Stingle is an open supply privacy-driven picture backup software
Enlarge / Despite the encryption, Stingle Photos is a decidedly minimalist app that comes closer to the simple feel of an analog album than most of its competitors.
After Google Photos ended its unlimited photo backup policy last November, the photo backup and sync application market opened up significantly. We reviewed a strong competitor – Amazon Photos – in January, and freelancer Alex Kretzschmar took us through several self-hosted alternatives in June.
Today we’re looking at a new competitor – Stingle Photos – that makes up the difference by offering a FOSS mobile application that syncs to a managed cloud.
Trust no one
Encryption is arguably the most important function of Stingle Photos. Although the app uploads your photos to Stingle’s cloud service, the operators of the service cannot view your photos. That’s because the app running on your phone or tablet securely encrypts it using sodium cryptography.
Because the photos are encrypted before you leave your phone – with a key that is never available to the Stingle operators – you are protected from attackers who receive a photo dump from the Stingle cloud. You’re also sure of Stingle’s own operators drawing a LOVEINT on you or being socialized by someone with a believable voice asking to get your photos back.
Since Stingle can’t do anything useful with the encrypted cloud backups of your photos, you don’t have to worry about strange things happening when your photos are submitted to machine learning algorithms – it’s just junk, to anyone without their private key .
Stingle has gone to great lengths to make the functionality as clear as possible for security and privacy-conscious users. The company has published a detailed white paper that describes its security practices and provides a great overview of how the service works. And for the really paranoid, access to the application’s source code bridges the gap.
In particular, having access to the source code helps fill in potential loopholes in what Stingle can and cannot do with your photos. Since the cloud storage is practically useless to anyone but the user, the mobile app itself remains the only place to get to any harassment before the photos are encrypted and sent to the cloud (or after they have been downloaded and decrypted). .
We haven’t tried anything like a full code audit of the Stingle Photos app, but we’ve gone through the code far enough to get a good idea of what it does and how. No obvious pitfalls arose with us.
By default, Stingle Photos uploads a backup of the user’s private key to the Stingle cloud (which is redundantly hosted at Digital Ocean and uses redundant Wasabi buckets). This allows the app to work on a new device without the user having to manually and laboriously back up and restore the private key.
Smart users’ eyebrows are probably skyrocketing – if Stingle has my private key, how do I know the company isn’t using it? The answer is that the key is also encrypted before it is bundled and sent to the cloud for backup.
This is a very simplified overview of how the method works:
- The user creates a new Stingle account and provides a password or passphrase
- Stingle Photos has the password or passphrase locally and uploads the hash to the backend
- Stingle Photos generates public and private keys that are derived from the user’s password
- Stingle Photos bundles the pubkey and the privkey and then encrypts the bundle with the user’s full password or passphrase
- Stingle Photos uploads the encrypted key package to the cloud for backup
We leave a lot of the hairy details like specific algorithms, salts, etc.
The key here is that Stingle never has access to the user’s real password or passphrase – just a hash of it. Since the user authenticates himself with the hash, but needs the complete password – not just his hash – to decrypt the keyring, the keyring can therefore be securely stored remotely.
If the user does not want to secure the key package, he has to secure his own private key instead – which Stingle supplies in the form of a 24-word passphrase in the Diceware style. After installing the Stingle app on a second device, the user would then have to manually import the “backup phrase” – which is actually their private key – onto the second device.
On the other hand, if the user allows Stingle Photos to secure the key package, they only need their password to access photos on a second device. After logging in, the second device downloads the encrypted key package, decrypts it with the user’s full password or passphrase (which never leaves the device) and everything is ready to use immediately.
Stingle Photos also supports optional biometric authentication. If you want to access your backed up photos and videos without having to enter a passphrase every time, you can enroll your fingerprint and unlock the app faster.
Features and Platforms
Browsing the Stingle Photos gallery is quick and easy – even if you have to manually organize your photos; Everything Stingle does automatically is sorted by date.
The first login page of Stingle Photos concisely conveys your raison d’être – no one but you can see your photos.
Stingle Photos can automatically import photos from specified folders, or you can turn off automatic import and run it manually.
Storage plans are selected in the app itself. The first 1GiB is free – enough to give you a taste of whether the app will work for you.
If you want encrypted local storage with no cloud backup, you can. You can also limit the backup to Wi-Fi connections and / or good battery health.
We tested Stingle Photos on two Android devices, a Pixel 2XL and a Huawei MediaPad M5 Pro. Support for iPhones and iPads is on the way but not yet arrived – along with support for Linux, Windows, and Mac PCs.
The app takes a completely different approach than Google Photos, Amazon Photos or Apple Photos. All three apps from the tech giants try to do everything under the sun: machine learning to categorize photos and sort them into galleries and albums, print and swag creation services, and more.
In comparison, Stingle Photos is simple and minimalist. It imports photos (automatically or manually at the discretion of the user), syncs them, and allows you to organize them into albums. That’s pretty much it, apart from the typical Android “sharing” options that throw a (decrypted) photo straight into another app. For example, we shared a photo via the Textra SMS app by tapping the share icon for that photo and then selecting a Textra contact.
When importing photos automatically or manually, Stingle offers the option of deleting them after they have been successfully imported. When you turn on auto-delete, you ensure that a phone thief can’t flip through your photos even if they unlock the phone themselves. However, this means that Stingle is no longer a “backup”. Instead, automatic deletion makes Stingle the only place to save your photos, with all of them being lost if Stingle is lost.
There is no web client available for Stingle Photos. So for now, you need an Android device to view all of the photos stored in Stingle. With a web client nowhere to be found on Stingle’s published roadmap, we expect that even as Windows, Linux, and Mac clients become available, you’ll still need to install a photo-viewing application – and not yourself just log in to a website with your favorite browser.
Although we mostly focused on photos, Stingle Photos manages videos and photos interchangeably – just like most other mobile camera and backup apps.
Cloud storage pricing
The Stingle Photos app is free – as is your first 1 GiB cloud storage. Stingle’s business model revolves around those who need more than the first gibibyte of storage space – which in our opinion now means “everyone”, especially since Stingle stores your photos and videos in full resolution. There’s not even an option to downsample before encrypting and uploading – the media you store locally is the media you back up, period.
The first paid tier is 100 GiB, which you pay $ 2.99 per month for – or you can prepay $ 29.90 for a year, saving you the cost for two months. 300 GiB is $ 4.99 / month, 1 TiB is $ 11.99 / month, and 3 TiB is $ 35.99 / month, with the same two-month free savings on annual upfront purchases. (Larger plans are also available for those who need them.)