[eyakubovich]

IIUC, Infisical uses end-to-end encryption. Does that change your attitude towards cloud-only options? I'm genuinely curios to understand how SaaS products can be made secure so people are comfortable using them for sensitive data.

[turtledragonfly]

I am wary of any company's claims of end-to-end encryption[1], especially when I have no experience with them. That being said, I think open-source is the right path. If I can compile the client myself, locally, and audit the code myself, that's a good first step. Perhaps even better would be for the data PUT/GET to be via an API, and I can bring my own client if I want. Then, the encrypted data is truly just an opaque blob from the service provider's POV. But you might as well be Google Drive at that point, no?

I haven't looked into the product much; I'm assuming that the server side is more than storage for opaque blobs. The less it is that, the less I can fully trust that my data is safe in their hands. And even if it's not my own secrets, but maybe some metadata (expiration times?), that is also sensitive data that would best not be leaked.

This is actually one space where I think certifications can be meaningful — such as FIPS, for the case of the US Federal Gov't. They tend not to mess around with security, so I trust that a little bit more (NSA backdoors notwithstanding).

[1] I remember when Zoom claimed that their video conferences were "end-to-end encrypted", and when it came out that they were not, they apologized, saying something along the lines of "we're sorry for any confusion we caused — when we used that term we meant XYZ, but we understand how some people could have interpreted it as ABC." So, in other words, they lied, used a well-established industry term to mean something else, and when caught in their lie, minced words to say "oh when we said _this_ we really meant _that_." Big frown from me.

[vmatsiiako]

This is totally valid! And that's why we decided that Infisical should be open-source. As you said, you can inspect everything yourself, and even self-host it, for even greater level of certainty. Infisical is by default end-to-end encrypted with exceptions for a couple integrations (Vercel/Heroku). This is because it is impossible to preserve end-to-end encryption there at the moment - this will be possible with custom integrations in future. We try to be very open about this with users (we mention it both in the app and in the docs multiple times).

Certifications are definitely important, and we're actively thinking of that.