I have discovered an extremely concerning and disheartening security flaw in the Nextcloud E2EE system. Please address this issue ASAP.
While testing the E2EE system I have discovered that the files stored in the “encrypted” folder are in fact being stored as plain text on my servers. I followed the standard procedure of creating an empty folder, and right-clicking it in the desktop front-end and clicking on encrypt. The folder is marked with a green lock in the front-end marking it as an encrypted folder. Then I added files in the folder in Windows Explorer to the encrypted folder and waited for the front-end to inidicate that the syncronization process has completed. When trying to access the folder through the web interface, it says that operation is not permitted, as is to be expected.
After this procedure, I looked inside the data folder on my server, and I have found that the flles in the encrypted folder are present in plain text just as any other non-encrypted folder.
Please take the necessary precautions, and investigate how this obvious security flaw was allowed to exist in the code. I believe this issue is easy to reproduce, as I have not done anything unusual to produce this issue.
Please note that this is a very serious issue. It is not security vulnerability in the sense of a bug in the code. This is either malicious code or at the very least a case of extreme negligence. I would consider the code as a Trojan Horse.
I suggest that the E2EE feature should be disabled until a full investigation has occured.
I wrote on the issue. I cant replicate it with my servers and clients (android and linux) When i have end to end encryption app enabled and have set the password for the folder on the client i get encrypted files on the server.
I responded on the GitHub issue page to keep the discussion on one place. I am glad to know that that this is at least configuration specific. However, E2EE should not depend on server configuration under any circumstances, as that is the whole goal of E2EE, that the client should not trust the server.
From the comments on GitHub, I have identified the cause of this issue. Subfolders within the encrypted folder are syncronized as plain text.
This is an EXTREMELY serious usability issue. While it is technically a user-error that my files did not get encrypted due to having placed them in a subfolder, when it comes to encryption and possibly sensitive files the software must protect the user from such accidents.
I do consider myself as a tech-savvy user. If I can make this mistake, I would expect that many others would.
Note that the files would be automatically uploaded to the server before the user has any chance of correcting their mistakes, which means that if the documents are confidential, then they would already be leaked. This is not an acceptable outcome.