Can anyone recommend a good app to encrypt and store documents locally on a device?
Would a locked Apple Note in the “On My iPhone” be my best bet to hold important personal documents?
on Mac you can look into encrypted DMG or sparsebundle
Create a secure disk image…
1 Like
My personal choice for storing important documents on my iPhone/iPad is 1Password. Some say locked Apple Notes are secure, others don’t.
If you lock a file in Notes, don’t lose your password | Macworld
Locked Apple Notes Aren’t as Secure as You Think - The Mac Observer
1 Like
DEVONthink ToGo does encrypted databases into which you can put files.
Yes, looked AN are secure to store personal documents.
There is a security company who was able to read the headline of a AN with their forensic tools, but first of all, the normal people will never get in contact with somebody, using a forensic tool on their systems, and second, and that is even more important, these forensic tools need an access to the system anyway, so if these forensic tools got access to the system, the one who is using these tools, don’t need them anymore, because he can read the Notes anyway, without the forensic tool.
So yes, looked AN is secure!
If someone knows your passwords, he can access your informations.
If the passwords kept secure, the informations on an Apple are secure.
2 Likes
It’s really difficult to give an answer about whether or not something is secure without knowing things like: it’s value to the owner, it’s value to others, the sophistication of potential adversaries, the likelihood that adversaries will attempt to gain access to it, and the workings of the controls used to secure it.
4 Likes
in terms of security, especially on portable devices such as a USB stick but also works for Mac, etc, I recommend to use Veracrypt to create an encrypte drive or folder . You can even create a hidden folden within the encrypted folder. It is also open sourced
There is a huge problem with “open source” if it comes up to security.
Every code contains bugs, the more code, the more bugs.
Those bugs could make a code vulnerable, and “open source” means, everybody who wants to attack this code, can get the plain code to find one of those vulnerabilities, and use it for an attack.
+1 for Cryptomator. It’s open-source. Robust in my experience.
The iOS app is fairly basic but will allow you to access files from your iPhone.
You will lose per-file versioning (I think) since the OS sees the vault as a mess of encrypted files. But I suppose you could restore the entire vault to a previous state with Time Machine or similar.
Encrypted sparsebundle and a password manager (1Password, Bitwarden) are decent options too.
so closed source makes the app more secured and robust ? On balance, there may be some issue with open source for security app but I personally think that the benefits outweigh the issue and it prevents hidden backdoors or other tricks
Yes, of course!
It just has to be a reliable Developer!
No, unfortunately it does not really!
99,99999% of all User are not able to find a potential backdoor or an other bug in the code.
And there is way to much open source code in the wild, to have the search really be done by the remaining people!
Yes, once in a while there are bugs that had be found, and in the best case scenario, corrected!
But unfortunately, a huge part of those who are able to read and understand the code, are not interested in closing the gaps within the code, but using it for attacks, and their own advantage!
The security of an open source code is a urban legend.
Open source developments do have a lot of value in certain areas, but it is not a good approach for a security solution!
Another option is an encrypted APFS external drive. This has been available since iOS 14. You will need to format and encrypt the drive on a Mac but no additional software is needed on iOS.
After you connect the drive via lightning or usb-c the Files app will prompt you for the password.
1 Like
Ahem, Microsoft? To their credit, they have probably done more for the IT Security community than most. Their long standing “patch Tuesday” releases and the transparency of bug information set the industry standard of patch management. It also tells a story about how hard it is to write secure and bug free code. Making everything work as intended is far from being sure that nothing will break if pushed in unintended ways.
I am seriously doubtful that Open Source is more prone to security issues than commercial. Rather, bad guys are looking for exploits in the most commonly deployed solutions to maximize the reach and impact. They don’t do this by proof reading the source code. It might give additional info once a bug is known, of course.
As to secuing “personal documents” you need to assess the impact of unauthorized disclosure vs convenience and usability. How can the data you are protecting harm you in the wrong hands?
2 Likes
Define “security solution”. In my experience open source is heavily leveraged in securing enterprise environments. Even if using a COTS product, there are usually open source components used.
1 Like
I wrote about “reliable Developer”, not Microsoft!
In this thread we are talking about an “App for an device secure documents storage”.
And yes, of course there are today “open source components” used in COTS–Products, but in a lot of cases these components are not really “open source” anymore, in the way they are used in that COTS.
There is a huge variety of the definition of “open source” today, with an unmanageable amount of different varieties of the Open Source Licences.
They are certainly pitching in as are others.
“Open source software code is available to the public, free for anyone to use, modify, or inspect. Because it is freely available, open source facilitates collaborative innovation and the development of new technologies to help solve shared problems. That’s why many aspects of critical infrastructure and national security systems incorporate it. But there’s no official resource allocation and few formal requirements or standards for maintaining the security of that critical code. In fact, most of the work to maintain and enhance the security of open source, including fixing known vulnerabilities, is done on an ad hoc, volunteer basis.”
- Google Blog
1 Like
Why not? There are plenty of open source products that are safe to consume and are used to both run and secure high value assets. I don’t think you or I have sufficient hard data to make assertions about what is more “secure”; open vs closed source. But, there is data on support and patching metrics, CVE’s, severity, etc. You simply can’t make those claims based on the data, or based on what is actually done in practice.
Disk Decipher works with veracrypt encrypted disks. In my experience it works much more reliably than Cryptomator. Cryptomator on iOS almost always fails as soon as I have more than a dozen files or any slightly more demanding situations.