top | item 41873518

(no title)

owenfar | 1 year ago

This is a really good point and I have thought about this multiple times along the way. Web Crypto API seemed ideal, but it brought its own complexities, especially if you want to have quick access on multiple browsers/devices.

It's true that as it is, it still requires trust. We do have our own custom servers, and we made sure that no logs related to personal data are ever stored, and encryption is done on the application level before it is sent on the DB server.

This is something I want to see implemented 100%

discuss

ferbivore|1 year ago

So what you've done is redefine "application" to mean half of your backend? Meaning your privacy page, which claims "we don't & cannot observe what you are doing", is outright lying? Meanwhile you're here commenting about how "the encryption & anonymity are rock solid" and nothing at all like the "encryption at rest" other services have. This is insanely sketchy.

mzajc|1 year ago

Personally, I feel like the bold statements about encryption should be removed until this is implemented to avoid misleading users.

Out of curiosity, is the data encrypted with a client-provided secret (eg. a password hash, or something that would otherwise be impossible to extract from the server), or is the secret stored on the server?

owenfar|1 year ago

I'm not sure I agree about it being a bold statement. Our description is very clear, and our approach is still much safer.

I see hundreds of products slapping "Encryption at rest" to make people believe their data is safe :) Yet, it's accessible by anyone that controls the server...

We also go further into details in the privacy page too.

The data cannot be decrypted without a client-provided secret. We'll make sure to be more transparent regarding all this.