What is the fastest way to check if a converter uploads my file?

The airplane-mode test. Load the converter fully while online, then turn on airplane mode or disconnect your network and try to convert. If it still works offline, your file was not uploaded, because there was nowhere to send it. If it fails or hangs, the tool needs a server and is uploading your file. It takes about ten seconds and needs no technical skill.

How do I use the browser Network tab to see a file upload?

Open developer tools (F12, or right-click and choose Inspect), click the Network tab, enable "Preserve log", then run a conversion. Watch the requests that appear and look for a POST or PUT whose uploaded body is roughly the size of your file. A large outbound request matching your file means an upload; only small page assets and tiny analytics pings means no upload.

How can I tell an analytics ping from a real file upload?

Compare size and scaling. A real upload is large and grows with your file (a 10MB file produces a roughly 10MB request body containing the file's contents). An analytics ping is tiny, usually under 2KB, contains only event data like page URL and timing, and does not get bigger when your file does. Re-run with a much larger file: the upload request grows, the analytics ping does not move.

Does a no-upload result mean the converter is completely safe?

It means your file stays on your device, which removes the upload, retention, and breach risks entirely. That is the strongest privacy guarantee available. You should still use a converter from a source you trust enough to run code in your browser, which is why an open-source, auditable engine adds confidence on top of a passing test.

Can I verify hushvert myself?

Yes, that is the whole design. Run either test on any in-browser conversion and you will see no file upload. The /privacy-proof page hosts a live airplane-mode demo that counts the network requests during a conversion, a CI test fails the build if any file byte leaves the browser, and the engine is open source under the MIT license so you can read what runs in your tab.

Why do some hushvert conversions still upload my file?

A few conversions need software a browser cannot run: office documents to PDF, PDF to Word, and large video. Those use a clearly labeled server lane, upload over an encrypted connection, and are deleted (inputs immediately after conversion, outputs within about an hour). Every conversion a browser can do, including all HEIC conversions, stays on your device. The dropzone tells you which lane applies before you start.

How to Verify Any File Converter Does Not Upload Your File

Why this matters: the privacy promise you cannot see

Almost every online converter shows the same reassuring copy: "your files are safe", "deleted automatically", "we respect your privacy." None of that is verifiable from the outside. With a server-based converter, the architecture itself requires uploading your file to a machine you do not control, and you are trusting a policy, not checking a fact.

This stopped being abstract in March 2025, when an FBI field office issued a public advisory warning that some free online file-converter sites are used to deliver malware and to scrape uploaded files for sensitive data. The takeaway is not panic; it is that "trust us" is not good enough for a tax form, a medical scan, or a private photo. The good news: you do not need to take anyone's word, including ours. The browser already gives you the tools to check. The two tests below turn a privacy claim into something you can confirm with your own eyes.

Test 1: The airplane-mode test (the 10-second proof)

This is the simplest, most decisive test, and it needs no technical skill. The logic is airtight: a converter that uploads your file cannot work without a network. If it still converts with the network off, nothing was uploaded, because there was nowhere to upload it.

Do this: 1. Open the converter and load the page fully (this step needs the network; it downloads the page and, for an in-browser tool, the conversion engine once). 2. Turn on airplane mode, switch off Wi-Fi, or pull the ethernet cable. Confirm you are actually offline (try loading any other website; it should fail). 3. Now convert your file.

If the conversion completes while you are offline, the work happened on your device and your file never left it. If the converter spins forever, shows a network error, or refuses to start, it needs a server, which means it intends to upload your file.

One honest caveat: a tool must finish downloading its engine before you go offline, so do the first conversion online, then go offline and convert again to be sure. hushvert ships a live version of exactly this test on its /privacy-proof page: it loads the codec, invites you to disconnect, converts a locally drawn image, and counts every network request the conversion makes using the browser's own performance timeline, so the page cannot fake the result.

Test 2: The Network-tab test (watch the bytes)

The airplane-mode test gives a clean yes/no. The Network tab shows you exactly what a converter sends, which is useful when a tool needs the network for legitimate reasons (loading a codec, an analytics ping) and you want to confirm your file is not among the traffic.

Do this: 1. Open your browser's developer tools (right-click the page and choose Inspect, or press F12; on Mac, Option+Command+I). 2. Click the Network tab. Tick "Preserve log" so requests are not cleared, and leave the panel open. 3. Optionally click the clear icon to start with an empty list, then select your file and run the conversion. 4. Watch the rows that appear during the conversion. You are looking for any request whose uploaded body is roughly the size of your file.

How to read it: click a request and look at its size, its type, and its request payload. A real file upload is a POST (or PUT) whose request body is large, in the same ballpark as your file. Page assets (scripts, styles, the codec) are downloads, not uploads, and an analytics event is a tiny outbound ping, usually under a couple of kilobytes. If you convert a 4MB photo and no request carries anything close to 4MB out, your file was not uploaded. On an in-browser converter you will see the page assets and the one-time codec download, and then nothing during the actual conversion, because the conversion runs in your tab.

Telling an analytics ping apart from a real upload

The most common confusion is mistaking a small tracking request for a file upload. They are easy to separate once you know what to compare.

