diff options
author | utopiatopia <98685984+utopiatopia@users.noreply.github.com> | 2023-11-27 02:12:26 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-11-26 18:12:26 -0800 |
commit | 434c32003ffd439f42e427bfef9265241a4a1243 (patch) | |
tree | c58e789d02a8b5a4e49f7cb2da3adfaf83edac92 | |
parent | 48a31e8154b7201ace29ec71461ffc82fa01920b (diff) |
Document security risks of eavesdropping (#1834)
* Add security risks of eavesdropping
* Remove "Limitations" heading and dedent subheadings
* Move Plausible Deniability/Spying/Saved Passwords up above the long Shell History section
---------
Co-authored-by: Micah Jerome Ellison <micah.jerome.ellison@gmail.com>
-rw-r--r-- | docs/privacy-and-security.md | 48 |
1 files changed, 29 insertions, 19 deletions
diff --git a/docs/privacy-and-security.md b/docs/privacy-and-security.md index f855cc3e..df19ea13 100644 --- a/docs/privacy-and-security.md +++ b/docs/privacy-and-security.md @@ -14,6 +14,35 @@ program there are some limitations to be aware of. passwords can be easily circumvented by someone with basic security skills to access to your encrypted `jrnl` file. +## Plausible deniability + +You may be able to hide the contents of your journal behind a layer of encryption, +but if someone has access to your configuration file, then they can figure out that +you have a journal, where that journal file is, and when you last edited it. +With a sufficient power imbalance, someone may be able to force you to unencrypt +it through non-technical means. + +## Spying + +While `jrnl` can protect against unauthorized access to your journal entries while +it isn't open, it cannot protect you against an unsafe computer/location. +For example: + +- Someone installs a keylogger, tracking what you type into your journal. +- Someone watches your screen while you write your entry. +- Someone installs a backdoor into `jrnl` or poisons your journal into revealing your entries. + +## Saved Passwords + +When creating an encrypted journal, you'll be prompted as to whether or not you +want to "store the password in your keychain." This keychain is accessed using +the [Python keyring library](https://pypi.org/project/keyring/), which has different +behavior depending on your operating system. + +In Windows, the keychain is the Windows Credential Manager (WCM), which can't be locked +and can be accessed by any other application running under your username. If this is +a concern for you, you may not want to store your password. + ## Shell history Since you can enter entries from the command line, any tool that logs command @@ -198,25 +227,6 @@ vim.api.nvim_create_autocmd( {"BufNewFile","BufReadPre" }, { Please see `:h <option>` in Neovim for more information about the options mentioned. -## Plausible deniability - -You may be able to hide the contents of your journal behind a layer of encryption, -but if someone has access to your configuration file, then they can figure out that -you have a journal, where that journal file is, and when you last edited it. -With a sufficient power imbalance, someone may be able to force you to unencrypt -it through non-technical means. - -## Saved Passwords - -When creating an encrypted journal, you'll be prompted as to whether or not you -want to "store the password in your keychain." This keychain is accessed using -the [Python keyring library](https://pypi.org/project/keyring/), which has different -behavior depending on your operating system. - -In Windows, the keychain is the Windows Credential Manager (WCM), which can't be locked -and can be accessed by any other application running under your username. If this is -a concern for you, you may not want to store your password. - ## Notice any other risks? Please let the maintainers know by [filing an issue on GitHub](https://github.com/jrnl-org/jrnl/issues). |