No encryption in node.js client-server mode

[valpackett]

When used as a single HTML file, TiddlyWiki5 allows content to be encrypted using the Stanford JavaScript Crypto Library.

But why not when used with the node server?

[Jermolene]

Hi @myfreeweb

But why not when used with the node server?

I implemented the single file encryption quite early on because it has architectural implications for the way that TiddlyWiki boots up in the browser. Adding encryption of individual tiddler files to Node.js is much more straight forward, and only hasn't been done because there hasn't been any demand. I suspect that there would be better performance by using an encrypted volume to store the tiddler files in any case.

[valpackett]

But using an encrypted volume is not good enough. Data has to be encrypted before it leaves the browser.

[Jermolene]

Data has to be encrypted before it leaves the browser.

We can use SSL for that? Or are you interested in scenarios where the user doesn't trust the operator of the server?

[valpackett]

Yes. Well, the operator must be trusted to deliver the correct (non-malicious) JavaScript, but disk+transport encryption is not end-to-end. Disk encryption is only a last resort thing.

[pmario]

@Jermolene may be labelled: improvement or feature request?

[Jermolene]

See also #310 "Is it possible to encrypt a single tiddler?"

[mgliewe]

i would second that.

while transport encryption ist fine, there are scenarios where the datastore just isnt secure enough.

for instance, i would like to use a tiddler to keep a log of due admin tasks on a live server.
once someone breaks in, i wouldnt like to give the intruder hints what other systems i work on, might be involved or what tasks or strategies are planed in the future.

maybe you could give some basic directions where and what to look for in the source, to try to implement this feature by myself?

[sukima]

No offense but if your concerned about hacking attempts on the disk stirage then placing sensitive data on a server like that is irresposible. For the scenario you describe trusting a Javascript crypti library to perform the job of both disk encryption and SSL seems wrong. Save sesitive data as a single html tiddlywiki instead on an encrypted drive. Not on some public server.

[tobibeer]

Save sesitive data as a single html tiddlywiki instead on an encrypted drive. Not on some public server.

I'd very much agree.

[mgliewe]

Save sesitive data as a single html tiddlywiki instead on an encrypted drive. Not on some public server.

basicly you're totally right. but i'm not talking using a tiddly as secret key store or alike; its more thought as of a collaboration tool for the team.

for instance, i'm working on about 20 different customers a year, each having their own infrastructure; each installation has its issues, timelines etal. right now, we're mis-using gitlab issues and snippets, and local textfiles and saved emails to keep track on how to handle the various systems.

handing over tasks to other team members tend to have a little bit communication overhead.

this ist internal, crucial information, but not neccessarly 'sensitive' as in a 'giving out credentials' .

For the scenario you describe trusting a Javascript crypti library to perform the job of both disk encryption and SSL seems wrong

i'm aware of the implications of that, though that's not entirely a javascript problem but rather a 'trusted source of code' scenario..
javascript itself is nowerdays very well equiped to perform strong encryption, although there are lot of more sidechannel attacks on javascript as there are on native code.

whatever, i discoverd that using the tiddlyspot plugin will fit to my use case es decribed in
http://tiddlywiki.com/#:%5B%5BSaving%20on%20a%20PHP%20Server%5D%5D

[tobibeer]

Still begs the question: Why the need to put it at the server directly?

[mgliewe]

no need.

how i understood the tiddles, its all about not depending on foreign infrastructure..
you got the tiddly, you own it.

[crypdick]

I host my TW5 on Github Pages (like this guy (repo)). It would be nice if to make it so that some stranger would need a password to decrypt my wiki, as well as have the files on the Github repo be encrypted. I like the fact that I can work on TW locally, it generates .tid files, I push those modified .tid files to my Github repo and Travis CI automatically generates the website from the tid files. It would be nice if the .tid files were encrypted from end-to-end.

[jdubbbb]

With the encrypted single html file option seemingly going away with FF57 blocking support for TiddlyFox's functionality, easy full encryption for TiddlyWiki on node.js seems a lot more important.

Or are you interested in scenarios where the user doesn't trust the operator of the server?

I use my TiddlyWiki at work and don't necessarily trust every single IT person that walks in the door or is planning to leave the company. Corporate security software that scans workstations these days is also very invasive and could potentially leak data.