AES-CTR is indeed what's currently being used.
SJCL is definitely an option and we will compare the two to see if there are any large advantages to switching over, thank you for your suggestion.
The reason to why the content isn't being authenticated is due to memory issues in the browser, but we're close to adding a solution for that as well.
Overall the encryption feature is currently in BETA and there will be large amount of improvements before it's finalized.
Thanks for reporting the issue.
The XSS was related to the filenames.
Although most operating systems don't allow users to upload files containing greater-than/less-than symbols, it's possible to add them by tampering the requests and changing the filename.
From there you could change the filename to "<script>alert("xss")</script>" and run an XSS.
This has now been patched by encoding the characters.
Once we're a bit more stable we'll be sure to release a bug bounty program.
Yes, completely positive.
You need to make sure that you're following the 301 redirects as that is not the final file location, hence why the data returned is only 957 bytes.
This was an interesting read and we will do our best to avoid this fate.
Right now we're focusing on patching bugs and providing a stable service, but in the future a premium service will be created which targets heavy users.
PS
You can change the status of the last active host in your list (Minus.com) to shut down as well.
"How can I view my history? I think I've clicked every link available but I can't find this at all."
The button had been hidden for some users due to a bug.
It's been fixed and you will be able to see it after refreshing the page, thanks for pointing it out.
"Same for this. There is no such option to be found."
This feature was disabled shortly after the launch due to a bug. It'll be added again as soon as possible.
These services (Mediafire, Zippyshare, Uppit) are among the best file hosting sites online, but unfortunately they have their issues too.
The problem being that you have to jump between different hosts depending on how large your files are and which features that you want to use (e.g Mediafire for larger files, Zippyshare from public PCs so you don't have to login, MEGA for sensitive files that you want to send securely, Dropbox when you don't want grandma's PC to get infected when you're sending her the videos from Christmas).
The goal is to create one single host that saves you from having to jump from each host and having to maintain dozens of accounts to bypass limits.
There isn't currently an app, but there shouldn't be any disadvantages between using the site.
You can upload as many files as you wish and save them on your phone to play offline (similar to what an app would do in the background) or play them directly from the site.
A few years ago bandwidth and storage was much more expensive than it is today.
Rapidshare was a service that had to swiftly and reluctantly change their business model. They were operating out of large offices with over 60 employees and due to the change they saw a sudden drstic drop in revenue.
Rapidshare's financial information isn't public since it's a private company, but one could argue whether they were actually losing money or not making the profits that they expected at the time of the shutdown.
All requests will be checked and the file will be taken down if the request is valid.