Back to Guides

Guide · Privacy

Are online file converters safe? A technical comparison

Cloud converters upload your file. Local converters don't. Here is what that actually means in practice — and how to verify it yourself in 30 seconds.

The two models, in one paragraph

A cloud converter (CloudConvert, Zamzar, Convertio, iLovePDF, SmallPDF) accepts your file via HTTPS upload, converts it on a rented server, stores the result on object storage (usually AWS S3), and hands you a download URL. A local converter — Morphix, ffmpeg.wasm demos, and a handful of others — ships the conversion engine as WebAssembly, so the same code runs inside your browser tab and the file never leaves your device.

Side-by-side comparison

File location
CloudUploaded to a rented VM, cached on object storage, replicated to backups.
Morphix (local)Stays inside your browser tab's memory. Never sent over the network.
Encryption in transit
CloudHTTPS to the operator, but the operator can decrypt and read the file on arrival.
Morphix (local)No transit — nothing to intercept.
Server-side logs
CloudAccess logs, worker logs, and object-storage audit trails typically retain file names and sizes.
Morphix (local)No server involvement. Nothing to log.
Verifiability
CloudYou must trust the operator's privacy policy. There is no way to independently confirm the file was deleted.
Morphix (local)Open DevTools → Network. If your file was uploaded, you would see it.

Verify any converter yourself (takes 30 seconds)

  1. Open the converter in a new tab.
  2. Press F12 and switch to the Network tab.
  3. Tick Preserve log and set throttling to Slow 3G.
  4. Drop in a 50 MB test file and run the conversion.
  5. Sort by Size. A local converter shows only small JS/WASM downloads. A cloud converter shows a multi-megabyte POST orPUT to the operator's domain — that is your file leaving your machine.

Where WebAssembly changes the math

The reason local conversion is viable in 2026 (and wasn't in 2016) is WebAssembly. WASM lets us compile ffmpeg, PDF.js, libarchive, libheif, and Tesseract OCR into a sandboxed bytecode that runs at near-native speed inside the browser. Morphix ships those engines as WASM modules — the same binaries a server would use, just executing on your CPU instead of ours.

When cloud converters are still fine

  • Public documents you'd happily post on Twitter.
  • Very large videos where your device can't spare the RAM (Morphix streams these too, but a low-end phone may struggle).
  • OCR on 500-page PDFs where a beefy GPU on the server would be faster.

When you really want local

  • Passport / ID scans, birth certificates, driver's licences.
  • Contracts, NDAs, tax returns, medical records.
  • Unreleased product mockups, source code, internal wireframes.
  • Anything covered by GDPR, HIPAA, or an employer's data-handling policy.

The Morphix Vault: one step further

When you need to send a file to someone else, in-browser conversion isn't enough — you also want the file encrypted end-to-end. The Morphix Vault wraps any file in AES-256-GCM with a PBKDF2-SHA256-derived key (250,000 iterations) using the browser's native Web Crypto API. Only whoever has the password can open it.