I just closed my Instagram account and was about to start uploading my photos to a private account on Pixelfed.
I was just wandering if the images I upload are stored encrypted or if everything is stored as is on the server.
I couldn’t see any mention of it, so I assume an instance owner could just go through everyone’s photos on the server even if they’re marked as private.
I tried looking through the source code to see if I could answer the question myself, but nothing is jumping out at me.
So hopefully someone with more knowledge than me can answer this question for me, thanks!
That can be done transparently, just by using a key with no password (or using your account password for the key, so that when you log in it decrypts, and keeps the session open on your device).
The bigger problem is key management. You can’t allow the server to know your private key else the admin could steal it. So it has to stay on your device, and if you lose your device or accidentally delete the key, your account is gone.
deleted by creator