The Omni Group
These forums are now read-only. Please visit our new forums to participate in discussion. A new account will be required to post in the new forums. For more info on the switch, see this post. Thank you!

Go Back   The Omni Group Forums > OmniFocus > OmniFocus Syncing > Other WebDAV
FAQ Members List Calendar Search Today's Posts Mark Forums Read

 
Is data transmitted securely via WebDav? [A: Yes, if you specify HTTPS in sync path.] Thread Tools Search this Thread Display Modes
If I choose to sync with a WebDav server over http, is the data encrypted in such a manner that an attacker monitoring network packets won't see my sensitive information? How about the information as it is stored on the server? Is that encrypted?

I'm planning on using both the Mac and iPhone clients to sync with a WebDav server.
 
If you've configured it with an https URL it will be encrypted in transit, otherwise not. It will not be encrypted as stored on the disk on the server in either case.
 
Quote:
Originally Posted by whpalmer4 View Post
It will not be encrypted as stored on the disk on the server in either case.
I would clarify this to say that it may not be encrypted on disk. Swissdisk, for example, does also encrypt the data on disk.
 
Quote:
Originally Posted by curiousstranger View Post
I would clarify this to say that it may not be encrypted on disk. Swissdisk, for example, does also encrypt the data on disk.
Fair enough, but the data is decrypted after it emerges from the networking stack, before it gets written to the disk. If you aren't willing to trust the provider to keep prying eyes away from their disks, are you willing to trust that they can keep them away completely? It will discourage the casual snooper, but I wouldn't rely on it to stop a determined attack if your data is worth stealing.
 
Quote:
Originally Posted by whpalmer4 View Post
Fair enough, but the data is decrypted after it emerges from the networking stack, before it gets written to the disk. If you aren't willing to trust the provider to keep prying eyes away from their disks, are you willing to trust that they can keep them away completely? It will discourage the casual snooper, but I wouldn't rely on it to stop a determined attack if your data is worth stealing.
Agreed. Most security standards require transport encryption and encryption at rest, but data is not usually encrypted on the entire path between those two states. Most data compromises happen due to unauthorized access to data at rest.

Given a determined enough attacker, no data is secure, so I'm satisfied with keeping the bottom 95% away ;)

Quote:
It will not be encrypted as stored on the disk on the server in either case.
To the original point, Swiss Disk does encrypt the data stored on disk.
 
 


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes


Similar Threads
Thread Thread Starter Forum Replies Last Post
data loss when entering data during sync kasi OmniFocus for iPhone 3 2009-11-21 09:06 PM
Problem when webdav path and directory don't match bnz Other WebDAV 1 2008-09-14 01:33 PM
Bingodisk, WebDav, and SSL/HTTPS kingsinger Other WebDAV 1 2008-08-12 06:03 PM
Getting wrong data on iPhone after sync (cPanel; WebDAV) omnibob Other WebDAV 2 2008-07-28 07:49 PM
iCal Sync: Prefix with complete path of Context jolepabo iCal Sync 0 2007-11-17 06:05 AM


All times are GMT -8. The time now is 10:58 AM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2019, vBulletin Solutions, Inc.