Deleting attachments
This really applies to all versions of 1Password, but I'm on my Mac at the moment.
...I know this is a noob question, but what happens when you click the minus next to an attachment to delete it? How does it delete it? Does it send it to the trash/recycle bin and we should then securely delete it? Or does 1Password securely delete it automatically after we click the minus icon?
I know I could just try it myself, but I rather know for sure before I actually did it just incase. Yes I know Agilebits knows what they're doing, but again...just incase! :)
Thank you!
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Comments
-
Hello @ScarySulley,
In the locally stored vault (the encrypted SQLite database file) we store the attachments inside the database. Currently when you delete an attachment we simply remove the entry from the database. So deleting an attachment won't move the attachment to either OS X's Trash or the Trash inside 1Password as attachments can't exist by themselves. It's basically like the attachment was never there. Now the attachment will be in your backups but they are all copies of your encrypted SQLite database file so it isn't possible to access a copy without the required Master Password.
Does that help at all? If it doesn't please do let us know :smile:
0 -
Thank you for the info. So essentially 1Password deletes attachment on it's own without the user needing to finalize the deletion like you normally would with deleting a file from Finder and emptying the Trash. Once an attachment is deleted (the minus sign clicked), the attachment is gone and no further action is needed.
This brings another question to mind. When data is deleted from 1Password (attachment, text, password, an entire login entry, etc.) how is it deleted? I know when you delete a file on a computer and empty the Trash (or Recycle Bin for Windows), the file isn't actually deleted (unless you do a secure delete), but rather it's entry in the file system table (not sure of the actual name) is deleted and that space it once occupied has been marked as available to write over. So if that area has not been written over with new data, it would still be possible to recover that data with specialized software. And I know that data has to get deleted in other places such as where someone syncs (Dropbox, iCloud) and other devices.
Sorry, I know I just made that way more technical that it needed to be, but I'm just curious.
Thanks again! :)
0 -
Greetings @ScarySulley,
Sorry, I didn't make that clear enough. After you delete attachment via the button you have to save the change. If you delete an attachment but instantly regret doing so cancelling edit mode will mean the attachment is still present. Once you've saved the changes though there is no retrieving the attachment without going via a backup.
As for how we interact with the file system, deleting an attachment would result in the size of the database shrinking and so we would use fewer sectors on the local storage device. It would seem very likely they are simply marked as available but don't forget, the sectors freed up won't necessarily map to those that stored the actual attachment and the entire database is encrypted - deleting the attachment doesn't ever leave it in an unencrypted state.
I can't comment on iCloud because it's a black box but with an Agile Keychain in Dropbox it would mean a single encrypted file is deleted and after that it's about how Dropbox handles it. I'll wait to see what questions arise from this :smile:
0 -
Thank you for the further clarification @littlebobbytables,
So clicking the "minus" sign is not final, you have to click Save to make the deletion final and the attachment is permanently deleted. So in effect the "minus" sign is like deleting a file from Finder and clicking Save is like deleting the file from the Trash. Once Save is clicked, the attachment is officially gone.
As for the more technical stuff, I think I see what you're saying to a point. Even if that attachment data was still physically on the drive but marked as available for new data it would be encrypted. So if the freed up sectors did contain the encrypted attachment data (or any data really) and that was recovered, could that be decrypted using the master password even though that attachment data is no longer part of the encrypted vault? I hope that makes sense!
Wow I really made this more technical lol, sorry! :)
0 -
As for the more technical stuff, I think I see what you're saying to a point. Even if that attachment data was still physically on the drive but marked as available for new data it would be encrypted. So if the freed up sectors did contain the encrypted attachment data (or any data really) and that was recovered, could that be decrypted using the master password even though that attachment data is no longer part of the encrypted vault?
@ScarySulley: Oh wow, that's a mouthful. Great question! You're spot on with this. The answer to your question is no, it couldn't simply be deserted using the Master Password. When you enter it to unlock your vault, 1Password also run it through many PBKDF2 (hashing) iterations.
Now, it is theoretically possible that someone could reconstruct your vault and add the attachment data and decrypt it using your Master Password...but if they already have your Master Password it would probably be much easier for them to simply restore an old backup and unlock the vault normally.
Like anything else stored on your computer when data is deleted it isn't quite deleted; only the metadata is removed. But since 1Password encrypts your data (and hopefully FileVault2 as well!), you've essentially got 'free space' composed of random noise sitting there — until such time as the space is reclaimed to be written with some other data. I hope this helps! :)
0 -
Thank you for the response (and patience :p )!
So in short the deleted data could not be unlocked with the master password. It's just a bunch of random and useless noise of 'free space' on the hard drive until it's written over with new data.
Thank you and @littlebobbytables again for your informative and technical responses.
0 -
So in short the deleted data could not be unlocked with the master password. It's just a bunch of random and useless noise of 'free space' on the hard drive until it's written over with new data.
Precisely! On behalf of lil bobby and..well, myself, you're most welcome! I'm glad that helped. Now that you mention it, I probably could have gone with a shorter explanation, but I'm happy to provide some detail as well. ;)
It sounds like you should be all set, but don't hesitate to reach out if you have any other questions or comments. Cheers! :)
0
