logoalt Hacker News

koiueotoday at 5:15 PM1 replyview on HN

What I don't get about Ente is their E2E promise.

When you share albums with someone else, the key is passed in the URL. Nothing prevents Ente from grabbing the key and decrypting all the data at this point.

So it's basically "E2E, trust me bro".

Or am I missing something?


Replies

vishnukvmdtoday at 5:21 PM

The key is passed in the URL fragment. URL fragments do not leave your browser.

Implementation details here: https://ente.com/blog/building-shareable-links/