Bug 485051

Summary: Remove EncFS from the list of supported Algorithms
Product: [Unmaintained] Plasma Vault Reporter: Henning <boredsquirrel>
Component: generalAssignee: Ivan Čukić <ivan.cukic>
Status: RESOLVED INTENTIONAL    
Severity: normal    
Priority: NOR    
Version First Reported In: unspecified   
Target Milestone: ---   
Platform: unspecified   
OS: Linux   
Latest Commit: Version Fixed/Implemented In:
Sentry Crash Report:

Description Henning 2024-04-04 22:16:11 UTC 
I am not sure if this is already done.

A security audit revealed several security issues in EncFS:
https://sourceforge.net/p/encfs/mailman/message/31849549/

These issues seem to not have been fixed to this day:
https://github.com/vgough/encfs/issues/604

The last commit on the project was 4 years ago, it seems unmaintained and is not secure to use.

I would like to discuss the removal from Plasma Vault, as trusting it is dangerous after the known vulnerabilities for years.

Starting with removal from the "list of supported algorithms".

Then Vault should display a message "EncFS has known vulnerabilities, export your data and use a different encryption algorithm" on every decrypt using EncFS.

Then after some time it could be removed from Plasma Vault.

What do you think? Cheers!
Comment 1 Ivan Čukić 2024-04-05 12:28:55 UTC 
The issues with encfs are important for the user to know about, and for that reason Vaults shows the information about the issues.

The problems the audit pointed out relate to using encfs in a situation where the encrypted data is synced to a remote data storage that the attacker has access to. If encfs is used locally only, the encryption it has is good enough. Apart from the message about the security of encfs, an additional deterrent of using it with online syncing is that you can not choose the location of the encrypted data storage when using encfs as the backend.

After the recent news with xz, I'm starting to think that the fact we don't have a new version of encfs is a good thing - we have a version that has been audited and for which we know the faults and when it should and shouldn't be used.

For the things that have active development, an audit (if they have been audited at all) quickly becomes obsolete and new patches might worsen the security. :)
Comment 2 Henning 2024-04-05 18:47:10 UTC 
good points! Interesting, gocryptfs had an audit too, with basically the same result. If an attacker has access to the files on the cloud, they can change things or I dont remember exactly what and hack the decryption like that.

The thing is that when people use local disk encryption, vaults will mainly be used for clouds, so this is the exact scenario to protect against.

I noticed the warning message, and will see if I would want to change something. 

I dont know when gocryptfs and encfs could be recommended then. I also dont know if Cryptomator secures against these threats, and if it is licensed so it could be used (there is no cli interface!).

Agree kind of on the xz comment I guess. Audits are better than "the eyes of the world".