Ask HN: Would you pay for a fully encrypted Google Photos alternative?

12 points by applgo443 ↗ HN
Would you pay for a fully encrypted google photos alternative?

1. You could unlock it with your regular web2 way (Gmail, email-password, etc) or use your crypto wallet (==> complete privacy).

2. Photos would be encrypted and then distributed over IPFS --> No one except you can ever recover them

3. There'd be on-device ML features so that you could still get the useful features - search by person's face, search for a picture of church, etc.

What would tip you to leave Google Photos in favor of such a product?

43 comments

[ 6.0 ms ] story [ 121 ms ] thread
The main thing about Google Photos is they won't lose my photos. How do I know you won't lose my photos?
Two things:

Google Photos/Drive has lost my photos before: https://twitter.com/hammyhavoc/status/1462734780143968257

This uses IPFS. "They", the people asking the question, don't "have" your photos. Did you read the description in the original post?

I don't want to use either for my photo library versus my own server and backup solutions. Go figure.

For your photos to be always available from anywhere an ipfs pinning service would need to be used. Either one provided as part of the service (in which case "They" would have your photos) or others the service integrates with. In either case you are depending upon specific ipfs nodes for the permanence of your photos. Something happens to those nodes and it could be goodbye photos.
Yes. IPFS would be cool but maybe some other pluggable datastore. You thinking a desktop app or mobile?

Somewhat related: is there a photo album app that supports region annotations in some non propriatary way?

No. I would rather support an open source project and actually have the data myself on a server that I control.
How do you have your own server?

Also, I don't think people usually want to host their own servers.

The popularity of projects like Unraid, and plenty of similar open source ones makes this comment look silly.

There are countless people running Nextcloud and/or SyncThing on Pi and NAS too. Hell, that there are so many consumer NAS brands tells me that people want to run their own servers.

Plex, anybody?

While there are lots of people that like to selfhost (including myself), the majority of users don't want to. Look at all major services from Google Drive to iCloud to Dropbox. Depending on what it is, I'd even rather pay for a hosted version than deal with it myself. I do this with Bitwarden. I don't want the headache of all the potential that could go wrong when I can just pay $10 a year for a fantastic password manager.
I like ideas such as this however for important personal data how can I trust IPFS? How do I know that the encryption used won’t be cracked?

Also when you store it fully encrypted how can I trust that that is the case, all I see (I assume) is my data once I provide the correct password.

Yeah, fair enough. I can't build it opensource as it's super difficult to run companies that way. And closed source product promising full encryption can do nothing but asking users to 'trust'
No.

I already paid for the hardware to run nextcloud at home.

I don't need anything else.

I like where you're going with this, and I was amazed to hear how inexpensive IPFS storage could be (or other distributed storage) could be.

I've been looking at storing users GPS data, but more than just encrypted for privacy, I think it is important to think about how you give other apps access to the data.

The approach I'm researching is how to manage an access control list for such an environment.

I'd think it would be the same for photos. I want my photos stored somewhere, and possibly with other people and apps. So picture the next Instagram, but rather than Insta storing the photos, they have access to my photos, when the next app comes along, I don't "re-upload" or start fresh, I give them access to my library (or portion of my library, but that's probably a later step).

Any thoughts on that?

I think DeSo tries to do some of the stuff you mention.

However, this is massively tricky. How can you say that the next Instagram still uses square pictures, has the concept of likes, etc.

Though decentralized social networks provide portability, using it in reality is very difficult.

But the photos aren't square when you upload them to Insta, right? I don't use Insta, so have no idea.

Most social networks are fairly consistent on "likes", but then you've got things like linkedin that have different "emotions".

This is one reason why I think GPS data is a good trial area for this. A fairly standard format, and most of the value add comes from the app you are using it with.

I'd not heard of DeSo before. Thanks for giving that reference.

Honestly, I would absolutely not give money or my data to anyone who mentions signing in with with crypto wallet (?) being completely private compared to "regular web2".
Why? Why don't you like it?

Did you look at products like skiff? - https://www.skiff.org

I have absolutely no idea how that link relates. End to end encryption is good, "signing in with crypto wallet" means the author has no idea what they're talking about and are just throwing around buzzwords.
Lot of companies these days let you sign in with a crypto wallet instead of using a id-password.

I'm curious - what's throwing you off here?

A wallet is not a form of identification. I feel like I'm having a stroke reading this because it makes no sense.
I do not understand what their product is about. Just a Google docs alternative but wItH cRyPtO?
They don't have any crypto in it.

It's a fully encrypted (E2E) google docs alternative. Privacy is their feature.

No, I'd rather use my own machines, and anyway I don't have the network bandwidth to upload photos.
Do you use google photos already? Or any other photo backup service?
No I don't feel like I need one. I have some photos on personal web pages and a bunch of others in regular directories and I use gthumb sometimes for local viewing. I just don't understand the need for a separate hosted service for every type of file. Photos are files so photo backup is a subset of file backup as far as I can tell. Or do I need separate hosted services for backing up pdfs, C code, Python code, etc.? I'm satisfied with using rsync for everything.
Probably not, no.

I’d have to see the implementation, the privacy policy, and the exportability of my photos and metadata before I’d even consider it.

Nope, not interested in paying for photo storage, although I do use it currently because it’s free and convenient.

Would rather just operate in Web 1.0 and download to my computer every few months.

(comment deleted)
Sounds like a pain. No.
The interface would be as simple as using google photos on your phone.
How are you going to manage problematic content such as child pornography and deliberate copyright infringement?

If you can't do that, then effort and money put into moving my content there would just be wasted because the hard problems of managing problematic content is why there are not a bunch of services like the one you are proposing. The hard problems aren't technical, they are the economic incentives of bad actors.

Good luck.

Is it something the data storing company has to take care of? What if people transfer such stuff on signal? How would it work? Any idea?
It's your business idea, so go figure it out yourself, imho.
Lol. Part of figuring out is asking people smarter than me :)
No, Google Photos works well enough for me, is on every device I need, and "just works." Plus, it's free.
It's not free and it's google
It's free monetarily to me, which is what I care about. I use lots of things by Google like Gmail, Maps, Android etc that it is immaterial to me that Photos is also made by Google.
Honestly, no, I just sync my files with syncthing and don't care much for nostalgia.

Don't let that stop you though, I'm probably not your target market.