Admin can access data of a user?

I think the same, für me it ends here, thanks.

The problem of the cloud or mail server or whatever is that giants hide the difficulty of the infrastructure. Users want security and simplicity but this is impossible.

For example, in WhatsApp there is a verification with QR code to avoid a MITM but nobody knows because there is no information about that. On riot there is a verification too and riot are not afraid to write “your connection is not secure”.
Nobody knows that smtp, imap, SMS… are not secure, that giants and governments analyse and cross your data.

So yes NC is a good privacy cloud because they don’t hide what is behind the scenes.

If the admin has enabled encryption on the entire Nextcloud instance, then the Impersonate app won’t work, even for the usually all-knowing admin. Encryption scrambles the files.

Encryption app dont stop admin watching your data…

I’m not quite sure I follow. How can an admin watch your data?

Logged in to an encrypted system as admin, the only thing I can see with the files are the names and extensions. Even if I put in a plain file, say one named file.md, with the following text in it, it is encrypted and scrambled.

This is a test.

Looking at the file in ‘vi’ shows how it is encrypted. There is nothing in there to indicate what the file contained. You could guess from the file extension what the file might contain, but that is about it.

Yes, but the keys for decryption are stored in the database. So an admin could go there, get the key and decrypt the files. It’s not impossible to see the files for the admin, just harder :wink:

Gotcha. This is good to know! Thank you.

But each key is itself encrypted with user’s password that an admin doesn’t know, isn’t it?

This topic was automatically closed after 24 hours. New replies are no longer allowed.