I recently forgot the lockscreen pin to my old iPhone and tried tried to unlock it. However, I had forgotten that I had setup the 10-wrong-entries-and-self-destruct feature and so I lost all of my data. Nothing was ever backed up to iCloud as I don't pay for that feature.
With my new phone the easy way would have been to pay for iCloud but I use an app called PhotoSync[0]. When I put my phone to charge, the app will sync all of my photos to my local NAS over SMB. Sure they aren't encrypted but they are hosted locally.
I use PhotoSync on all my devices and all my family members' devices. I've bought it about 10 times and I'm pretty happy with how it works. There are 2 big features:
1. It syncs to my Nextcloud server which I control. No one can take it away from me.
2. It's not subscription based, so buying it for my parents, siblings, etc. is practical since I'm not saddling them with a subscription they don't want or need.
I think a PhotoSync competitor that's more opinionated (ex: Nextcloud only) with a simpler UI could do well. This Photo Vault app isn't it, at least not for me. I'm not going to pay forever (via subscription) to get less control of my data. No thanks.
I've spent hundreds of dollars buying apps for family members, but I won't spend a penny on anything subscription based. For example, I used to buy Enpass for everyone I know. Then they switched to a subscription model and have gotten $0 from me since.
> For example, I used to buy Enpass for everyone I know. Then they switched to a subscription model and have gotten $0 from me since.
Enpass has a one-time Personal lifetime license for ~$70, see https://www.enpass.io/pricing/. This is not subscription based, please explain why you don’t like it?
I don't think it's a $70 product. They increased the price by 10x when they switched to subscriptions and I think the product is actually getting worse. I've had problems with bugs that have been present for years and now that it has a subscription option they need to justify the ongoing cost and that gets done by adding features that I don't need or care about.
I have several pieces of software that are the same. As soon as there's a subscription model introduced the software turns into bloated trash even for the lifetime licenses.
Apple really needs to add SMB support to photos app. Apps like photosync run up against the 3 minute background process limitation in iOS[0].
[0]:
> Another common problem may be the fact that an autotransfer is not completing. This has to do with the 3 minute background operation restriction in iOS. PhotoSync can only run - and transfer - in the background for 3 minutes. If the app is still transferring while it is in the background, it sends you a push notification 30 seconds before the background operation time runs out. If you tap on this notification, you bring PhotoSync back to the foreground and it can continue the transfer process. You can even send it to the background again to get another 3 minutes of background operation time.
I'm sure you'll get customers, but I just don't understand people that go for things like this.
So I'm afraid of Apple scanning, and uploading unencrypted files I create on a closed-source (unable to verify anything) OS to a closed-source service I subscribe to. And my solution is to subscribe to a secondary closed-source service to mask my photos from the first service.
I'm sure people will rationalize this behavior, but it's just insanity to me.
Not everyone who wants to store / backup their media has the experience, time, or ambition to host their own stack. For these people some other service with a better TOS and privacy policy might be the best option they have. Even those that do have the experience might consider it not worth their time.
I liken it to Email. I have the experience to host my own email stack. But I've determined it's not worth the time investment when I can pay someone a few bucks a month to handle it.
You're viewing this app from within the HN bubble. People who use this aren't concerned about Apple's CSAM scanning (no one even knows what that is), but are probably more concerned with not having risky/risqué photos in the Photos app or on iCloud.
EDIT: The app I linked is moving from a "purchase Pro" to a "subscribe to Premium" model, so it may not be a clear winner for new users over your offering.
Thank you for your feedback, first of all, I want to mention that our app is ranking lower and have fewer reviews because we are new on the market. Our strengths are that we use true encryption, all the photos and videos saved in our app are really encrypted with the key derivated from your password. We also focus on details, we have developed our product to maximize the best user experience. I think our mass import, is beyond any competitor on the App Store. I want to mention again we don't put a pin to your photos, we encrypt every file.
You can be sure that we are focused on values and not on maximizing profit. We decide to go with a subscription model because it helps us to continue working and improving our product. It's not a project that we developed and leave there in App Store.
