On 03/13/2013 12:22 AM, Andrew Warren wrote: > Adrian Sevcenco wrote: > >> what it is supposed to be encrypted and why? (beside https which >> is obvious) Because, with the exception of encrypting files on the >> client (one by one before getting uploaded), i see no point of >> encrypting anything .. so i ask in order to educate myself :) > > Adrian: > > I am an OwnCloud user, not a developer, so these are only my > thoughts. I am sure the developers have a more complete answer. > > It seems to me that encrypting files on the client before uploading > would prevent efficient syncing (and deduplication, if that is > implemented on the server). i agree
> Encrypting files on the server is definitely less secure than > client-side encryption in some scenarios (e.g., malicious system > administrator -- an issue if OwnCloud is running on a hosted server). > However, it does provide a defense against data disclosure as a > result of hardware theft or unsophisticated unauthorized access, and > it might even be sufficient to meet the privacy requirements of > certain industries (medical records, financial records, etc.). well, the encryption key must reside on the server in order to encrypt something on the server .. so there is no defense against data disclosure or theft. At most could be used a scheme complex like : the key is only on the client and is not recorded anywhere--> the storage on the server is an encrypted file which is mounted as a filesystem--> the sync is done like normal sync but at the exit of the last client (or after a timeout) the file is unmounted. if the secret key is lost you will just have a very big file in your account. the little detail would be how can you mount an encrypted file without storing your key (even temporary) on the disk... The thing is that i would be interested in encryption but i found no solution so far .. but maybe more brains can find one :D Thanks, Adrian > > -Andrew > > === Andrew Warren - awar...@synaptics.com === Synaptics, Inc - Santa > Clara, CA _______________________________________________ Owncloud > mailing list Owncloud@kde.org > https://mail.kde.org/mailman/listinfo/owncloud > > -- ---------------------------------------------- Adrian Sevcenco | Institute of Space Sciences - ISS, Romania | adrian.sevcenco at {cern.ch,spacescience.ro} | ---------------------------------------------- _______________________________________________ Owncloud mailing list Owncloud@kde.org https://mail.kde.org/mailman/listinfo/owncloud
