steps better!
