Mori notebook security, encryption

Submitted by hardcat on Thu, 2005-12-22 22:18.
Project:Mori
Version:1.4
Component:Miscellaneous
Category:feature
Priority:normal
Assigned:Alfonso Guerra
Status:active

Description

Hello,

Currently it is possible to lock items in Mori. Do you have plans to password protect folders and files and also offer encryption? Locking only offers limited security, stops one inadvertently trashing something. Items locked are still visible in Spotlight.

Hardcat

Updates

#1 submitted by Jesse Grosjean on Thu, 2005-12-22 22:44

Of course it depends on how people vote, but so far I'm not a bit fan of implementing security within Mori. As I've said before I think this should really be the job of the OS. Things like user permissions, or encrypted disks should handle it.

The big problem, as you mention, is that when a note's contents is supposed to be only password accessible it breaks a lot of other features. For example it wouldn't be possible to search for that note from within Mori or from Spotlight. Also while it would be possible to encrypt the note content, it would be a lot harder, messy, to encrypt all the note attributes (title, date....).

So in general it's a big pain, and I'd be likely to miss something in making it unsecured anyway. If you really need security, I think you should be encrypting your files with a third party program.

#2 submitted by Anonymous on Sun, 2005-12-25 18:13

I have a good idea for providing encryption. It comes from how the old Sharp Organizer I had used to hide things. You set a password within the program - a menu somewhere, which'd have options: lock, unlock, mark. Any entries you want enrypted, you simply go to this menu and chose Mark. This tags the entry for encryption when encryption is turned on - which is whenever you select Lock, or when you quit. Entries Marked wouldn't make their way into a search until Unlocked.

#3 submitted by grtmagnet on Tue, 2006-10-03 22:40
Version:1.1.2» 1.4

i would love this feature. I have been hoping you would implement it for a long time now (1 year) and has delayed my purchase for some time. I finally caved and bought it, so I guess you win. :-) I still want the feature though!!!!

#4 submitted by programr on Fri, 2006-12-01 18:37

Also looking at purchasing Mori. I agree with you on the fact that the OS should provide encryption, but when you can't turn it on for a single file, we are left to look to application writers to do the chore.

I would like to put access control type information into mori, but am scared about it not being encrypted.

Here's another vote for encryption on specified note entries.

#5 submitted by danzac on Mon, 2006-12-04 09:37

I like the idea of an encrypted folder for password, etc., (like Yojimbo) but definitely not at the expense of significantly delaying Mori's other needs.

#6 submitted by Joe Wiz on Mon, 2007-02-12 00:32

Shouldn't this feature request be 'closed'? It's brought up occasionally, but quickly rebuffed as a feature that would be difficult (if not impossible) to implement given Mori's reliance on Core Data, etc.

#7 submitted by Jesse Grosjean on Mon, 2007-02-12 11:16
Status:active» won't change
#8 submitted by Alfonso Guerra on Thu, 2008-08-28 03:12
Assigned to:» Alfonso Guerra
Status:won't change» active

I think this feature is important enough to include in Mori because once a notebook is decrypted, even temporarily, that notebook is susceptible to snooping. In addition, encrypted data should not be saved as "plain-text" in the indexing data used for Mori's live search and Spotlight, and this is the best way currently available to ensure it doesn't happen.