this post was submitted on 29 Jun 2026
101 points (96.3% liked)

privacy

10206 readers
3 users here now

Big tech and governments are monitoring and recording your eating activities. c/Privacy provides tips and tricks to protect your privacy against global surveillance.

Partners:

founded 4 years ago
MODERATORS
 

I see random websites that aren't open source saying they are "encrypted, safe", when they obviously aren't! Come on!

you are viewing a single comment's thread
view the rest of the comments
[–] gemakey@lemmy.world 23 points 5 days ago (3 children)

How do you know they aren't?

[–] XLE@piefed.social 26 points 5 days ago (1 children)

Am I in the wrong community here?

Burden of proof is always on the service to demonstrate that they are private.

[–] unexposedhazard@discuss.tchncs.de 23 points 5 days ago* (last edited 5 days ago)

My and i assume any software aware persons general assumption for a computer system is that it is insecure until proven otherwise. But even disregarding the whole open source thing, if they dont make you set your own encryption key, then it most likely wont be securely encrypted or they will just also have the key because they generated it for you in the background.

[–] MeowerMisfit817@lemmy.world 8 points 5 days ago (4 children)

The site doesn't show a "Source Code" option. Neither I can find it by search. Try by yourself, it's here

[–] lime@feddit.nu 8 points 5 days ago (1 children)

that doesn't mean they're not encrypted.

but also this is an online service for something most computers have been able to do locally out of the box for like 15 years, and it hasn't been updated since 2023. it's an obvious red flag even without being unsafe.

[–] monnier@lemmy.ca 2 points 1 day ago

Actually, "is it encrypted" is just the tip of the iceberg: it's all too easy to encrypt in a way that does not provide security against the threats the users want to defend. E.g. maybe the answer to this question is "yes" because the connection is over https, yet the server sees and stores the data in the clear

[–] bl4ckp1xx13@lemmy.dbzer0.com 8 points 5 days ago (2 children)

If you can't see it, technically this is a Schrödingers cat problem.

The site is both telling the truth and lying at the same time, in a state of superposition.

Only be observing the code would you fall onto one reality.

Although there are people who can observe the code, which differs from the metaphor slightly.

[–] MeowerMisfit817@lemmy.world 6 points 5 days ago (1 children)

I think one should distrust services that claim to be privacy-respecting without wanting to be opensource. Like, what are they hiding?

[–] iamthetot@piefed.ca 3 points 5 days ago (1 children)

I understand the ethos here but you have to appreciate the irony in that statement.

[–] luciferofastora@feddit.org 2 points 5 days ago* (last edited 5 days ago)

To torture the metaphor further, would you trust Schrödinger to sell you a cat if it might not be alive when you open the box?

[–] lIlIlIlIlIlIl@lemmy.world 7 points 5 days ago

What does encryption have to do with showing source code?

[–] x00z@lemmy.world 2 points 5 days ago* (last edited 5 days ago)

I checked it. The image is definitely sent to the server. The OCR does not run on the client side and it's impossible to know what the server does with the image.