search

Kunzisoft / KeePassDX

Lightweight vault and password manager for Android, KeePassDX allows editing encrypted data in a single file in KeePass format and fill in the forms in a secure way.
https://www.keepassdx.com/
GNU General Public License v3.0
4.7k stars 276 forks source link

Capture confidential photos (e.g. recovery codes, confidential white boards) directly in Keepass DX without traces in the system? #1123

Open kraoli opened 3 years ago

kraoli commented 3 years ago

Is your feature request related to a problem? Please describe. I like to take photos as notes. Sometimes for confidential things like a white board but also hand written notes. At the same time we sometimes get long recovery codes for accounts or QR codes or important documents that we have to keep.

A camera is perfect to capture all that, but I think it's too dangerous to make photos that are accessible for a lot of apps. The permissions in android are still not that detailed to control it.

Thus, it would be great when you can save photos directly as an attachment in a keepass note. In a way that it leaves no traces in the system otherwise.

When I'm not wrong, pictures in secure messengers like Signal are also not visible outside of the app and are stored encrypted.

I'm not sure it's really possible to transfer the camera data stream directly into the app without leaving caches and stuff like this, I don't know Android internally.

I know that Keepass DX philosophy is to offer only core features, which is great to keep it simple. But passing information securely a core task for me personally, like the magic keyboard. And maybe it's not complicated after all to implement for the camera.

When this was be possible in Keepass DX it would be super helpful.

J-Jamet commented 3 years ago

Yes, it is possible, but you will have to set up an on-the-fly resizing system for the storage. Because by default the photos of the new devices are very large and the goal is to recover only the information of the photo to recover. I'm also afraid that people will abuse it if there is a button that facilitates photo integration. The more files there will be, the slower the opening of the database will be.

Other applications would only be able to retrieve a file if there is full access to the file system and a background service is active. For newly installed applications, you just have to be careful and not give all the permissions. This may also be the case with applications already integrated into the phone with a system overlay, but in this case, even the camera stream may be compromised, so it is the entire phone or OS that needs to be changed.

I think about it but for the moment I prefer to focus on the current roadmap.

kraoli commented 3 years ago

Thanks for thinking about it. I obviously like the feature a lot, but I have full understanding when it's not fitting to your roadmap too.