Database encryption?

Discussion related to "Everything" 1.5 Alpha.
Post Reply
kazzybash
Posts: 110
Joined: Mon Mar 02, 2020 9:55 pm

Database encryption?

Post by kazzybash »

Hi,

probably this has been asked here before, but is it already possible to encrypt the .db-file (while in use and by Everything I mean :mrgreen: )? Am I correct that the database is loaded in ram? I am wondering if that could be encrypted (also).

Since the db-file is basically a list of (all or a portion of) the contents of ones hdd it could be of interest to hackers.

Regards, Kazzy
therube
Posts: 4977
Joined: Thu Sep 03, 2009 6:48 pm

Re: Database encryption?

Post by therube »

Without thinking much about it, I'd think you could set up a batch file...

.db is encrypted

decrypt .db
run Everything
on Exit of Everything, .db is written back to disk
encrypt .db

.db is encrypted

(You'd probably want to poll the Everything [GUI] to check for existence so you'd know when to encrypt the .db.)

---

In a broader sense, while the .db may be of interest, if a hacker has access to the .db, then they already have access to your computer, so in that respect, you've lost - already. And then there are other ways to garner a list of your file names, outside of Everything. Even DIR /S, in a very broad sense.
void
Developer
Posts: 16753
Joined: Fri Oct 16, 2009 11:31 pm

Re: Database encryption?

Post by void »

I will consider database encryption.

Thank you for the suggestion.

To make this secure you would have to enter a password when running Everything.



For now, please consider storing your Everything.db on an encrypted volume.
You can set your database location under Tools -> Options -> Indexes -> Database location.



NTFS volumes are typically unencrypted so anyone can read the filenames.
kazzybash
Posts: 110
Joined: Mon Mar 02, 2020 9:55 pm

Re: Database encryption?

Post by kazzybash »

hello therube, void,

thanks for your replies and suggestions.

@therube: I don't have a proper reply to your argument that a hacker who has access to the database apparently already has access to all your files. You may be correct that this is always the case. If that is so, what would indeed be the point of encrypting the database?

@void: thanks for taking it into consideration. I was thinking about your remark that encryption would need a password entered in Everything. That of course does something to the usability of the program. I am using the program 'shadow defender' which is a program that operates as a filter between user-session and os (called 'shadow mode'). A restart renders all changes void and puts the system back to the state it was in when 'shadow mode' was started. All changes per session are written to a buffer-file that is encrypted. I don't know how it is encrypted, but a user never has to give or use a password. Just the toggle 'encrypt write cache' is enough, apparently, to switch encryption on or off.

Kind regards, Kazzy
Post Reply