Sat Oct 28, 2017 10:10 am
Hi, just playing around with the new Vault feature and I am trying to understand where and how I would use/recommend it.
Does anyone care to challenge/correct or add to my assumptions below?
1. Machine/harddrive theft
Vault will help in this scenario, but harddrive or user partition encryption seems like an easier approach to me.
Vault + local encryption doesn't seem to add value in this scenario. In the unlikely case that an attacker manages to break through disk encryption they'll likely also break vault encryption
2. Attack whilst machine is online
Vault will effectively protect my data if the Vault is locked.
Once a Vault is open my data is obviously at risk.
Given that Linux isn't really a target for malware I'd say this use case isn't a strong one?
3. Cloud backups
One of the issues with using the likes of Dropbox for backup purposes is that all of the data will be open to the prying eyes of the provider.
Creating my Vaults in a folder which is synced to Dropbox will fix that!
I seem to be able to configure the location of my Vaults in ~/.config/plasmavault so changing the default location seems easy.
A nice addition for this scenario would be to allow to specify the location of your vaults while setting them up.
By the way, I do know that using file sync as backup is not really effective as it will only protect from theft and hardware failures and not if the actual files get deleted or corrupt.
4. Secure data sharing / collaboration
If #3 ispossible one should also be able to share data within teams? Everyone with the Vault password and the right access to the cloud provider should be able to open it up.
Begs the question if the vaults created by KDE Vaults are limited to just KDE Vaults or if other tools and OSs can open these containers because it's a standard format?
5. What else?
Now, I realize this starts to look a lot like what Cryptomator does, and maybe I am taking this too far.