Hypothetical question about data security

I may be wrong, but I get the sense by reading some of the posts about security that third party plugins cannot be 100% guaranteed to be secure and therefore there is the isolated possibility that your notes could potentially be uploaded or accessed.

I realize that to be safe I should just keep information off of a computer that is internet connected or will ever be internet connected, or just computers in general.

However, I am wondering if it is 100% safe to install obsidian and third party plugins on an offline computer then create a vault with sensitive information in it, then remove that vault from the hard drive, uninstall Obsidian/plugins, then connect that computer to the internet.

I guess I am asking, do plugins potentially have the ability to save files outside the vault or Obsidian installation program folder or any folders where Obsidian leaves behind data after an uninstall? This is not ruling out the chance that there could be malware on the computer. However, I am ruling out scenarios where the malware alone was capable of uploading this data without the help of the plugins.

I truly am sorry to bring up such a negative thought, but I am genuinely very curious about this as I have forced myself to avoid many obviously helpful tools out of fear. This is really a compliment and represents how useful I find Obsidian that I am asking.

So really, I am just wondering how warranted my fear is, assuming that the data I am concerned about is priceless and would be just as well left out of Obsidian and off of the computer.

But obviously, if I knew it was 100% safe, I would like to use Obsidian with it, which is why I ask. If I can get a good answer, I would be happy to delete this topic as I am definitely not trying to imply any risks unnecessarily.

And please let me know if I have crossed a line with this question, and I will delete this and go to some security forum or something. I just don’t have any security experts to consult so I figured I would go to the source, since my question is unique to Obsidian, I think.

Thanks and sorry for such a downer question.

6 Likes

I think that if you stick to the popular plugins made by the members of this community you shouldn’t have to worry. But in the end, security is about trust so you have to decide for yourself if you trust the people making the plugins. You can check the code on github, or trust that if enough people use the plugins someone will notice unusual behaviour but you can never be 100% sure.

One step you can take to improve security without having to completely disconnect from the internet is to use a firewall app like LuLu or Little Snitch (if you’re on a Mac, but there should be similar alternatives on Windows and Linux as well). They will basically alert you whenever an app or process tries to contact a remote server so that you can decide whether to allow the connection or not. I whitelisted the servers used by Obsidian itself (this assumes that I completely trust the Obsidian devs) so now I only get alerts whenever a third-party plugin tries connect anywhere and then decide whether to allow it or not (generally they just connect to github to check for updates).

Additionally, I like to keep my notes synced between my devices but I don’t want Google or Dropbox to be able to read them. So another thing I do is use a program like Cryptomator or Rclone to automatically encrypt and sync my notes with cloud services (the vault will still appear as a regular folder on your local machine).

7 Likes

Thanks! This is excellent information and I greatly appreciate the time you put into such a thorough and thoughtful response.

I am definitely going to look into Windows firewalls and the encryption software you recommended.

I will still keep this post up for now as I am holding out hope that I may get some more specific information about the limits or lack thereof that the third party plugins have or could be contained by.

I will also consider the fact that with time, credibility can be earned. But I still fear that the checks by the community only apply to the most recent version, so any update could potentially bring new code or concerning behavior that may be unreported until after it is too late, if at all.

It kind of freaks me out that the updates could be switched in for just long enough to accomplish their goal, so you are probably right that it all comes down to complete trust of a someone with your potentially most valuable assets, regardless of any guarantees.

I guess assuming the computer was never connected to the internet and had no wireless card, I should be safe. And if I were to ever connect the computer to internet, I would have to either replace the hard drive or trust the hard drive wipers, which I understand are also not 100% effective.

What a world. Fortunately, people are building awesome programs like Obsidian that make the risks worth it to a certain extent.

Thanks again!

1 Like


the answer is yes.

Maintaining an air-gapped computer is pretty intense level security.

In matters of security, it is easy to get into a rabbit hole and optimize against unrealistic scenarios. It is better to have a clear threat model in mind (against what exactly are you trying to protect yourself?)

Are you afraid that 3 letter agency is after you? (They can get warrant too)
Are you afraid of commercial espionage?
Do you think your notes are so important that somebody would hire a hacker to break into your computer and take your files?
Are you afraid of a generic malware/ransomware?

Are you afraid that a malware and an evil plugin will work together (accidentally or on purpose) to exfiltrate your notes. That the person on the other side of this, reviews all the files they get, understand their value, and blackmail you?

Only you can answer these questions and act accordingly. But if your level of defense has to be sky-high, should you trust windows? should you trust obsidian itself?

EDIT: I suggest you look into sandboxing/app conteners (like: https://sandboxie-plus.com/)

3 Likes

Thank you.

I understand completely and can rest assured that I am not overly concerned and limiting myself by not using the plugins and Obsidian with sensitive information.

For the record, I was going to delete this entire topic once I received an answer that cleared things up for me, but it tells me I do not have permission without flagging it.

I am just as happy leaving it up, but want to make it clear that my intention was definitely not to incite unwarranted paranoia. In fact, I have done the opposite, at least for myself.

So, this is not me flagging the topic for deletion, but rather giving anyone with the power permission to remove it if they would like.

Thanks again for the honest and clear response!

there Is no need to delete it. it might be useful for other users.

5 Likes