1 comment

[ 7.7 ms ] story [ 18.3 ms ] thread
Why rvault? If you are using a simple file/directory/disk encryption with a passphrase, then the data is compromised if: 1) the computer or the disk is compromised i.e. the encrypted data becomes accessible; and 2) the passphrase is compromised. The attack surface in such case is quite significant. The computer/disk can be stolen, lost, breached; it may be left temporarily unattended giving an attacker enough time to tamper with the hardware; the system might have a malware which could steal the encrypted data and/or the passphrase (e.g. using they keylogger); passphrase might also be leaked accidentally, e.g. by being typed or copy-pasted into a wrong place; there are other threats, e.g. HD cameras which may capture typing of the passphrase. These are just a few examples.

rvault attempts to reduce the attack surface significantly by making (1) and (2) generally insufficient, yet keeping the data storage local.