-
Notifications
You must be signed in to change notification settings - Fork 15
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Plaintext (un-encrypted!) data potentially stays on disk #22
Comments
You are right. But I never took this issue too seriously. Encryption in SublimeNotebook or VSCodeNotebook is only meant to protect your sensitive documents from regular people like your friends and family who manage to peek/use your computer once in a while. If you are syncing the note files to Dropbox, Dropbox stores file histories too. So if Dropbox is hacked, you are still at risk. But having your Dropbox hacked is a big risk anyway because people keep all kinds of private documents in there. If we do want to solve this problem, however, the simplest way is to always save the file encrypted.
The above flow can be made more user-friendly if plugin takes more control over Sublime Text but you get my point. Is this your similar project? |
Thanks for your answer!
Yes, I agree, for this it's totally OK.
Exactly, I totally agree with this. I was thinking about writing a plugin to do exactly this. If you're interested, ping me via email (see contact in website below). I think it can be done with
No, it's this: |
Thanks. I am not working on this atm because it is not critical + busy with other things. I will contact you if this changes. 😄 |
Hi,
I've been working on a similar project, but here is a problem that I faced, and it seems to be present in your code as well:
https://github.com/aviaryan/SublimeNotebook/blob/master/sublime_notebook/cryptlib.py#L112
and
https://github.com/aviaryan/SublimeNotebook/blob/master/sublime_notebook/sublime_notebook.py#L55
When you overwrite the unencrypted data with crypted data, you are not sure that the OS or the HDD/SSD hardware writes it at the same place on the disk, on the same blocks / sectors of the disk.
Result: the unencrypted data (plain text) can stay on your disk, and be easily recovered with a simple Undelete tool / HEX viewer. A software like Recuva and wxHexEditor will be able to see your files without the master password...
What do you think? I've been thinking about this problem for a long time too!
The text was updated successfully, but these errors were encountered: