Encryption of database
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Zeitgeist Framework |
In Progress
|
Wishlist
|
J.P. Lacerda |
Bug Description
I think that Zeitgeist should encrypt databases in ~/.local/
While someone may happen to use an encrypted disk, Zeitgeist may serve as the ultimate accidental spyware to an unsuspecting user. One possible mitigation is to randomly generate a reasonable key, tie it into the login keychain and then use that key with something like http://
In theory, a user will never know that this encryption/
Changed in zeitgeist: | |
assignee: | nobody → Seif Lotfy (seif) |
Changed in zeitgeist: | |
assignee: | Seif Lotfy (seif) → J.P. Lacerda (jplacerda) |
importance: | Undecided → Medium |
Changed in zeitgeist: | |
status: | New → In Progress |
To keep this cross desktop friendly, it makes sense to create a Zeitgeist plugin that interfaces with many different keyring-manager like thing-a-mabobs. Lets call it zeitgeist- keyring- helper.
I imagine that it would make sense to have a flow where when creating a database, Zeitgeist will generate a key, store it with zeitgeist- keyring- helper, fetch the key with zeitgeist- keyring- helper, and finally it will initialize and use the database. All subsequent accesses will simply call the zeitgeist- keyring- helper to fetch the key in a transparent manner.