well i did mis-speak. however the part that happens on the server is FHE so from privacy POV it is effectively device-only, meaning the servicecannotcompromise your privacy. This is guaranteed by the technical underpinnings of FHE, not a policy decision or corporate controls. The only way this can compromise your privacy is if they are lying about the implementation. it's safe even from bugs, because they are never in possession of privacy-compromising data.
You're literally the first and only person I've seen on this subreddit to make that claim. Nobody else has said this for any other client-side encrypted tool. Not Ente, not Signal, not Proton Drive.
those tools don't use FHE nor do "processing" on the opaque data.
i am not sure exactly what claim you mean, but just a quick look at what i imagine proton drive is: remote storage like mega. maybe it adds "required" client-side encryption. proton can still learn how many files you have, the sizes of each, yes? this metadata could glean something. not much but something.
this is in contrast to how the image matching feature works.
Correct. Their servers don't process your data, so they don't need FHE. Apple does. Which means that calling Apple's data collection "device only" is even more disingenuous than I suggested.
You're proving my point for me; you don't have to keep dying on this very silly hill.
He’s saying your unencrypted data never leaves your device. Just an encrypted version that can be processed snd sent back to you. They can never unencrypt it.
I can plainly see the attempt to bastardize language, I just don't like it. Especially when other things like Ente already perform actual device-only tagging.
22
u/CountGeoffrey 7d ago
there's an anti-Apple narrative that is very strong on /r/privacy