Cloudant encryption?

[tonyt]

Hi Brendan
Any more news / progress on securing data on their servers? Kind of important to me!
Cheers…..

[Brendan]

Cloudant told me they were going to be doing something in that area, but I haven’t heard back from them since I asked them about it. I wrote some code to encrypt and decrypt the data as it’s synced, but I never enabled it. There were potential problems with it that could have resulted in loss of data in Cloudant and I didn’t want to take the chance. Things could go wrong. One thing could be if you changed the encryption key or if you decided to turn off encryption then you could have a situation where some data was encrypted with one key and some with another key or the data could be unrecoverable if you forgot the key (which does happen quite often). But maybe I’ll have to revisit it soon. For now maybe stick with Nearby sync for those documents which contain your sensitive data.

[Adrian Mathie]

Brendan,

If I’ve understood your post correctly, in moving from Tap Forms V3 to V5, encryption whilst syncing is no longer available?

Please could you clarify.

Thanks

[tonyt]

Hi Brendan

So if I have stuff in the cloud I dont want up there, somewhere, what do I do to get it out of wherever it is?

Cheers….

[Brendan]

Tony, you can delete the database in Cloudant that matches the database name that you see on the Cloud sync settings screen in Tap Forms. That’s all you need to do to get rid of the data in Cloudant.

Adrian, yes that’s correct. If you need a fully encrypted environment, then you can encrypt the documents inside Tap Forms and use Nearby sync.

[Adrian Mathie]

Brendan, I really want you to make a great success of Tap Forms and have been a loyal supporter. So, in that context, I’m pretty surprised that we weren’t warned that by upgrading Mac and iOS versions and by using the new cloud sync system, our data is no longer encrypted. My data is now sitting unencrypted on a third party server in the cloud.

It seems like the synchronization in Tap Forms has always been it’s weak link. Other small developer applications like Things, Mind Node, Celtx, Scrivener seem to work flawlessly. Perhaps I’m underestimating quite how difficult it is. Is it not possible to find a robust and secure solution for cloud sync?

[Brendan]

Hi Adrian,

I’m very sorry for this issue. I understand your concerns for sure. Initially I had asked IBM if the data was encrypted on their servers and they said it was. But then someone else also said it wasn’t. At least not for the “multi-tenant” servers. For private servers that they manage, encryption of data at rest is an option. But then they also told me that they were going to offer a new service later that would have encryption. But they never got back to me on that.

However, I have been working on an experiment to try and integrate with Apple’s CloudKit to be able to provide an additional cloud sync service. I’m still in the investigation stages though, although I haven’t managed to get back to it in a few weeks. I’ve been working mostly on bug fixes and minor new features. But if I’m successful with that, then your data will be stored on Apple’s servers in an encrypted format.

In the meantime, you can use Nearby sync for all your private data if you like.

[Adrian Mathie]

Thanks Brendan, that’s good to know.

[Adrian Mathie]

Hi Brendan, as you know, I wasn’t able to send my database file from my Mac to my iPhone using the Tap Forms transfer method (a prerequisite for setting up syncronisation) because of the problem of running OS10.11 on my Mac and iOS10 on my iPhone.
The good news is that having upgraded my Mac software to Sierra (OS10.12) I was able to send my database file across and have now set-up “Nearby syncing” which is working so far.
I know the limitation of this is that the database document has to be actually open on the devices which are syncing (not possible if say you’re entering data on your phone away from home) but presumably it should “remember” the edits you’ve made and update them the next time the document is open on both devices. Also, presumably both devices need to be connected to the same network?

[Brendan]

Hi Adrian,

iTunes File Sharing was another option for transferring the file from your Mac to your iPhone. But I’m glad that the Send Document function is working for you now that you’ve upgraded to macOS Sierra.

Every copy of Tap Forms contains its own database. So any changes you make will be stored locally. When you connect to the same WiFi network and open up the same document in Tap Forms on both devices, they should sync automatically. You can also make a small change on one device to trigger the sync process too.

