I checked it. The image is definitely sent to the server. The OCR does not run on the client side and it’s impossible to know what the server does with the image.
but also this is an online service for something most computers have been able to do locally out of the box for like 15 years, and it hasn’t been updated since 2023. it’s an obvious red flag even without being unsafe.
Actually, “is it encrypted” is just the tip of the iceberg: it’s all too easy to encrypt in a way that does not provide security against the threats the users want to defend. E.g. maybe the answer to this question is “yes” because the connection is over https, yet the server sees and stores the data in the clear
The site doesn’t show a “Source Code” option. Neither I can find it by search. Try by yourself, it’s here
I checked it. The image is definitely sent to the server. The OCR does not run on the client side and it’s impossible to know what the server does with the image.
What does encryption have to do with showing source code?
that doesn’t mean they’re not encrypted.
but also this is an online service for something most computers have been able to do locally out of the box for like 15 years, and it hasn’t been updated since 2023. it’s an obvious red flag even without being unsafe.
Actually, “is it encrypted” is just the tip of the iceberg: it’s all too easy to encrypt in a way that does not provide security against the threats the users want to defend. E.g. maybe the answer to this question is “yes” because the connection is over https, yet the server sees and stores the data in the clear
If you can’t see it, technically this is a Schrödingers cat problem.
The site is both telling the truth and lying at the same time, in a state of superposition.
Only be observing the code would you fall onto one reality.
Although there are people who can observe the code, which differs from the metaphor slightly.
To torture the metaphor further, would you trust Schrödinger to sell you a cat if it might not be alive when you open the box?
I think one should distrust services that claim to be privacy-respecting without wanting to be opensource. Like, what are they hiding?
I understand the ethos here but you have to appreciate the irony in that statement.
Indeed.