More info please on ccviewer #34
Description
I am very interested in ccviewer, but I don't have enough info to decide whether to use it.
Because most cloud providers already have pretty good apps for accessing unencrypted files on an iphone, my usecase is primarily to access encrypted files (encrypted using rclone, cryptomator, encfs, etc) that I have stored on the cloud). These encrypted files hold stuff I am not particularly interested in sharing with cloud providers.
But to be comfortable accessing this data with ccviewer, I want to know the following things:
-
are you using existing software packages (in the form of compiled codes from publicly available source from rclone, plcloud, etc) that have been embeded into ccviewer, or are you replicating the algorithms found in those packages? I would feel more comfortable knowing that the codes are directly taken from the original authors and updated when bugs are found and fixed by those teams, rather than using some method of translating those codes (by hand or automatically) to another language.
-
can you describe the mechanisms you are using for storing (or not) the passwords, keys, bucket IDs, necessary to access the encrypted files? I would like to make sure that these pieces of information are handled securely, and I would like to make sure that they are not accessible to other apps. Are the mechanisms used by the original teams being for storing this information being used by ccviewer or have you chosen another approach? Is your approach a common strategy used by iphone apps?
-
have you considered a security audit?
Thanks for providing us this cool tool. I can't find anything quite like it, so I hope your answers reassure me that it is a good choice for my usecase
Phil