Is it ever temporarily storing files unencrypted? For instance when one wants to view something that cryptomator hasn’t an internal viewer for?
When cryptomator would do that, that would make the files readable with adb or root, right?
Edit: I just read on the forum that cryptomator indeed decrypts the files and saves them unencrypted to share the data with other apps. Yikes ! ! !
I see that this would be fixed with #35, which is already open for 3 years now.
Hey and welcome in the community !
Yes, we download the file but we store it in the internal storage of the app. As long as you not root your phone, no app has access to this file without your permission (e.g. when sharing a file with app
b you grant this app access to this file). Furthermore, only apps which you granted root access could access this folder and it is up to you, to grant root access only to apps which you really trust.
Thanks for your reply. Your assumption is that one roots one’s own phone, and that that would clear the phones memory. Without going into it further, you’re wrong!
You’re probably looking for a different solution. The security target of Cryptomator is strictly bounded to protection of files in the cloud. Once synced, only a best-effort attempt can be made to restrict access to decrypted data without setbacks in terms of interoperability with third party apps.
If your device is compromised, and it doesn’t matter if we’re talking about malware, targeted attacks or faulty configurations, we leave the boundaries of what cloud encryption tools are made for.
In addition, in our documentation you can read more about the “Security Target”: https://docs.cryptomator.org/en/latest/security/advice/#security-target
To clarify, does this mean that data remains decrypted on a device? I am assuming that it doesn’t including temporary files (agnostic of the operating system in use).
No, the files doesn’t remain on the device forever. We have a service which cleans up this files every 4 hours. But as already written in this thread, these files are located in app specific storage that other apps do not have access to.
Since version 1.5.0 we have extended the service so that the files are deleted as soon as all vaults are closed.