Really intrigued by this post below. Care to speculate what an Audit-proof database could be?
On my to-do list is still to move all databases to encrypted ones, but it looks like encrypted and audit-proof databases will be mutually exclusive
Audit-proof databases will be actually always encrypted.
In that case I’ll wait for a bit.
Why?
Sounds intriguing. Does this include version control within Devonthink?
The teaser on only that, a teaser. 
1 Like
Still very intriguing.
I like the confidence I get from checking file integrity. I’ve never lost data in DT. I have failed to close a third party app before closing DT.
File checksums highlight my mischief in that case.
1 Like
My guess is an audit log where you can prove that the last time a given record was saved, it had particular contents, verified by cryptographic hash. There are various techniques for this. For example, you can have an encryption chain of hashes, where each new entry is effectively based on all the previous ones. This means you can’t just rewrite a record and its hash value — you’d have to fake the entire rest of the log from that point. Similar idea to blockchain, but without burning tons of CPU. In place of consensus you can have a network signature service with a ratcheting timestamp — i.e. periodically your system passes the latest hash to the service, which passes back a signature verifying that at that moment, the latest hash was whatever. That then allows you to demonstrate that you didn’t rewrite the chain before that moment.
I’ve no idea if this is what’s planned or what algorithms might be involved, but that’s the kind of thing I’d guess from the teaser.
On my to-do list is still to move all databases to encrypted ones
If your computer and phone aren’t encrypted and given a secure password/passcode, then you should do that for all kinds of reasons. If your computer and phone are encrypted and secure, I don’t see much gain in additionally encrypting your DEVONthink databases. They’re already encrypted by virtue of being on an encrypted disk.
Your sync store, on the other hand — encrypt that, because it’s probably on someone else’s computer.
This depends on the sync method, but if the traffic is leaving or stored off your network, we do recommend encrypted syncs. This obviously depends on your own personal view on privacy though. We don’t make such mandates.
This would be (edit) sort of like the forensic drive mounts and readers I’ve seen and WORM data cartridges. Interesting idea. Not sure I have any real world use for it but it’s interesting to consider.
Then again I never thought I’d use PDF annotations or any of the academic stuff that gets discussed here a lot but then one day…