[prev in list] [next in list] [prev in thread] [next in thread]
List: owncloud
Subject: Re: [owncloud-user] Suggestion
From: Michael <mike () draftx ! net>
Date: 2014-03-09 18:20:36
Message-ID: CAGJTRchL89YfUZd0FXKZM7_Uqb8qen2Vvb5wtABUXYZPPQkUmw () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
> If you (with your suggested method above) want to access encrypted files
in the web interface/mobile device/PC/etc., how will you store the things
what you need to decrypt (eg. password(s), keys, etc.). What will be
happen, if you lose them?
The same exact thing as always, you lose your data. The same is the case
now.
> How many resource will be need on the frontend device what will do the
decryption?
Decrypting small strings and directory structures? Somewhere around minimal
to nothing. Anyways, the usecase is there(as shown below), admins can
choose whether or not they need to use it.
From earlier(broken thread sorry):
> It would make restore from file backups much more difficult, as admins
wouldn't be able to determine the file names...
I don't think the name of the files contain critical data, or you have a
problem with your naming policies.
Admins don't need to know the filenames, just that they need to restore the
files as they are, regardless of name. The data would still have to be
stored just as traditional data is, inside of files with names.
Know the format of the underlying data can help with hacking. Knowning
something is a text file, you now know that generally there are many zeros
in front of each character. Every odd byte will be zeros, you know half the
file already, now bruteforce away. Not hard
Or in a corporate setting, what if your company is looking at buying
another company? You will name your files "company to aquire aquisition
blah blah blah". There are a million examples of data that shouldn't be
public sitting in a file name - this is how we make file names, we label
what we are doing.
TLDR: Encryption of file names is important, even if it is painful. Not
encrypting the file names makes the encryption app much less useful.
On Fri, Mar 7, 2014 at 4:46 AM, Szl=E1dovics P=E9ter <peti@szladovics.hu> w=
rote:
> 2014-03-07 11:15 keltez=E9ssel, Tim =EDrta:
>
> Hello,
>>
>> I like the plugin that encrypt's files locally stored on the hard drive.
>> How ever this only encrypts file contents not the file name. I think it
>> would be a good implement a plugin that encrypt's the files name or even
>> just use a hash algorithm.
>>
>
> You can encrypt your filesystem on your PC/mobile device/etc.
> If you (with your suggested method above) want to access encrypted files
> in the web interface/mobile device/PC/etc., how will you store the things
> what you need to decrypt (eg. password(s), keys, etc.). What will be
> happen, if you lose them? How many resource will be need on the frontend
> device what will do the decryption?
> I think you need a pure encryptfs on your PC/mobile device what is
> synchronized with your owncloud.
>
> _______________________________________________
> User mailing list
> User@owncloud.org
> http://mailman.owncloud.org/mailman/listinfo/user
>
[Attachment #5 (text/html)]
<div dir="ltr">> <span style="font-family:arial,sans-serif;font-size:13px">If you \
(with your suggested method above) want to access </span><span class="" \
style="font-family:arial,sans-serif;font-size:13px">encrypted</span><span \
style="font-family:arial,sans-serif;font-size:13px"> files in the web \
interface/mobile device/PC/etc., how will you store the things what you need to \
decrypt (eg. password(s), keys, etc.). What will be happen, if you lose \
them?</span><div> <span \
style="font-family:arial,sans-serif;font-size:13px"><br></span></div><div><font \
face="arial, sans-serif">The same exact thing as always, you lose your data. The same \
is the case now.</font></div><div><font face="arial, sans-serif"><br> \
</font></div><div><font face="arial, sans-serif">> </font><span \
style="font-family:arial,sans-serif;font-size:13px">How many resource will be need on \
the frontend device what will do the decryption?</span></div><div><span \
style="font-family:arial,sans-serif;font-size:13px"><br> </span></div><div><span \
