[mirimir]

I guess. But access controls really just keep the punters out. Any serious adversary will just track down the stores. And even if they're on dedicated servers with FDE, keys can be obtained from RAM.

[brendoncarroll]

Just to clarify: All data is encrypted on the client, going after a server backing a Store will get you encrypted blobs. Encryption keys would not exist on the server in plaintext.

[mirimir]

Sorry to confuse the issue. I meant the keys for the Store's FDE, not the WebFS keys, which never leave the user's machine.

I was addressing jerry292's concern about access to the encrypted data in Stores.