How right you are! Read recently that Duck Duck Go is suing Google for trying to block them in Chrome. Dim memory of Microsoft trying something similar in the past.
2 Likes
Exactly. It is a calculation that will be made differently by everyone based on their circumstances. My research specialization is not modern cryptography or digital security, but based on the expertise researchers in those fields have shared with us, we can imagine some “safe(r)” scenarios.
The problem nowadays seems especially insidious because of NSO Group-style exploits, so if I were in a situation like you described as a target of state-sponsored surveillance, I would assume I essentially have someone sitting behind me looking over my shoulder. Unless you are using analog-style one-time pads (otp) and the like in combination with it (see Stephenson’s Cryptonomicon or Seveneves for these in action within a sci-fi setting), no app is going to be enough.
For something less than state-sponsored surveillance, an air-gapped computer with encrypted databases on an encrypted computer would be a workflow with minimal risk. If syncing devices, then encrypted databases using bonjour sync could be a relatively pain-free and not-so-risky solution. In my case, my research on premodern history has minimal security needs. It gets encrypted and synced by DT without any effort, though. Third-party data I am entrusted with access to in order to perform tasks (student’s personal data, NDA-protected data, and so forth) needs (in my opinion) to be handled with extreme care, and I don’t even sync that kind of stuff in an encrypted form. DT is pretty flexible that way.
2 Likes
Just one warning for the paranoid amongst us. If you create a encrypted database and open it, it will as others already mentioned handled by the OS. That means that if you open a terminal and type the df command which shows the free disk space for all volumes it will also list the database as created by DT.
This also means that you can access the volume using other means like Finder or terminal and copy files out of the database without the need of DT. Access will be limited to your user account and root. And do understand if you are infected by some virus it will probably run under your user account.
It depends on your definition if you believe this is a backdoor or not. DT will not prevent access by the OS.
1 Like
Interesting. I created a 50 mb encrypted DEVONthink database, added one text file to the database. Keeping the database open (as you say above) I went to the terminal and from the “df” found the mount point:
/dev/disk2s1 102320 3544 98776 4% 26 4294967253 0% /Volumes/Test Encrypted
I looked at the properties of the “disk2s1” (file? folder?):
brw------- 1 rmschne staff 0x100000c 10 Jan 04:25 disk2s1
I never saw the “b” prefix before, what is it?
I cannot find a way to look at anything nor do I see the simple txt file I put into that database. Finder won’t show /dev folder (probably a setting somewhere, though, but I can’t find it).
How do you crack into encrypted databases? Can you demonstrate something here?
Also on the line, you see as last column “Mounted on”. That is the path that you can visit using Finder (using “Go to Folder”) or in the terminal. Suppose you named your volume ‘Test’ then likely the patch is ‘/Volumes/Test’. Please check what it is in your case.
Regarding the ‘b’ this means ‘block’ device. In other words this is a “disk” from the OS point of view. A block device is a device that you read/write blocks at a time, in this case a disk sector per read/write.
Just as an example, I have an encrypted databases called Taxes and this is what I see:
$ df | grep Taxes
/dev/disk4s1 1.0Gi 33Mi 991Mi 4% 48 4294967231 0% /Volumes/Taxes
as you can see my mount point is /Volumes/Taxes.
I should have looked better at your example. It actually shows the mount point as being /Volumes/Test Encrypted. Having a space in the name makes things a little bit harder in the terminal.
You should be able to execute the following commands:
ls /Volumes/Test\ Encrypted/
ls /Volumes/Test\ Encrypted/Test\ Encrypted.dtBase2/
ls /Volumes/Test\ Encrypted/Test\ Encrypted.dtBase2/Files.noindex/
Note the backslashes because of the space. Alternatively you can wrap them in double quotes:
ls "/Volumes/Test Encrypted/"
It goes even further than that, you also need to trust the AES256 standard creators, that could conceivably outsmart not only Apple but the whole industry and leave some attack vector in the encryption algorithm itself that goes unnoticed.
On Apple’s part, there is really no incentive for them to intentionally inject backdoors in their own AES256 implementation for local disk images as they don’t have access to them. (iCloud encryption is another story, though)
But all of this is kind of meaningless, as the only viable alternative would be to roll your own crypto scheme and it all boils down to who are you trying to protect yourself from by using encryption? Is it another member of your family, your employer, or a state actor?
3 Likes
Got it.
- Confirm that while database open in ;DEVONthink that with Finder can see /Users/rmschne/DEVONThink/Test Encrypted.sparseimage/Files.noindex/
(I know how to handle the spaces but thanks … awful internet here at my hotel, so slow in return)
Well stated and must always be remembered. Down to understanding the true risks and the controls to mitigate those risks.
It’s obviously impossible to predict the future, but a symmetric cipher like AES256 is considered quantum-resistant. Asymmetric ciphers like public key encryption however are not.
To put that in practical perspective: if someone would currently intercept and store the data that is passed over an encrypted connection with for example some cloud server, the data is likely still safe (might quantum computers in the future be able to decode the stored data from the currently encrypted connection) as long as that data was first encrypted with AES256. That wouldn’t work if the AES key was passed over the connection to share with someone else of course, but storing and retrieving data for yourself doesn’t require passing that key.
That scenario does mean your data need to be intercepted and stored as part of a (semi-)targeted attack, as it’s obviously impossible to store all data flowing over the internet. Nevertheless, if you use encrypted network connections that are established with an asymmetric cipher, you might want to make sure the data is first encrypted using AES256 or better if you think that is appropriate.
On the up side though: quantum computing might also make quantum entangled network connection a possibility, which shouldn’t be susceptible to eavesdropping.
I doubt it. AES is completely public and continuously tested heavily by the rest of the world. Kerckhoffs’s principle states that a system is more secure if all details of that system are known, as long as the key is kept secret.
5 Likes
FWIW, I follow quantum computing professionally and am very skeptical about the near-term prospects for quantum encryption/decryption. Quantum computing is about where silicon computing was in the 1950s: people are still trying to figure out how to integrate non-trivial numbers of qubits.
2 Likes
I also doubt it, just for the record 
1 Like
Might be, but IMO the point is that organizations should start preparing for it early on, so they don’t end up with yet another ‘millennium bug’ scenario where everything has to be done in a short period of time.
Multiple national organizations are actively investigating post quantum resistance and some hypothesize a relevant quantum computer will be available from 2030 onwards.
For example the German ‘Bundesamt für Sicherheit in der Informationstechnik’ or BSI for short, describes that time estimate in one of their publications on page 4 (lower right corner):
The same page also mentions the ‘Store now, decrypt later’ possibility I mentioned. above, that might be of importance for some today already.
Sure. It’s their job to do exactly that sort of research. And there are obvious reasons why they would suggest an extremely aggressive timeline.
I’m just interpreting what people who are actually making qubits tell me.
1 Like