Keychain integration

Are there any plans to allow databases to unlock using the OS keychain?

That would involve having them lock with the Keychain first. :thinking:

No, there are no plans for this specifically, but we are working on something related. However, do note that data in a secure database isn’t very secure if you can open it with a saved Keychain entry. Just something to think about.


However, do note that data in a secure database isn’t very secure if you can open it with a saved Keychain entry

Good point, but well, it has always been usability vs security, right?

Since I already have my firmware access password-protected and my disk encrypted (not sure tho how it compares with GNU+Linux disk encryption, which is really good), and since I never ever leave any of my systems unlocked when unattended, I won’t consider that a serious attack vector, unless somehow some nasty exploit who happens to look for that data makes it into my system… but well, should that be the case I should then keep all my sensitive data in a cold storage, right? Which brings us back to the immortal issue of convenience over security :face_with_raised_eyebrow: I mean, nothing is perfect, especially software systems - if anything - and provided the required resources, any form of security can eventually be breached.

Now, am I totally crazy or the feature I was asking for earlier this year made it to DT3!?

I have my databases encrypted (as well the online storage, thanks again for this beautiful functionality as I’m able to sync my DBs using public cloud storages without sacrificing my humble iCloud storage space) but I don’t need to unlock the DBs each time I launch DT3 as I used to have when launching DT2 :raised_hands:

Speaking of related….when opening a URL with DevonThink3 certain sites require password to log into an account. Keychain or 1Password would be helpful with this.

Supporting browser extensions is not a trivial matter, but the request is noted.

Good point, but well, it has always been usability vs security, right?

To quote Ben Franklin:
“Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety.”

I would say…
“Those who would give up essential security, to purchase a little temporary usability, deserve neither security nor usability.”"
:stuck_out_tongue: :slight_smile:

But yes, you can use the Keychain, as clearly shown here:

as I’m able to sync my DBs using public cloud storages without sacrificing my humble iCloud storage space)

This was already possible before encrypted databases became available.

I agree with your quoting of B. F. and felt pretty much the same way time ago when a reporter asked a random guy on the street, what he thought about the city (a very important European capital city) being populated by ‘intrusive’ security cameras watching public spaces; this person said that he was ready to resign his privacy (and I believe we can safely equate it to Liberty in this context) in trade for security. I automatically found myself grabbing my nuts…

Now, in the context of macOS, I would like to think that the system Keychain is safe enough to securely hold secrets, after all it is used for everything from storing websites credentials to ssh passkeys. I know, I know: that would mean trusting what Apple says about they being unable to read information from there (in the end drinking corporate Kool-Aid); but if you really think about it, how can we be certain, without sniffing network traffic and running DT through dtruss and friends that DEVONthink itself isn’t phoning our data back home? After all it’s a proprietary, closed-source software solution, the very same definition of black box.

A bunch of my buddies are security freaks to the extent of running Qubes OS or other tightly-secured GNU+Linux/BSD flavors (home brew hardened Gentoo or Arch, HardenedBSD) as their daily drivers; they also run exotic Android ROMs on their rooted pocket computers (also used as phones, sometimes) and only install stuff through F-Droid or by side-loading it.

I’ve been through all of that.

I’m security conscious, but sometimes you have to draw a line depending on your needs. Tight security is awesome but at certain extent it’s also unusable. Yeah, it’s true that Only the Paranoid Survive, as Andrew S. Grove once wrote. The question may then be: how much paranoid are you willing to be? Will you stay all your life at home, buying food and supplies online fearing that if you hit the street you might end being hit by a bus? I’d laugh to dead if you slip in your bathroom and break your neck. Yes, that’s totally blunt – but totally true, in the sense that ultimately, security is a nice illusion.

The fact that I’m using macOS means I drew my line and took the leap. I’m happy with my decision so far and the policies I implemented to myself. I’m always willing to teach to fam and everyone else who wants to learn a bit or two about security and good practices.

And when I talk about security, I mean that, security, not just fancy IT stuff, that’s only one piece of the puzzle (running regular rootkit/malware scans, having everything 2FA enabled, generating high-entropy passwords for your accounts, running an IDS on your home network, etc); but also being aware of the surroundings, taking care when extracting money from an ATM, taking care of what you say or share to whom, using different email accounts and nicks online to avoid having a high profile, carefully picking VPNs, maybe even spoofing the MAC address when recurrently connecting to the same non-secure WiFi spots and so on. You got the point. Before IT breaking in our lives as it did, it was called common sense.

So, as you see, under this new light trusting DT might not be the smartest decision either: how can I trust my information remains mine? I simply can’t. I had to rely on the endless reviews I read and research I made to dust off those fears before deciding to buy the app. But still I can’t be sure of anything, right? :slight_smile: I can only hope the company doesn’t do any shady – and I hope so because I’ve been using DT since version 2 and I’m totally hooked to it :slight_smile:

A better approach security-wise could be storing my stuff in a directory structure, tar-ing it to then GPG encrypt the resulting archive to then finally make it accessible as a private file on KBFS (Keybase File System) to make it accesible on all my trusted devices. Or better yet, have my own VPS running a secure OwnCloud/NextCloud container. More or less like using KeePass (which is awesome) instead Bitwarden, 1Password or any other similar solution. And of course, that would be a usability nightmare (been there too).

In the end, anything I could say is totally worthless because as always Randall already said it better:


Nice! A good read indeed! :slight_smile:

PS: I am certainly not a data-paranoid person. In fact, I care less than most people think a tech person would. For my customers, more so, especially as some are very concerned about such matters. For myself, not so much.

On the other hand, I don’t sync any of my own data to public servers. I use Bonjour and internal WebDAV for my stuff. Support stuff is all that gets sent out to iCloud, Dropbox, etc. This is not because I’m paranoid though. It’s merely because my data is my data. I wouldn’t hand my wallet to someone and tell them to hold onto it.

Re: not storing passwords in the keychain, that’s a general admonition from years of working at corporations with security policies, etc. And for those who are paranoid, storing keychain entries for passwords would allow easy access if their computer fell into the wrong hands. But again, not dogmatic about it. People can do what people want to do in these situations.

1 Like