Data Security¶
Disk Decipher is aware of the sensitivity of decrypted data. Saving sensitive information temporarily to disk has security implications since deleted disk sectors can be recovered easily until they are (securely) overwritten with new data. For this reason, Disk Decipher will not save decrypted data to the disk (flash memory) of your iOS device unless absolutely necessary.
The movie playback feature is a good example of how much effort Disk Decipher takes. The iOS movie player is able to access local (i.e. saved to disk) movies and remote (i.e. accessible with an URL) movies. After decryption, the movie data is available in RAM. To avoid saving this data to disk, Disk Decipher has a built-in HTTP server streaming the movie data to the iOS movie player.
Certain features (at this moment only the Open In menu) of iOS require the decrypted data to be written to disk. By default these features are enabled, but Disk Decipher will prompt for confirmation every time you are about to use such a feature.
You can customize this behaviour in the Settings screen accessible via the icon in the navigation bar.
If you want to use these features without being prompted for confirmation repeatedly, you can disable the confirmation prompt.
For maximum security, you can also disable these features altogether. This will remove the corresponding elements from the user interface, so you will never be tempted to use such a feature.
Disk Decipher will automatically delete any temporary files saved to disk, so you do not need to cleanup any files manually if you use a feature that saves decrypted data to disk. Of course, this does not resolve the security risks of saving decrypted data to disk, it is always better to avoid using such a feature unless you accept the risk.
To reduce the security risks, Disk Decipher uses content protection provided by iOS (on-the-fly filesystem level encryption) on saving a file to disk, starting with version 1.8.
The Open In menu, currently being the only feature requiring saving the decrypted data to disk, will transfer the saved file to another app on your iOS device. The security of this data will be outside of Disk Decipher's control anyway.
Starting with version 1.18, application memory containing decrypted file data is explicitly erased after closing the file viewer to prevent leaking sensitive data to other applications.