Hello I am trying to use filen.io to sync photos. It is zero knowledge storage as I know. But why is it not recommended by privacyguides? Does it have weak security even it is zero knowledge? Or just because the server is located in Germany rather than Switzerland?
Is there any reasons for me to avoid filen.io?
Hey, there’s actually quite a bit of discussion after searching the forums.
Regarding this link, https://github.com/privacyguides/privacyguides.org/pull/345
it seems they are not competent enough in security. Although I’d like to find an alternative to Google Photo, this may not be a good choice.
BTW, just because it’s not mentioned doesn’t necessarily mean it’s not recommended.
So the reason why filen.io is not recommended by PG is because filen’s encryption doesn’t use strong encrypting algorithms enough? Is it not secure enough like MEGA?
Filen is open source now right?
I considered using ente.io but It doesn’t offers storage larger than 2TB.
And also there is lifetime license in filen.io. So If filen’s encryption is strong enough, I think filen would be the better choice.
Also with filen we could sync other files too not only photo.
Always remember, its not your lifetime, its filen’s business model lifetime. They could either go bankrupt, just not honor it, or forcibly switch you to a recurring payment in the future. This applies to all lifetime guarantee.
Thank you. I know that about lifetime account. I just want to know expert’s opinion if filen is safe enough to use so I can use it. Because it sounds great for me.
I’m not really sure but every time Filen gets mentioned this article pops up. But it’s from 2021, maybe things changed over time?
I agree. in that article Filen is mentioned not open source. But it is open source.
Is it just me or filen’s new notes look like copy and paste from standard notes
A product founded after 2020 that claims to be secure but once used RSA encryption is a red flag to me.
The linked GitHub discussion thread provides additional concerns and sources. This makes it unlikely that I would choose this product first.
Regardless of whether I end up using it based on my own security policies, it is still important to be aware of the software’s past problems because they reflect the developers’ understanding of security.
my thoughts exactly, as a standard notes user, after trying it out yesterday. I dont have much doubt that they lifted it from standard notes. Its basically the paid version of standard notes for free. And also, the chat function seems to resemble the one in mega though Ive never used it so I might be wrong on that one
Than what is your recommendation?
To be honest, everyone has to build their own threat model.
For me, the most important photos are backed up with Kopia using the 3-2-1 method. I regularly transfer important photos to the backup.
For photos that I need to access at any time, I haven’t seen a solution that meets my needs. Since the amount is not large, I currently store them on my phone, which does not take up too much space.
I don’t think the current method is really good, but it’s what we’re doing for now.
Proton is currently working on a photo application that could be a good option.
That’s not a problem as long as they don’t violate any license. It seems that both Standard Notes and Filen.io are AGPL3.0-licensed, so it’s fine.
sure, it should be just fine from a legal perspective. But I have to wonder if the recent Standard Notes drama, where it was going to turn proprietary, is not related, given the timing that the fact that their concern was that someone could just rebrand and redistribute their product.
That is only used for the signed cert, which is rotated anyway every 3 months. It does not use “RSA” encryption.
Further everything on this site is actually public, which is not the case for files stored in Filen, so your argument is irrelevant.
Ente does offer more storage if you need. You can contact them to get more storage. @vishnukvmd correct me if I am wrong.
