To add to this: we’re currently working on two options.
you put your sensitive data into a secure container (similar to privatebin)
you do not put your most sensitive data on the server (which you can of course self host) but get a request from the employer and then send this data directly to them, bypassing the server, encrypted.
This of course has other implications such as ips getting out but not storing your personal data can be a greater concern than this
@onlinepersona
@Sunshine
Hi there and thanks for @ing me to the discussion.
Those are my main concerns as well. This is also laid out in the readme and project plan.
The idea is to decide between three states for information: public, encrypted and off site.
Currently (on LI) your personal data is exclusively stored on LI servers (and hopefully not leaked). LI *sees* this data.
On fediwork the most sensitive data is only shared with e2ee. FW stays blind. We only see ips. Same as privatebin.
@onlinepersona
@Sunshine
To add to this: we’re currently working on two options.
This of course has other implications such as ips getting out but not storing your personal data can be a greater concern than this