Lost locally stored data after updating to Legend

blkio

Jay That is the path it shows and where I copied it to. Restarted the app, still no luck.

Jay

blkio Would you want to do a quick video call so I can try to figure out it while seeing your screen? I’ll send you a direct message about it.

blkio

Jay I can’t do that, there’s personal information on all my docs, even the names. I can post any screenshot though.

Jay

Ok I think I figured it out. You said you removed the encryption password before upgrading? It seems that does not immediately update the encryption on all local documents, so I think the documents are failing to decrypt. So if you set your password back to what it was before, the documents should then decrypt successfully and load correctly.

blkio

Jay I removed encryption in the first place because I couldn’t remember it. Does this mean I won’t even be able to restore the data from the import settings too?

Jay

Yes, the import is failing because it’s unable to decrypt it. Do you possibly have the encryption password written down anywhere?

Jay

I’m working on fixing the bug where removing the password did not immediately update the local documents and will try to get that out tomorrow. And I’ll also fix the issues with load and import silently failing when they can’t be decrypted.

But I’m trying to figure out how to recover the encrypted documents and I’m not sure there’s a way to do it without the password. If you think the password was fairly short I could try to brute force hack into it - you could send me (in a private message) just the “doc” section at the top of the json file (you can remove the “text” if it’s sensitive). But outside of that I’m not sure what we can do.

blkio

Jay Honestly, it’s great to hear you’re keen to fix what you can and do whatever in your power to help, it’s greatly appreciated. Do you mean you might be able to find the decryption password from the file or just be able to unlock the file itself? If you mean telling me the decryption password, I can send you one document that doesn’t contain any sensitive information, but if you mean just unlocking the documents, please help me in understanding what parts to keep and remove after the "{“moodoVer”:7,“doc”:". Oh and I think at most the password would be 15-20 characters.

Jay

It’s possible I can find your old decryption password from the file, but I’d have to brute force it and try every possible combination of characters. At 15-20 characters that’s probably not possible without a cluster of supercomputers 😢 But if it’s shorter it might be possible, though unlikely. I would need just the “doc” section of the file, but you can remove the “text”.

Are you 100% sure you don’t have the password saved anywhere? When creating the password Moo.do would have prompted you to save it in a file. Or maybe it’s saved in a password manager app?

blkio

Jay I see, well I sent the file, you can give it a shot, no pressure. I don’t have the password saved anywhere, and neither did I save that file. Password manager didn’t save it also. I’ve kind of accepted it’s gone now, lesson learned, be more careful especially if I’m going to use software as an extension of myself. But I’ll keep the files around just in case.

Jay

Ok I’ve downloaded it and will see what I can do tomorrow (it’s midnight here in Singapore).

blkio

Jay Sleep well! Will keep an eye for your update tomorrow,

Jay

blkio I fixed the bugs in the latest version, and ended up just removing the whole encrypting local documents feature in the latest version because it seems like it’s not worth the risk of lost data. https://forum.legendapp.com/d/137-beta-updates/68

And I’ve between trying a brute force attack on the password with a big list of the most common passwords but it’s after a few hours of running it’s halfway through the list of about 50,000 passwords and hasn’t found a match. I don’t think we’re going to be able to recover that password, but I’ll keep running it. If I manage to find it, I’ll let you know.

Jay

blkio It finished testing all the passwords and couldn’t find a match. I don’t think we’ll be able to recover your password 😢

Jorge

Jay I haven’t felt the need to use local documents so far. I am happy with the level of encryption offered for the online documents (and I am a security freak), however I haven’t really run an attack test to validate it. I think with some documentation that describes/proves the tamperproof resilience, people might not be as inclined to using local documents, especially with a disclaimer that the dev team cannot access the data without the password(s) because it is encrypted at rest.

Of course, business wise, there might always be a need for absolute confidential data that cannot leave ac company’s premises.

blkio

Jay Thanks for trying, appreciate it. Also good of you to correct for this issue so quickly. Thank you for your kind support, you eased the trauma. I want to continue using moo.do, as I have from pretty much the start, but prehaps very cautiously,, as with any software - things can go wrong.

« Previous Page