← Back to context

Comment by pronkin

1 year ago

Thanks for your input.

On the p2p topic: Our protocol is p2p and it's already working well in local networks. You can experience the magic yourself: install Anytype in local mode, create a space, and fill it with some data. Open the mobile app and log in with the same phrase, and your data will be synced without any central server, immediately! Isn’t it magical? The network is needed for backups and to solve the closed laptop problem. You can always self-host a network. We believe it's important to give people the ability to be free from a service provider

On the topic of e2e encryption: All your data in Anytype is encrypted at rest; only the indexes of this data (which are created and used locally) are not encrypted. We have plans to also encrypt the indexes. Currently, we assume that the majority of users employ full disk encryption, and if your machine is compromised, it is likely that malicious software can read memory and, therefore, access the keys. Could you please elaborate on the significant vector of attack, so we can consider this case?

Regarding the license, we have covered our logic here: https://blog.anytype.io/our-open-philosophy/. We are passionate about open source, and for some projects, it’s the only viable option. That's why our AnySync protocol and data format are MIT licensed. The clients are currently under a source-available license, as we are still exploring ways to make the ANY association and contributor ecosystem sustainable. Still researching…

Thanks for your kind words towards us and congrats on your progress!

12 comments

pronkin

Reply
gepeto42  1 year ago

I completely agree with the threat model of "an attacker on your machine can get to the keys" but I'd like to add two security use cases that makes encrypting indexes valuable:

1. Off-the-shelf malware exfiltrates data, as seen in ransom attacks. I'd feel better if the index was encrypted. It's unlikely an attacker would manually spend time trying to find the keys in RAM unless your app became very famous :)

2. Syncing files on a work laptop where IT might snoop.

Obsidian does not encrypt files at all locally, and for that reason I would feel quite self-conscious about loading a vault with potentially private notes.

Ironically, Obsidian is much better if you only have ONE big vault, but because of this, I have to live with 3 vaults (different threat models for each).

  • hruzgar  1 year ago

    im not the dev but what you're wanting is completely unreasonable. No note application does this and this would slow down the application without having any additional benefits

    • orthecreedence  1 year ago

      > No note application does this

      Yes, the app Turtl (https://turtlapp.com) does do this and it's not slow at all really. It only decrypts data upon viewing, and immediately re-encrypts when saving data. So this is actually entirely reasonable and entirely doable. The benefits are that malicious applications can't read data just sitting on the hard drive, which removes an entire class of attacks. An encrypted hd doesn't help you when it's unlocked.

      7 replies →

    • shwouchk  1 year ago

      FWIW emacs org mode, arguably one of the best note taking applications, supports gpg encrypted notes out of the box.