Open Blamarama opened 7 months ago
I've been playing around with encryption, so maybe soon. But if they have access to the system they can run Ditto and see the contents. Do you not have bitlocker on your computer, should be the same.
I do have bitlocker. Now that you mention it, their reasoning is completely bonkers. Anyone who can access my system will have access to all kinds of things infosec wouldn't want them to have--including Windows clipboard history, which is what they want me to use in it's stead.
You have helped me quite a bit already, I will get back to them on this. I believe encryption would be what they want, and it would make it more secure, but it seems like they're applying unequal standards here. I can work with them on that. Thanks!!
On Tue, Apr 16, 2024 at 10:53 AM sabrogden @.***> wrote:
I've been playing around with encryption, so maybe soon. But if they have access to the system they can run Ditto and see the contents. Do you not have bitlocker on your computer, should be the same.
— Reply to this email directly, view it on GitHub https://github.com/sabrogden/Ditto/issues/657#issuecomment-2059420083, or unsubscribe https://github.com/notifications/unsubscribe-auth/BHZRHFHM2AFVVR3M5NWVTVDY5VCORAVCNFSM6AAAAABGFPH47GVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDANJZGQZDAMBYGM . You are receiving this because you authored the thread.Message ID: @.***>
Hey @sabrogden,
Sadly I've had to switch to another clipboard manager due to the lack of encryption.
I'm using copyq
with gpg4win
which provides GNU Privacy Guard on Windows.
I'm wondering if GPG integration is something you might consider for future versions of Ditto?
Greetings,
I love Ditto. It's SO MUCH better than Windows clipboard tool. Unfortunately, I'm going to have to stop using it. Apparently, Ditto stores the data in an unsecured SQLite database that is open to anyone that has access to the system. Our security team has a problem with that.
Is there any change I could make to secure the DB? I am thinking storing it in a folder that has restricted access (to my own and higher-level accounts) but was wondering if any of you have encountered this problem and how you resolved it.