recommendations icon indicating copy to clipboard operation
recommendations copied to clipboard
verified publisher icon nextcloud

Don't show E2EE encrypted files

Open camilasan opened this issue 5 years ago • 7 comments

That is how it looks like when the app displays encrypted folders/files: encryptedfiles

I think it is safe to say it is useless to display them like that :)

What do you think?

camilasan avatar Jul 11 '20 19:07 camilasan

Makes sense!

It has to be solved in server, possibly, because we use its API for the most recent files. Filtering those results is problematic, e.g. if the first ordinary file is hidden behind 200 encrypted ones. We might just do the filtering there :shrug:

ChristophWurst avatar Jul 15 '20 17:07 ChristophWurst

OK, should I open an issue there?

camilasan avatar Jul 15 '20 18:07 camilasan

I think we can leave it here. @icewind1991 would it make sense to filter out these entries from https://github.com/nextcloud/recommendations/blob/1699bd1700e8e3a3a29e34391c3b251096c6cfd3/lib/Service/RecentlyEditedFilesSource.php#L60?

ChristophWurst avatar Jul 15 '20 18:07 ChristophWurst

@camilasan Are you talking about files encrypted with the built-in encryption app or files that were encrypted in some other way (i.e. external to Nextcloud)? The former should be straight-forward, but the latter not so much.

One possibility would be to implement exclusion of files by tag or by hidden status. In either case it would fall upon the user to assign the appropriate tag or hidden status (such as by organizing the files within a hidden directory). Issue #353 deals with the exclusion of hidden files.

blkqi avatar Jan 12 '21 21:01 blkqi

@blkqi In my case I was testing the end to end encryption on the desktop client. I would encrypt on my desktop and then the client would sync it with the server. These were the files on the screenshot in the issue description.

camilasan avatar Jan 13 '21 08:01 camilasan

@camilasan I think that case is going to be difficult to handle directly. While certain encryption schemes are easy to identify, there are many that aren't. And in any case, your issue deals not with encryption of the file data, but the file name.

To resolve this issue, I would stick to my previous suggestion of allowing users to exclude files by placing them under a hidden folder (.e.g .Secure/) or uploading them with a specific tag (e.g. no-recommendations). Either of these features would additionally support use cases beyond the one in discussion.

blkqi avatar Jan 13 '21 15:01 blkqi

I missed that you were using the official desktop client. If the desktop client sets the encrypted flag in the file cache then they should be easy to filter using !$node->isEncrypted().

blkqi avatar Jan 13 '21 20:01 blkqi