I realized most image optimizer tools (compressors) quietly require trust I never meant to give

I had a weird realization recently.

As developers and makers, we are extremely careful with source code, API keys, internal dashboards, and customer data.

But when it comes to images, a lot of us do something almost automatic:
we drag them into a “free online compressor” and move on.

Client mockups. Product screenshots. Internal assets. Sometimes even documents, IDs, receipts, or photos that contain more information than we notice at first.

The thing that bothered me was simple:
most of these tools only work because the file leaves your machine, hits someone else’s server, gets processed there, and comes back.

That may be totally fine for many use cases.
But it made me ask: why did this become the default?

Modern browsers are already powerful enough to do a lot of this work locally. So I built ZeroPNG.com, an image compressor that runs directly in the browser.

• No upload step.

• No server-side processing.

• No “we delete files after X hours” trust exercise.

• And after the first load, it even works offline.

What I liked most was opening DevTools → Network and seeing… nothing.
That silence felt like the feature.

I’m curious how other makers here think about this:

• Do you treat image assets as sensitive, or only code/data?

• Have you ever uploaded NDA or pre-launch assets into a free optimization tool without thinking twice?

• Do you think privacy-by-architecture is a stronger product story than privacy-by-policy?

Would love honest feedback on the idea and whether this problem resonates with you, or if I’m overestimating how much people care.