Hi, Joel. The MLO people have never promised to encrypt data-at-rest on the cloud server, so you have to assume that it's stored in the clear.
Since you asked about access to private keys, I wanted to note that the sync process does not require the server to "see" the content of any of your tasks, or even to be able to compare two copies of a task and detect if there has been a change. As long as every task has a unique ID that's the same across all platforms all the server needs are the ID and some timestamps. That means that the record could be encrypted on your device and not decrypted until it arrives at your other device. There would never be a need to question whether there had been a security breach or privacy violation at the server. Any slowness from crypto overhead would be on the user's device and would probably appear as battery drain, easily cured by turning off the crypto. But that's just a discussion. In the meantime if you want to know that your sensitive information is secure (beyond the password-grade security for at-rest data and SSL for in-flight data) you should move the sensitive data out of the task and store it securely in a file at a location accessible to all of your devices, and then include in the task a link to the file. -Dwight Mlo betazoid on Android sgn2 On Feb 21, 2014, Joel Azaria <jaz...@gmail.com> wrote: >Bump for an answer.. > > >On Monday, January 6, 2014 8:11:03 PM UTC-5, Joel Azaria wrote: >> >> Question privacy policy doesn't seem to address: Are mlo files >readable >> on your server or encrypted? Do sysops/mlo employees (or anyone >else) have >> access to the private encryption key(s)? >> >> As it's written it seems as if it's possible for someone working with >the >> system (sysadmin, DBadmin, etc) would be able to read contents of >files. >> Just want to be sure that's not the case. >> >> >> >> On Saturday, December 7, 2013 8:36:30 AM UTC-5, Andrey Tkachuk (MLO) >wrote: >>> >>> All the information is listed in our privacy policy: >>> https://sync.mylifeorganized.net/mlo/privacy-policy.html >>> >>> Andrey. >>> >>> On Friday, December 6, 2013 9:58:43 PM UTC+2, Stéph wrote: >>>> >>>> How secure is cloud data? I've had a bad experience with WiFi sync >so >>>> am reconsidering the idea of cloud sync. The only problem is that >some of >>>> my notes could include quite sensitive or commercial information. >>>> >>>> Stéphane >>> >>> -- You received this message because you are subscribed to the Google Groups "MyLifeOrganized" group. To unsubscribe from this group and stop receiving emails from it, send an email to mylifeorganized+unsubscr...@googlegroups.com. To post to this group, send email to mylifeorganized@googlegroups.com. Visit this group at http://groups.google.com/group/mylifeorganized. To view this discussion on the web visit https://groups.google.com/d/msgid/mylifeorganized/40262c8c-55e4-4723-b90f-2f8c760419ff%40katmail.1gravity.com. For more options, visit https://groups.google.com/groups/opt_out.