style="font-family:arial,sans-serif;font-size:13px">Decrypting small strings and \
directory structures? Somewhere around minimal to nothing. Anyways, the usecase is \
there(as shown below), admins can choose whether or not they need to use \
it.</span></div> <div><span \
style="font-family:arial,sans-serif;font-size:13px"><br></span></div><div><span \
style="font-family:arial,sans-serif;font-size:13px">From earlier(broken thread \
sorry):</span></div><div><span \
style="font-family:arial,sans-serif;font-size:13px"><br> </span></div><div><font \
face="arial, sans-serif">> </font><span \
style="font-family:arial,sans-serif;font-size:13px">It would make restore from file \
backups much more difficult, as admins wouldn't be able to determine the file \
names...</span></div> <span style="font-family:arial,sans-serif;font-size:13px">I \
don't think the name of the files contain critical data, or you have a problem \
with your naming policies.</span><div><font face="arial, \
sans-serif"><br></font></div> <div><font face="arial, sans-serif">Admins don't \
need to know the filenames, just that they need to restore the files as they are, \
regardless of name. The data would still have to be stored just as traditional data \
is, inside of files with names.</font></div> <div><font face="arial, \
sans-serif"><br></font></div><div><font face="arial, sans-serif">Know the format of \
the underlying data can help with hacking. Knowning something is a text file, you now \
know that generally there are many zeros in front of each character. Every odd byte \
will be zeros, you know half the file already, now bruteforce away. Not \
hard</font></div> <div><font face="arial, sans-serif"><br></font></div><div><font \
face="arial, sans-serif">Or in a corporate setting, what if your company is looking \
at buying another company? You will name your files "company to aquire \
aquisition blah blah blah". There are a million examples of data that \
shouldn't be public sitting in a file name - this is how we make file names, we \
label what we are doing.</font></div> <div><font face="arial, \
sans-serif"><br></font></div><div><font face="arial, sans-serif">TLDR: Encryption of \
file names is important, even if it is painful. Not encrypting the file names makes \
the encryption app much less useful.<br> </font><div><span \
style="font-family:arial,sans-serif;font-size:13px"><br></span></div><div><span \
style="font-family:arial,sans-serif;font-size:13px"><br></span></div></div></div><div \
class="gmail_extra"><br><br><div class="gmail_quote"> On Fri, Mar 7, 2014 at 4:46 AM, \
Szládovics Péter <span dir="ltr"><<a href="mailto:peti@szladovics.hu" \
target="_blank">peti@szladovics.hu</a>></span> wrote:<br><blockquote \
class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"> 2014-03-07 11:15 keltezéssel, Tim írta:<div class=""><br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"> Hello,<br>
<br>
I like the plugin that encrypt's files locally stored on the hard drive. How ever \
this only encrypts file contents not the file name. I think it would be a good \
implement a plugin that encrypt's the files name or even just use a hash \
algorithm.<br>
</blockquote>
<br></div>
You can encrypt your filesystem on your PC/mobile device/etc.<br>
If you (with your suggested method above) want to access encrypted files in the web \
interface/mobile device/PC/etc., how will you store the things what you need to \
decrypt (eg. password(s), keys, etc.). What will be happen, if you lose them? How \
many resource will be need on the frontend device what will do the decryption?<br>
I think you need a pure encryptfs on your PC/mobile device what is synchronized with \
your owncloud.<div class="HOEnZb"><div class="h5"><br> \
______________________________<u></u>_________________<br> User mailing list<br>
<a href="mailto:User@owncloud.org" target="_blank">User@owncloud.org</a><br>
<a href="http://mailman.owncloud.org/mailman/listinfo/user" \
target="_blank">http://mailman.owncloud.org/<u></u>mailman/listinfo/user</a><br> \
</div></div></blockquote></div><br></div>
_______________________________________________
User mailing list
User@owncloud.org
http://mailman.owncloud.org/mailman/listinfo/user
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic