alikia2x/OpenRewind
1
1
Fork 0
Code Issues Releases 1 Activity

Added encryption instructions

Browse Source
This commit is contained in:
Koen van Eijk 2024-06-19 19:11:21 +02:00
parent ff8ac6935c
commit 2e5d52a24e
3 changed files with 60 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -26,7 +26,7 @@ OpenRecall offers several key advantages over closed-source alternatives:
- **Transparency**: OpenRecall is 100% open-source, allowing you to audit the source code for potential backdoors or privacy-invading features. - **Transparency**: OpenRecall is 100% open-source, allowing you to audit the source code for potential backdoors or privacy-invading features.
- **Cross-platform Support**: OpenRecall works on Windows, macOS, and Linux, giving you the freedom to use it on your preferred operating system. - **Cross-platform Support**: OpenRecall works on Windows, macOS, and Linux, giving you the freedom to use it on your preferred operating system.
- **Privacy-focused**: Your data is stored locally on your device, and you have the option (soon to be implemented) to encrypt it with a password for added security. No cloud integration is required. - **Privacy-focused**: Your data is stored locally on your device, no internet connection or cloud is required. In addition, you have the option to encrypt the data on a removable disk for added security, read how in our [guide](docs/encryption.md) here.
- **Hardware Compatibility**: OpenRecall is designed to work with a wide range of hardware, unlike proprietary solutions that may require specific certified devices. - **Hardware Compatibility**: OpenRecall is designed to work with a wide range of hardware, unlike proprietary solutions that may require specific certified devices.
<p align="center"> <p align="center">

48
docs/encryption.md Normal file
View File

@ -0,0 +1,48 @@
# Encrypting Your OpenRecall Data
A sensible option to protect your (potentially sensitive) OpenRecall data is to use an external storage device, such as a USB stick or SD card (for MacBook Pro or laptops) with real-time disk encryption enabled. On Windows, BitLocker can be used. On macOS, you can create an encrypted disk image. On Linux, LUKS can be used to encrypt the disk. Before encrypting/formatting your storage device, ensure you have backed up any important data as the process will erase all existing data on the device. The OpenRecall project or its maintainers are not responsible for any data that can be damaged or lost during the below process or due to the use of OpenRecall.
## Requirements
- A recent USB stick or (micro) SD card with sensible read/write speeds
## Windows (BitLocker)
1. Insert your USB stick or SD card into your computer.
2. Open **File Explorer** and right-click on your USB stick or SD card.
3. Select **Turn on BitLocker**.
4. Choose **Use a password to unlock the drive** and enter a secure password.
5. Save your recovery key to a file or print it out (do not skip this step).
6. Choose **Encrypt used disk space only** (faster) or **Encrypt entire drive** (slower but more secure).
7. Select **Compatible mode** to use the drive on older versions of Windows.
8. Click **Start Encrypting**.
9. Wait for the encryption process to complete.
10. Create an OpenRecall folder on the encrypted disk.
11. Launch OpenRecall with the argument`--storage-path "<path to your OpenRecall folder on the encrypted disk>"`
## macOS (Encrypted Disk Image)
1. Insert your USB stick or SD card into your Mac.
2. Open **Disk Utility** from Applications > Utilities.
3. Click **File** > **New Image** > **Blank Image**.
4. Name your disk image and select a location (save it to your USB stick or SD card).
5. Choose a size for your disk image.
6. Set **Format** to **Mac OS Extended (Journaled)**.
7. Set **Encryption** to **128-bit AES encryption** and enter a secure password.
8. Set **Partitions** to **Single partition - GUID Partition Map**.
9. Set **Image Format** to **read/write**.
10. Click **Save** and wait for the disk image to be created.
11. Mount the disk image, and find its path in Finder by right-clicking on the disk image and selecting **Get Info**. The path is displayed next to **Where**.
12. and launch OpenRecall with the argument `--storage-path "/Volumes/<name of your volume>"`.
## Linux (LUKS)
1. Insert your USB stick or SD card into your computer.
2. Open a terminal.
3. Install necessary tools (if not already installed): `sudo apt-get install cryptsetup`.
4. Unmount the drive if it is automatically mounted: `sudo umount /dev/sdX1` (replace `sdX1` with your actual device identifier).
5. Initialize the LUKS partition: `sudo cryptsetup luksFormat /dev/sdX1`.
6. Confirm the action and enter a secure password.
7. Open the LUKS partition: `sudo cryptsetup luksOpen /dev/sdX1 encrypted_drive`.
8. Create a filesystem on the encrypted partition: `sudo mkfs.ext4 /dev/mapper/encrypted_drive`.
9. Mount the encrypted partition: `sudo mount /dev/mapper/encrypted_drive /mnt`.
10. Launch OpenRecall with the argument `--storage-path "/mnt"`.
11. To unmount and close the encrypted partition: `sudo umount /mnt` followed by `sudo cryptsetup luksClose encrypted_drive`.

4
openrecall/database.py
View File

@ -37,6 +37,8 @@ def insert_entry(
text: str, timestamp: int, embedding: Any, app: str, title: str text: str, timestamp: int, embedding: Any, app: str, title: str
) -> None: ) -> None:
embedding_bytes = embedding.tobytes() embedding_bytes = embedding.tobytes()
try:
with sqlite3.connect(db_path) as conn: with sqlite3.connect(db_path) as conn:
c = conn.cursor() c = conn.cursor()
c.execute( c.execute(
@ -44,3 +46,5 @@ def insert_entry(
(text, timestamp, embedding_bytes, app, title), (text, timestamp, embedding_bytes, app, title),
) )
conn.commit() conn.commit()
except sqlite3.OperationalError as e:
print("Error inserting entry:", e)