Cloud encription

Using /e/OS murenacloud
1

HI!

I’m new user and I have created an account in ecloud.global

I have seen that in my user administration page, there is no encryption enable…

see attachment

Can you confirm that my files in your cloud are not encrypted ? Why ?

Is it possible to enable encription ?

thanks

Regards

Roberto Carini

2020-02-13 23_12_20-Settings - e - Brave.png
2020-02-13 23_12_20-Settings - e - Brave.png1087×957 75.9 KB

2

Please see here Security of the Ecloud

1 Like
3

There was a feature proposal…
Read this

And a category about ecloud

1 Like
4

Hi Roberto,

welcome to /e/ !

You are right about that section, I noticed the message too. However, the files are encrypted on the server with NextCloud encryption system. I think we need to pass the information to the app so it can show it in the UI. We are also planning to enable the end-to-end encrypted folders feature (some specific folders would contain files that even someone with access to the server wouldn’t be able to read).

The rest of the functionality, as Gaël mentioned, may be more complex to set up with E2E and there are tradeoffs. For instance if your email is encrypted you cannot search for contents in the webmail, only senders and subject (metadata). But you can in your local email client.

We will try to fix the UI bit in the next weeks and provide updates when the rest of the features can be implemented.

Thanks for reporting!
Arnau

Update: a colleague kindly pointed an inaccuracy in my earlier post; since in the current setup the files are stored on the same server as NextCloud application, the files are encrypted with LUKS, which is a widespread Linux disk encryption system. This is actually encouraged by NC themselves:

Also note that when external storage is not used and a server-wide key is used, storing the encryption keys together with the data means little protection is afforded in cases the drives are stolen. For this threat model, a full-disk-encryption technology is often a better choice than the built-in Server Side Encryption in Nextcloud.

https://nextcloud.com/blog/encryption-in-nextcloud/

Once we move to a distributed setup, then it would make sense to enable Server-Side encryption, on top of the aforementioned client side end-to-end encryption for specific folders.

2 Likes
5

Hi Roberto,

can you check what that section says now? You should see something closer to the actual encryption system in place.

Kind regards,
Arnau

1 Like