What are your plans for when your app is found to host content such as terrorist executions, child porn, etc.? (This isn't trolling, it's something that eventually happens with every product, and I've been wanting a non-Google version myself but wondering how that kind of abuse would be dealt with.)
Since it‘s a paid service with user accounts. You would be able to ban users that have been reported to use this service for illegal means. The same question can be asked to WhatsApp / iMessage / Signal / etc.
It does not say how often it is updated. Wouldn't it be better to say "as of 8/29/2021, we have received no such requests and we are updating this page monthly".
I don't think they would be able to do anything about it, since (from what I could infer from reading) it is zero-knowledge, so no one from the company can access the pictures. I might be wrong, though
Well, depending on legislation, they could be ordered to change the code to send the user password to them on next login for that account and then decrypt everything…
The architecture of Ente (https://ente.io/architecture) prevents your unencrypted master key from being exposed to the server. The password authentication appears to be client-side, which means that the data could not be compromised solely by a malicious server-side change.
Now, Ente could still change its web application to somehow leak the master key and not disclose the changes in the source repo. One solution for this vulnerability is to package the entire web client as a browser extension, which is what Mega is doing:
There are a couple of other ways to mitigate the problem for web applications. If you're willing to install a browser extension, then it might make more sense to use the Signed Pages extension[0] which applies PGP signature checking to web pages. The other solution is to use Secure Bookmarks[1], which combine SRI integrity hashes with Data URIs to ensure that a fixed bundle of JavaScript is running in the page.
Well, first and foremost, if I ran a service, I would not want to help either terrorists or pedophiles. I would be very unhappy if I was doing that.
Secondly, if you do provide service to terrorists or pedophiles, and take no steps to stop doing so, law enforcement and society in general is not going to be very happy with you.