Hi, Christian PERRIER: > > According to a security audit by Taylor Hornby (Defuse Security), the current > > implementation of Encfs is vulnerable or potentially vulnerable to multiple > > attacks on the encrypted data. This especially affects use cases where the > > attacker has read/write access to the encrypted directory or has enough > > knowledge of the unencrypted file system contents. > > . s/especially/only/, AFAIK. > > In the current situation encfs should not be considered a safe home for > > sensible data. This package should be only used to retrieve information from s/sensible/sensitive/ > > previously encrypted sources, and even this action contains some risk of > > receiving compromised data. > To recap the security analysis, as I understood it: There's a problem if somebody has, or had, access to the encrypted files _and_ can store random data of their choosing there (by manipulating either the encrypted or the unencrypted files). The notice should unequivocally state exactly that, instead of the current level of (IMHO) panic mongering. In most scenarios (encrypt some personal or corporate data stored on NFS, use reverse mode to store an encrypted backup of sensitive stuff to the cloud, whatever) this is a non-problem. -- -- Matthias Urlichs
Attachment:
signature.asc
Description: Digital signature