Ente Cloud Storage (Photos + Locker) vs. Filen: Which Offers More Privacy?

I’m considering taking a paid plan for cloud storage to keep a copy of all my data (photos, videos, and documents) on cloud. This Black Friday, I want to buy a lifetime plan for Filen, or even an annual plan would be better.

During a discussion, my friends mentioned that Ente uses stronger encryption than any zero-knowledge encrypted cloud storage like Filen. They showed me some screenshots from AI chats claiming that Ente employs stronger encryption. Moreover, they mentioned that Ente has been audited multiple times, making it far better than Filen at least in terms of privacy.

These conversations have made me rethink my choice. I don’t want to use dedicated encryption software this time, so I decided to go with any client-side encrypted (basically zero-knowledge encrypted) options such as Filen or Tresorit or Proton Drive.

Mostly, my data consists of photos, videos, and some important documents. The Ente Locker app has been released on the Play Store as early access, so I have two options: either go with Ente Photos and Ente Locker together or go with a dedicated client-side encrypted cloud storage.

My main priority is privacy; price is not a consideration factor here. So, what should I choose for better privacy?

Commonly Suggested Solutions and My Reasons for Not Using Them

• Why not self-hosting? I don’t feel too comfortable with self-hosting, so even if I choose Ente, I’ll never self-host it.

• Why not a physical storage without any online dependency? I already maintain a copy of my entire data on an external HDD. However, due to the need to access it from anywhere without carrying an external device, I’m planning to use a cloud-based service this time.

Sorry, I don’t understand. What happened?

An unsubstantiated claim by an LLM.

I also thought that an encrypted cloud storage service can’t provide weaker privacy than a service like Ente Photos, even if the latter has undergone audits.

Either both are equal in privacy, or cloud storage options are more private. Still, I have some doubts in my mind, which is why I made this post.

We have recommendations

I’ve seen that. I couldn’t go with these options because:

• Proton Drive falls under the Proton ecosystem, and I don’t want to use multiple products from one provider. I rely heavily on ProtonMail, so I didn’t choose it.

• Tresorit is owned by Swiss Post, and the situation in Switzerland is not very stable; that’s why Proton is already planning to shift from there.

• Due to its less popularity, I don’t want to use Peergos. I’m already trying the Psono password manager based on PG’s recommendation, and it feels like I’m using an app from 2015 or earlier, so I don’t want to feel the same here.

According to the team, Filen is not on their recommendation list because they still haven’t undergone a third-party audit. I’m quite hopeful that they will do it soon, so I’m choosing it.

Of course, no two e2ee protocols / features / apps are created equal. There will be differences, sometimes subtle even (as it is with all cryptography, whose guarantees are broken even due to the slightest misuse). You’d have an easier time if someone (preferably multiple independent experts) had already put in the effort to compare / review the two.

For now, in the matters of e2ee, it might be a bit too premature to rely on a LLM (like Devin or Copilot) for crypto-analysis of the codebases (unless you know how to prompt and what to look for), though it is definitely worth a try, and you may use it as a hint and then you draft questions to the app developers (I imagine they’ll otherwise get annoyed if the questionnaire was itself authored by a LLM).

That said, since Ente Locker is not meant to be a generic Drive (they’re giving it away for free for whoever is on Photos paid plan), I’d not use it as such: Ente Locker - New app from Ente - #19 by vishnukvmd

Additionally, specifically since you’re worried about privacy, you may want to consult the respective privacy policies (ente) and ToS (ente).

The best bet of course is to self-host a solution yourself (possible with Ente, and I believe they have plans to make self-hosting “1-click”), but that brings with it its own effort & head-aches.

They plan to conduct a security audit after they finish rewriting their applications and integrating Rust.

Tresorit is owned by Swiss Post, and the situation in Switzerland is not very stable; that’s why Proton is already planning to shift from there.

I’d personally argue that for you as a customer this is less of a concern in the short or medium term as Switzerland is a notoriously slow country and such changes would not be likely to come into effect sooner than 5-10 years.

And those 5-10 years are a long time in the tech world. Who knows what would happen in the meantime.

Proton of course has to plan more into the future being a business but you also never know what the EU is going to do especially looking at Chatcontrol.

It has been about two years now that Filen has been saying it will conduct a security audit, and so far nothing has happened. I am well aware that such processes are costly and time-consuming, but I have been placing less and less trust in their word.

In the past, the general tendency toward lifetime subscriptions on this forum have not been positive.I also think Jonah specifically said to avoid the Filen lifetime plan, but I’m not 100% sure I remember correctly.

What about instead using something like Hetzner’s Storage Box and restic to have an external backup that is also encrypted locally so you don’t have to trust the hosting provider?

Filen sucks ass, especially their new mobile app, sure, its cheap (100GB for 50$ until the end of your life is a really good deal), but for everyday use and photo-syncing it falls behind Ente.

Thanks for clarifying these in such an easy way.