A real file upload is large and proportional to your file. Convert a 10MB file and the upload request body is around 10MB; convert a 200KB file and it is around 200KB. The body contains the raw file content (often shown as binary or form-data). If a converter chunks the upload into pieces, the very first chunk is still far bigger than any analytics payload.

An analytics or telemetry ping is tiny and fixed. It is typically a few hundred bytes to a couple of kilobytes, it does not grow when your file is bigger, and its body is a small blob of JSON or key-value text (page URL, event name, timing numbers), never your file's contents. A useful rule of thumb: change nothing but the file size and re-run. The upload request scales with your file; the analytics ping does not move. This exact threshold is how hushvert's automated test draws the line. It allows request bodies up to 2KB (enough for privacy-respecting analytics) and fails the build if anything larger goes out during a client-side conversion, because every real file, once encoded, is bigger than that.

What a green result and a red result actually mean

Green result (no upload). The converter works in airplane mode, and during a conversion no request carries your file's bytes. Conclusion: the work happens locally, in your browser, and your file stays on your device. This is the strongest privacy posture available, because there is nothing to leak, subpoena, breach, or retain. You are no longer trusting a deletion policy; there was never an upload to delete.

Red result (uploads your file). The converter fails offline, or you see a large outbound request matching your file's size. Conclusion: your file is sent to a server. That is not automatically dangerous, and reputable services handle uploads responsibly, but it does mean you are now trusting that company's security, retention, and privacy practices. For non-sensitive files that can be a fine trade. For anything private, prefer a tool that passes the test, or use trusted offline software on your own machine (for example macOS Preview or Windows Photos for image exports, ffmpeg for audio and video, or Audacity for audio).

A mixed result is normal and honest. Some conversions genuinely cannot run in a browser. Office documents to PDF, PDF to Word, and very large video need software a browser cannot host, so those upload by necessity. The right standard is not "never uploads anything"; it is "tells you clearly which conversions upload and which do not, and lets you verify the ones that claim to stay local."

hushvert as the worked example: verify it, do not believe it

hushvert exists to pass these tests rather than ask for trust. Its image, HEIC, audio, archive, and PDF page operations (merging PDFs, PDF to JPG or PNG, PDF to text, and images or text to PDF), along with small video re-encoding, all run client-side in WebAssembly. Your file never leaves the browser, and you can confirm it with either test above. These in-browser conversions are unlimited and free, with no account.

Three layers of proof back this up. First, the /privacy-proof page runs the live airplane-mode demo and counts the network requests for you. Second, a CI test runs on every single code change and fails the build if any request during a client conversion carries file bytes, so the no-upload guarantee cannot quietly regress between releases. Third, the conversion engine is open source under the MIT license (@hushvert/engine on npm and GitHub), so you can read exactly what runs in your tab.

We are also honest about the exception. A short, clearly labeled server lane handles the conversions a browser cannot do (office documents to PDF, PDF to Word, and large video that exceeds the browser ceiling). Those upload over an encrypted connection, then are deleted: inputs immediately after conversion, outputs within about an hour. HEIC is never sent to a server; for patent reasons it stays client-side on purpose. The dropzone tells you which lane a conversion uses before you start, and there are no cookies. Run the tests on hushvert. The whole point is that you should not have to take our word for it.

Run the live no-upload test Convert a file privately

Keep reading

Common questions

What is the fastest way to check if a converter uploads my file?: The airplane-mode test. Load the converter fully while online, then turn on airplane mode or disconnect your network and try to convert. If it still works offline, your file was not uploaded, because there was nowhere to send it. If it fails or hangs, the tool needs a server and is uploading your file. It takes about ten seconds and needs no technical skill.
How do I use the browser Network tab to see a file upload?: Open developer tools (F12, or right-click and choose Inspect), click the Network tab, enable "Preserve log", then run a conversion. Watch the requests that appear and look for a POST or PUT whose uploaded body is roughly the size of your file. A large outbound request matching your file means an upload; only small page assets and tiny analytics pings means no upload.
How can I tell an analytics ping from a real file upload?: Compare size and scaling. A real upload is large and grows with your file (a 10MB file produces a roughly 10MB request body containing the file's contents). An analytics ping is tiny, usually under 2KB, contains only event data like page URL and timing, and does not get bigger when your file does. Re-run with a much larger file: the upload request grows, the analytics ping does not move.
Does a no-upload result mean the converter is completely safe?: It means your file stays on your device, which removes the upload, retention, and breach risks entirely. That is the strongest privacy guarantee available. You should still use a converter from a source you trust enough to run code in your browser, which is why an open-source, auditable engine adds confidence on top of a passing test.
Can I verify hushvert myself?: Yes, that is the whole design. Run either test on any in-browser conversion and you will see no file upload. The /privacy-proof page hosts a live airplane-mode demo that counts the network requests during a conversion, a CI test fails the build if any file byte leaves the browser, and the engine is open source under the MIT license so you can read what runs in your tab.
Why do some hushvert conversions still upload my file?: A few conversions need software a browser cannot run: office documents to PDF, PDF to Word, and large video. Those use a clearly labeled server lane, upload over an encrypted connection, and are deleted (inputs immediately after conversion, outputs within about an hour). Every conversion a browser can do, including all HEIC conversions, stays on your device. The dropzone tells you which lane applies before you start.

How to verify any file converter does not upload your file