I'm confident about this encryption, but sure it's true that the admin
can see the files - while they are decrypted. And I don't know about
you, but I rather do something else then spending time waiting for
users to login and then get their files. Still, this function makes it
more secure then other cloud based storage, which you might now know
how they store your files.
I'm planning on using ownCloud for my own storage service, and with a
encrypted servers, connection and file storage, this is more secure.
Also, you could perhaps restrict permissions - even for admins. Do
server maintenance, but can't see the user files, even while they are
decrypted.
Vänlig hälsning / Yours sincerely,
Daniel Holm
IT Consultant
Web Developer
Student
Tel: +46 76-1650946
[email protected]
http://www.danielholm.se
Den tis 22 maj 2012 15:42:24 skrev Andreas Schneider:
On Tuesday 22 May 2012 12:16:21 Sam Tuke wrote:
ownCloud needs to be able to handle large file uploads / downloads, work
well on mobile devices, and be bandwidth efficient. As far as I can see
using client-side JS based encryption would conflict with these needs.
client-side JS based encryption has the same problem as server side
encryption.
How can you securely deliver the java script to the client and make sure it
hasn't been modified on the wire? This is a chicken and egg problem!
-- andreas
_______________________________________________
Owncloud mailing list
[email protected]
https://mail.kde.org/mailman/listinfo/owncloud