[Adrian Mathie]

Thanks Brendan, that’s the way I was hoping Nearby sync might work.

[rockies]

Dear Brendan,

I am disappointed to be reading these posts about lack of data encryption on Cloudant. As an encryption layperson using this App, I thought my data were encrypted as they were in previous TapForms versions. Now that my data are on a server unencrypted, I get the impression from articles on encryption that the data can never be erased and will always exist in some form in an unencrypted format.

As for users who lose their passkey, I know Apple, Microsoft, etc. will not help me recover a passkey if I forget it and I knowingly password protected my files. Previous versions of TapForms gave me the impression that nobody would help me recover my passkey or my data.

I am extremely disappointed this has occurred with the new TapForms and that it was not communicated more clearly as the switch was made to Cloudant.

Please consider making the use of encryption a top priority for your users who may be misinformed and/or in need of this feature.

[Ivan Herman]

Just to add my voice to this: I hope this issue will be solved soon, because it is a concern. I understand that IBM is a huge company and I could give them some confidence that their cloud data is properly secured against hacking, but we know that this is not a long term solution; our data must be encrypted. If sync can move at last to the apple iCloud services, that would be a perfect solution as far as I am concerned, knowing Apple’s attitude v.a.v. private data confidentiality and encryption.

Brendan, I realize everybody wants a piece of you, but do you have any idea when this issue will be solved? Just to give us some confidence?:-)

Cheers

Ivan

[Brendan]

Hi Ivan,

I’m currently (in between other things) experimenting with adding Apple’s CloudKit to Tap Forms. But even though you would think that Apple would make it easy for developers to use, it’s extraordinarily complex. Even with the sample code that I have to work with I’m finding it to be very finicky and there’s a ton of things to learn and lots of questions that have to be answered. So right now it’s just in the experimental stages and I have no concrete response to when or if even ever I’ll be able to get it to work for such a complicated database as Tap Forms. Other developers use it quite successfully for things like syncing the last scroll position of your device in a Twitter app. But when you’re dealing with complex relationships between entities, photos, and file attachments, it gets super complicated. It’s like having to write my own sync engine all over again. Something that I wanted to avoid and why I chose Couchbase Lite as my database engine, because it had syncing built-in. But only when the back-end supported it, such as does IBM Cloudant.

In the meantime, if privacy is a concern, use Nearby sync.

[Ivan Herman]

Hi Brendan,

sorry to hear all that…

However, before I loose lots of time with the Nearby sync because, forgive me, the manual is a bit terse, I want to clarify some thints. Is it correct that there is no automatic sync with Nearby sync, ie, that I have to initiate the sync manually? (A bit like it was for Bento?)

Also, the sentence

Each device must be on and have the same database document open at the same time in order for Nearby sync to function. The moment you make a change on one device is when synchronization will begin on all your devices.

is not clear to me. Does it mean that I have to make changes on a database (if I want to sync it) while all the devices are on with the corresponding databases open at the same time? It sounds fairly restrictive… It is fine if I have to sync “Bento style”, ie, I have to push a button to get it done, but that description makes me worried…

[Brendan]

Nearby sync is automatic, but you do have to have the same document opened at the same time on each device you’re syncing with. When you open a document, Tap Forms registers on the network the document ID along with a sequence number. The sequence number indicates what the last change was that was made on that device. When another device comes online and opens the same document, it will know that the other device has changed since it last synced with it. Each document keeps track of the last sequence number that was synced from each of the other devices that are listed in the Nearby sync screen. When the other device’s sequence number is higher than the local device’s sequence number, Tap Forms will ask the other device for the list of changes that were made after that device’s last sequence number. So it basically pulls the changes from the other device since the last time it pulled.

To make a short story long, yes, Tap Forms Nearby syncs automatically. But only if you make a change so there’s something to sync.

[Author]

Posts