diff options
| author | Jos Poortvliet <jospoortvliet@gmail.com> | 2020-05-18 00:42:48 +0300 |
|---|---|---|
| committer | Jos Poortvliet <jospoortvliet@gmail.com> | 2020-05-18 00:42:48 +0300 |
| commit | 2c0b982c4481ec4c7c3c97cd411cc5fb601e517f (patch) | |
| tree | 76cb49b7bbaf24d634891849497179f211562a8c /page-threat-model.php | |
| parent | 54c1248030a0b4908ed0d89740bdc22feaa0f90f (diff) | |
fix #1264
Signed-off-by: Jos Poortvliet <jospoortvliet@gmail.com>
Diffstat (limited to 'page-threat-model.php')
| -rw-r--r-- | page-threat-model.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/page-threat-model.php b/page-threat-model.php index db566bba..d4b48981 100644 --- a/page-threat-model.php +++ b/page-threat-model.php @@ -36,7 +36,7 @@ <p>Nextcloud can be configured to encrypt data at rest. This has two options: server-wide key (default since Nextcloud 13) or per-user key. With the former, the keys are on the server and thus the only protection offered is against external storage. With per-user keys, the keys are encrypted by the user password and handled as securely as possible, thus securing data when the user is not logged in. We are aware that a Nextcloud administrator could still intercept the user password to manually decrypt the encryption key. We do thus only consider attack scenarios bounty-worthy if they include an external storage vector or, with per-user-keys, data-at-rest.</p> <h3>Client-side encryption</h3> -<p>Nextcloud client-side (or end-to-end) encryption is designed to protect user data from the server in nearly all scenario's, <a href="https://github.com/nextcloud/end_to_end_encryption_rfc">as described in the RFC.</a> Any way to circumvent the protection as covered by the <a href="https://github.com/nextcloud/end_to_end_encryption_rfc/blob/master/RFC.md#security-properties">security properties</a> would be treated by us as a security issue. Note that, as of May 2018, the client-side or end-to-end encryption feature is not considered 'finished' and no bug bounties are paid out until it is released as a final, stable version, expected mid/late 2018.</p> +<p>Nextcloud client-side (or end-to-end) encryption is designed to protect user data from the server in nearly all scenario's, <a href="https://github.com/nextcloud/end_to_end_encryption_rfc">as described in the RFC.</a> Any way to circumvent the protection as covered by the <a href="https://github.com/nextcloud/end_to_end_encryption_rfc/blob/master/RFC.md#security-properties">security properties</a> would be treated by us as a security issue. Note that, as of May 2018, the client-side or end-to-end encryption feature is not considered 'finished' and no bug bounties are paid out until it is released as a final, stable version, expected in 2020.</p> <h3>Features intentionally marked as insecure</h3> <p>Some features in Nextcloud are intentionally marked as insecure and disabled by default (plus have a big warning above them). One example includes the preview providers such as the LibreOffice preview provider. At the moment we consider vulnerabilities |