Yes but magical homomorphic encryption aside, the person has conflicting requests at that point. They are asking for an image app that can’t view their images.
That’s not an image app anymore, that’s just encrypted storage.
I think the idea is that the images are decrypted by the client. See how Ente does it: https://ente.com/architecture
Of course - this sacrifice quite a bit of functionality since more or less all functions which require looking at the pixels need to be client-side. But to be fair - the client is part of the "app", so it's not "just" encrypted storage.
They said they only want to control one of the ends
Fair enough, but the Immich provider they link to also uses SSL and claims to encrypt at rest.
It they don’t consider that e2e encrypted, literally nothing is then…
Encryption at rest means they have the key. End to end means they don‘t. Huge difference!
Yes but magical homomorphic encryption aside, the person has conflicting requests at that point. They are asking for an image app that can’t view their images.
That’s not an image app anymore, that’s just encrypted storage.
I think the idea is that the images are decrypted by the client. See how Ente does it: https://ente.com/architecture
Of course - this sacrifice quite a bit of functionality since more or less all functions which require looking at the pixels need to be client-side. But to be fair - the client is part of the "app", so it's not "just" encrypted storage.