Feature suggestion: Periodic offline copy email
Kobusvdm
offline copy of my data attached
Marco Barulli
I concur that it would be convenient, but that would require you to
disclose your email address and bind it to your encrypted data.
There are at least two kinds of problem with this approach:
1. we don't want to store unencrypted personal data
2. it's likely that your email address will be included in several of
your cards, therefore an attacker could leverage this information for
a "known-plaintext attack"
Thanks! :-)
Marco
--
Support Clipperz, donate now!
http://www.clipperz.com/donations
email: ma...@clipperz.com
mobile: +39 348 2476970
gtalk: ma...@clipperz.com
skype: mbarulli
twitter: clipperz
On Tue, Feb 14, 2012 at 7:04 AM, Kobusvdm <kobu...@gmail.com> wrote:
> As a Clipperz user, I want to receive a monthly automated email with a
> offline copy of my data attached
>
> --
> You received this message because you are subscribed to the Google Groups "Clipperz" group.
> To post to this group, send email to clip...@googlegroups.com.
> To unsubscribe from this group, send email to clipperz+u...@googlegroups.com.
> For more options, visit this group at http://groups.google.com/group/clipperz?hl=en.
>
Adrian Cowan
Other solutions could be to store the (encrypted) data in the local storage section of the browser, and have a local html/js page that can access the data when offline, this would almost always be in sync with the online copy or encrypting details to synchronize the encrypted data to online backup services (via js) like .
giulio...@gmail.com
this topic come to the surface every once in a while. You may find
many reference in the forum archive, but I will try to recap them here
again for everybody.
# Encrypted email
Whether we encrypt the email or not, at one point we need to be able
to read it; from our point of view this means that we DO know your
email. And as soon as we know your email, you will start expecting
receiving email from Clipperz; and this immediately open the door to
all sort of phishing attacks that –very cheaply– could badly threaten
your security.
It feels so good knowing NOTHING about our users, that we really don't
want to start warring about which data we need to protect, how to
remove an email that is not responding, or handling a call from
someone pretending that we are sending unsolicited messages.
Sorry, this is not a path we feel comfortable following.
# Offline copy synchronized from time to time
This is a feasible option, and we have plans of implementing a similar
feature for an interim mobile version (before having all the pieces in
place to handle a fully synchronization of your encrypted data).
# Remote download of offline copy
Another option that I have considered, is the ability for the user, to
enable a custom URL that will allow the download of the offline copy
completely skipping the authentication phase.
In practice the user will get a random key, completely unrelated to
the actual username and passphrase, that in the DB will be linked to
the actual account of the user.
WIth this setup in place, the application could process a new request
(receiving this new ID as a parameter) and return the offline copy
with the data of the binded account.
Now, this will definitely increase the option for someone to download
the data of some other account. But in the process, no actual
credentials have been leaked, but the attacker can now work on some
local data, instead of being forced to run an online attache that
would be automatically throttled by our HashCash protection.
But if the user is fine with this (minimal) extra risk, he would get
the option to easily setup a script to download the offline copy on
their behalf.
Unfortunately, as hard as we try, it looks like we have picked a play
ground where we can not get away with easy answers to simple
questions/suggestions. :)
Regards,
Giulio Cesare
Kobusvdm
I encountered since I started using Clipperz. In light of the known
plaintext and other cryptographic concerns I agree and I do not see
any solution around those concerns that would keep the current level
of security intact.
However, the problems that would be largely addressed by this feature
are the following, so maybe we can get a solution along other lines:
1. I lost a few passwords (2 or 3) a while ago from some data
corruption bug that might have been solved by now. An automated email
would ensure that I build up a range of "backups" over time.
2. Logging in to online Clipperz takes considerably longer than using
the offline copy. My browsers is always set to keep no history, so
every time I open the browser and need a Clipperz stored password,
using an offline copy is a lot faster.
These points will change the topic though, so we will problably want
to start a new thread.
Kind regards,
Kobus
On Feb 15, 1:02 am, "giulio.ces...@gmail.com"
giulio...@gmail.com
about the corrupted cards, did they happen on the Clipperz hosted
online version, or on your own hosted instance?
The Community Edition has a backend without some extra protection for
data integrity we added to our own backend when we realized what was
going on.
But if this problem had happened on Clipperz hosted version, you
should have contacted us, as we take daily DB snapshots.
Regarding the offline copy being faster, I tend to agree (the browser
is not paying the hashcash toll when working offline); while working
on the web mobile version, I will try to keep in mind that having a
self updating offline copy would be quite handy also on the desktop.
Regards,
Giulio Cesare