From 5c5babf9a1d7d52519a827b1f91fae16ec2232a7 Mon Sep 17 00:00:00 2001 From: "Fede.-" Date: Sun, 27 Oct 2019 15:06:14 +0000 Subject: [PATCH] Actualizar 'pp_draft.md' --- pp_draft.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pp_draft.md b/pp_draft.md index d7805a4..19aec76 100644 --- a/pp_draft.md +++ b/pp_draft.md @@ -127,7 +127,7 @@ We store all data in our own servers located in the Netherlands. ## 4.2 - **Disroot Cloud** (https://cloud.disroot.org) - All files sent to the cloud are encrypted with a key-pair created based on the user password, to add an extra level of security. Note however that the keys are stored on the server, which compromises the level of security to some degree (e.g.: once an attacker knows your password and obtained the encryption key-pair, can decrypt the data). However **no** "Master Key" does exist on our setup, which means the Admins cannot decrypt any files stored on the cloud without knowing user's password prior. - - Everything else except for files (calendars, contacts, news, tasks, bookmarks, etc) is stored unencrypted in a database, unless an app provides external encryption (non so far). This is a disadvantaged restriction of the software we are utilizing for this service (Nextcloud). + - Everything else except for files (calendars, contacts, news, tasks, bookmarks, etc) is stored unencrypted in a database, unless an app provides external encryption (none so far). This is a disadvantaged restriction of the software we are utilizing for this service (Nextcloud). - Server logs, which store information such as, but not limited to, your IP address, your username, an app currently used, error messages and User Agent, are stored for a period of 24 hours after which they are deleted from the server. No backup of logfiles are created. Logs are kept mainly to prevent brute-force attacks on accounts as well as provide quick insight when debugging issues. - Service requires login with Disroot credentials.