Hey HN community, I want to introduce to you Photo Vault, we made our project with just 1 thing in mind:
To protect your private Photos and Videos .
All your data from Photo Vault is always end-to-end encrypted and your media files are never shared with anyone, even with us.
As you know many services are trying to add the possibility to scan our private videos and photos, sooner or later, it will be a reality. We think now more than ever, is very important to keep our photos and videos in a safe place.
Features in 1.5.0.
- Support for video files.
- iPad support.
- Possibility to move media files from one album to another.
- Possibility to import photos and videos in bulk.
Our To-Do list is full of amazing cool features that we plan to add in the near future, and we'd love to hear your feedback and ideas of how we can improve our project.
Looks like an interesting project! But I feel like you are asking your users to put a lot of confidence in you to take everything you’re saying for granted. I’m not implying bad faith here, but privacy conscious people typically like to see a bit more detail and evidence of security, rather than general claims/statements.
For example, some things I’m wondering about and would like to know before considering giving the app a try:
* how exactly are you handling encryption? How do you avoid leakage of encryption keys/pass phrases through iOS device backups or other cases where your iOS account could be compromised?
* what does “end to end encryption” mean in this case? There is no sharing feature as far as I can tell, so it’s not about e2e encrypted communications. I assume in this case e2e means continuous encryption at all times (on device and remote) except when the user actually uses the app.
* how do you handle metadata? What’s the trade-off between ease of use (quickly finding photos or scrolling through my full photo collection) and encryption/security?
* how credible is a business model of €5/year/user for something that seems to require quite a bit of work to keep secure? Even if there’s no storage/server cost because you use iCloud storage, there’s still a substantial developer cost to have feature parity with similar photo storage apps and keep up with ever-changing App Store requirements and security developments.
Hope this helps to find out what your (potential) users care about and whether you could improve communication/marketing on those points :-)
Thank you for your feedback and for your detailed and interesting questions.
How exactly are you handling encryption?
We don't require an account, your encryption keys are derivated from your password and nevers leave your device, also we have zero knowledge about user password. If the user will forget his password, we won't be able to restore/recover his access, this is one of the side effects of our security model. I want to add that we plan to open-source our encryption key management.
What does “end to end encryption” mean in this case?
You absolutely right, in our case e2e means continuous encryption at all times. If you will back up your data on your iCloud your files will always be encrypted, in other words, your photos and videos are always encrypted except when you are using the app. In fact, even when you are using the app, will be decrypted only the requested file, and just some metadata like thumbnails are fully decrypted.
How do you handle metadata?
We only use the minimum necessary metadata, to ensure the best user experience. For example, when users add photos or videos we generate internally a thumbnail that is smaller and faster to decrypt.
How credible is a business model of €5/year/user for something that seems to require quite a bit of work to keep secure?
We are new in the market, and we need to compete with other big players that have more reviews and users. This is a great opportunity to subscribe
I hope I have answered all your questions if you have any other just let me know, I will be happy to answer them.
Encryption keys never leave your device, they are derivated from your password. When you use Touch/Face ID, your encryption key is stored in the Secure Enclave. In general, we use the same method/model as FileVault2.
Thank you for your feedback, first of all, I want to mention that our app is ranking lower and have fewer reviews because we are new on the market. Our strengths are that we use true encryption, all the photos and videos saved in our app are really encrypted with the key derivated from your password. We also focus on details, we have developed our product to maximize the best user experience. I think our mass import, is beyond any competitor on the App Store. I want to mention again we don't put a pin to your photos, we encrypt every file.
You can be sure that we are focused on values and not on maximizing profit. We decide to go with a subscription model because it helps us to continue working and improving our product. It's not a project that we developed and leave there in App Store.
With my new phone the easy way would have been to pay for iCloud but I use an app called PhotoSync[0]. When I put my phone to charge, the app will sync all of my photos to my local NAS over SMB. Sure they aren't encrypted but they are hosted locally.
[0]: https://www.photosync-app.com