Are uploaded images safe?

Just two short questions:

  • Are images saved in a safe way? I remember that Roam’s is not perfect here and it has been one of the reasons why I haven’t used it as much as possible. I am working with a lot of image data that I am not allowed to share.
  • What happens with an image when I delete a card that contains it? Will the image be deleted from the cloud? If not, can it be deleted from the cloud in another way?
    Thanks!
2 Likes

By this definition, not really: if you know the card id and the file name, you can derive the url of a card’s image.

However:

  • only someone who can already see the space will know the card id and file name. So moot in a private space
  • the id generator has billions of permutations

When developing the image serving system, balancing speed and security, I noted that trello and other used-in-enterprise tools do this. (It’s the best balance between perf and irl security)

It’s currently not deleted, I might be wrong tho I’ll need to double check. I can change it to deleting the file , but only if the card is permanently removed from the Removed menu

3 Likes

I think this is a good policy. It’s important to give the user the ability to expunge all of their data from the server. Maybe it was sensitive information that they did not intend to upload. Or they just want to leave the service and make sure there is none of their personal data lingering.

Maybe it’s worth mentioning the underlying storage service is Linode (at least currently). So there is some trust in that system: Linode Object Storage | Linode. And I think they are highly trustworthy and reputable.

2 Likes

It would be great if it was possible to delete the data, e.g., when the card is completely removed.

2 Likes

Just want to +1 this, especially if it’s a small scope—I think if the image upload feature had existed when I was first evaluating Kinopio, I would have had this question, and it would have been important to me that I knew I could expunge my data in case I didn’t end up using the service. I feel like this is good all around—it recovers some storage space and reduces Kinopio’s “liability” of having sensitive/unwanted assets.

3 Likes

in progress,

2 Likes

Amazing! Looking forward to it!

1 Like