Data security

From FreeMind
Jump to navigationJump to search

Data security:

Security of the data is of concern. One security-related risk is the risk of inadvertent data loss, another one is of data theft. The author of the following is not a security expect; in case of doubt, it is advisable to contact a security professional to perform an analysis or audit.

  • Unauthorized access to data or data theft is limited by encryption feature. Thus, the user can select a particular branch of the mind map as encrypted, password-protected. There is no encryption by default. This function relies on the encryption services provided by the Java platform. What extent of true security this achieves is unclear; we are aware of no security audit in relation to this FreeMind feature. Having an encrypted section seems out of scope of the core FreeMind feature set, and there is a risk that a user creates a false sense of security achieved by using this function. FreeMind is not designed as a password management software and it appears advisable to avoid using FreeMind for the purpose. In case of more serious doubt, this internal encryption feature would be disabled and users would be asked to use e.g. zip to encrypt the whole mind map as, say, PersonalConsiderations.mm.zip. Then, the user would have the encryption method and its strength under strict control, using encryption tool that is specifically designed to address that task.
  • Data loss risk is mitigated by FreeMind saving automatic backups into a certain folder, per Automatic backup. However, this same feature could make data theft easier (needs clarification). In any case, it is a recommended practice to set up a regular backup procedure for any important files, not just FreeMind files. What FreeMind provides here is a crutch for people not disciplined enough to setup a proper regular backup process.
  • Since FreeMind mind maps are plain text files, any spyware aware of FreeMind file format can take away information from FreeMind mind maps. In this regard, FreeMind mind maps fare no worse or better than plain text files, so cherished by many a Unix user, or unencrypted Microsoft Office files (Word, Excel, Powerpoint) for that matter.
  • FreeMind 0.8.0 introduced undo and after a disagreement in the team, the version was released with undo that cannot be disabled. This is a violation of Mill's harm principle, treating FreeMind users as kindergardeners who need tutelage. And it is not clear what kind of security risk this mandatory use of undo creates on its own, especially given that the storage for undo purposes is in XML format, ready in a form that can be transmitted over the network.
  • Since FreeMind 0.8.1, FreeMind uses a plugin architecture. In some software contexts, plugin architecture has been found to be a security concern. The latest releases without plugins are FreeMind 0.7.1 and FreeMind 0.7.1-XT. See also Plugin.
  • Since FreeMind is apparently used by many users and organizations, one may be inclined to think that enough eyeballs double checked that there is no genuine security issue. However, that line of reasoning is unreliable, and cannot replace evidence of actually performed security audit of the application, whether on the black-box testing level, on the source code level or on the architecture level. If an organization actually did publish a security audit, it would be preferable to post it here, for traceability.
  • As per Scripting#Security, security level for scripting can be customized. The most secure option is to disable scripting altogether.
  • Bundling JRE with FreeMind is a concern: since such FreeMind installs a dedicated Java JRE locally as a separate copy, it will not receive any automatic security updated. Requires a solid analysis as to whether there is a genuine security risk.

See also