Comment on Selfhostable notes app that encrypts the files on Disk?

mark@infosec.pub ⁨1⁩ ⁨month⁩ ago

if you’re encrypting at rest you also have to consider where there encryption key is being stored.

if you’re storing the encryption key plaintext on the same drive as the data, there’s not much of a point in encrypting.

a TPM/HSM could solve the issue, depending on how far down the rabbit hole you need to go.

source
Sort:hotnewtop