Where do you want the encryption? Data at rest? Or data in transit?
Also, you have to host your own server. Would you not have trust on your own server ?
I want all data to be encrypted before it even reaches the server. Yes, I don’t want to trust the server for my image backups :), particularly since I would want to use something like Immich to provide photo backups for friends and family and I don’t even want to technically have access to their unencrypted photos unless they explicitly share them. I kind of want the attack surface for my photos to be as small as practical too. It’s almost certainly worse to have them available on my device unencrypted than a dedicated server, but it’s worse to have them unencrypted on both (and I want photos available on device so, thems the breaks).
I get that a lot of people won’t care about this and that they’d rather be able to run the image recognition features of Immich on the server and stuff, but I don’t think it’s entirely unreasonable to want encryption for this. If nothing else I’d love to be able to back up photos for friends and family and legitimately be able to tell them that it’s encrypted and I can’t see any of it. It’d be even sweeter if they could do image recognition on device and sync that metadata (encrypted) to the server as well.
Chobbes@lemmy.world 10 months ago
I’m kind of disappointed by the lack of encryption. It sounds great, but I don’t want to trust the server.
WhyAUsername_1@lemmy.world 10 months ago
Where do you want the encryption? Data at rest? Or data in transit? Also, you have to host your own server. Would you not have trust on your own server ?
Chobbes@lemmy.world 10 months ago
I want all data to be encrypted before it even reaches the server. Yes, I don’t want to trust the server for my image backups :), particularly since I would want to use something like Immich to provide photo backups for friends and family and I don’t even want to technically have access to their unencrypted photos unless they explicitly share them. I kind of want the attack surface for my photos to be as small as practical too. It’s almost certainly worse to have them available on my device unencrypted than a dedicated server, but it’s worse to have them unencrypted on both (and I want photos available on device so, thems the breaks).
I get that a lot of people won’t care about this and that they’d rather be able to run the image recognition features of Immich on the server and stuff, but I don’t think it’s entirely unreasonable to want encryption for this. If nothing else I’d love to be able to back up photos for friends and family and legitimately be able to tell them that it’s encrypted and I can’t see any of it. It’d be even sweeter if they could do image recognition on device and sync that metadata (encrypted) to the server as well.
WhyAUsername_1@lemmy.world 10 months ago
Oh I get your point. Coming from family and friends POV, I agree that the server administrator should not be able to open the photos.
jrubal1462@mander.xyz 10 months ago
I mean, you could still tell them their photos are encrypted 😉😉
(JK I wouldn’t)