I understand that all of these services are different from each other and shouldn’t be compared, at least from a privacy perspective. However, since I’m going to take a subscription, I want to ensure I don’t regret not choosing the one with better privacy later on.

For now, in the matters of e2ee, it might be a bit too premature to rely on a LLM (like Devin or Copilot) for crypto-analysis of the codebases (unless you know how to prompt and what to look for), though it is definitely worth a try, and you may use it as a hint and then you draft questions to the app developers (I imagine they’ll otherwise get annoyed if the questionnaire was itself authored by a LLM).

Have you mentioned this for Ente? I heard they use a local AI in their Photos app for face recognition.

I still haven’t had a chance to try out Ente Locker, but I heard it’s made for storing documents only. Since I’m planning to take a paid plan for any encrypted cloud storage, I thought, why not Ente? Ente Photos has better photo management, and documents can be saved in Ente Locker, so together, these two services work nearly like a cloud storage solution.

It might sound weird, but I’ve never read the privacy policies and TOS of any privacy-focused service. If multiple users recommend it and I see a sustainable future in them, I trust the services. I’m extremely sorry for that.

Again, that could be the best bet, but unfortunately, I don’t feel too comfortable hosting my own server. I have used NAS before, and I believe remote access is the most risky option if there’s a lack of proper knowledge, so I avoid self-hosting (although there are other minor reasons too).

At last, I want your suggestion: if you were me and had to choose a paid option between Ente Photos + Ente Locker and any client-side or zero-knowledge encrypted cloud storage, what would you choose if your main priority were privacy?

But Filen can also be used to upload any type of file. Moreover, it works on any platform. I use it on iPad, Ubuntu, Windows, Mac, and Android.

It is much smoother than Proton Drive, rarely gives errors, and syncs very quickly.

I can understand this one, it’s fair.

The same could be told about any service tbh. If tomorrow, you use a product but the country they are based in becomes hostile to people liking their privacy, will you move away from them? Alright, at some point you’ll be out of either countries or services that are good/reliable.

I think that saying no to a product because of it’s UI is being maybe “picky”?
I do understand that you want the best but:

• small company that is not Proton/other well-known
• accessible in terms of price
• good looking UI + usable UX
• not in a politically volatile country
• not willing to self-host

that’s a lot of filters that definitely limit your possibilities.
And I think that giving a pass to a half-decent UI is the least worst in this scenario.

You could always buy an off the shelf NAS, like Synology maybe?
That way, no need to “self-host” from A to Z, just plug and play yet would check most of the boxes^[1]?

EDIT: also, the title says “Which offers more privacy?”
I do think that a trustworthy and reliable company that is in the business for years is also a more stable decision as a whole.

The hottest and latest kid in town is maybe not the one you want to bet on with your data, especially when it comes down to commiting to something long term.
What will you do if Filen bankrupts or the sorts? Will you be fine migrating over to somebody else? Also, who will it be then?

Sometimes, boring is the safest/best when it comes down to this topic.
A fair comparison would be: choosing your first car for the next 10 years. Do you trust Wolkswagen or [insert fancy brand new EV company] for your next purchase?

1. even if loosing quite a lot of control, no FOSS and relying on a company but it’s maybe safer/better? ↩︎

Yes, you are absolutely right. The ongoing revolution regarding privacy can’t guarantee anything for the future.

However, that’s not the only reason I avoid Tresorit. I admit that it’s a highly sustained service that has survived for 14 years, but I don’t like government involvement in any privacy service. While Switzerland might be known for its strong laws and regulations regarding user privacy, I still don’t trust any government enough to feel comfortable using a service owned by government entities.

Lifetime plans are never good for sustainability. Still, I need to consider my budget alongside better privacy, so I’m looking at those lifetime deals. The Black Friday sale for Filen has started, but the lifetime plans don’t have attractive discounts. I may opt for annual plans if I decide to proceed.

Thanks for your suggestion. Hetzner’s Storage Box is an S3 storage provider, I believe. S3 storages are not mainstream till now, so I don’t want to take risk of my data for it.

Yes, I’ve heard that from many users. There is an ongoing issue regarding background uploads, though personally, I haven’t encountered it yet. Perhaps I’ve tested it with a smaller amount of data, so there hasn’t been a need for background uploads.

My data consists only of photos, videos, and some important documents. I know we can store any type of data on cloud storage, but I wouldn’t upload any other types of files there. That’s why this privacy question has arisen in my mind.

I can manage my data with either Ente Photos + Ente Locker (with paid plans) or any client-side encrypted cloud storage. Since I always prioritize privacy and don’t have enough knowledge, I asked here.

There are very few options for zero-knowledge encrypted cloud storage, and among them, I feel Filen, Proton Drive, and Sync are the most recommended services. I initially thought to go with Proton Drive, but I found ProtonMail to be very handy for managing my mailboxes. Since I don’t want to keep my data and emails with a single provider, I didn’t choose it.