by EPruehs » 14 Dec 2011, 11:45
Here the answers to your questions:
@mamciek: The pss files are only on your computer. They are crypted together with your TeamDrive username. If you register a new installation using the same TeamDrive username you could read your pss files also on the new installation. If you use an other username you cannot read the pss files. If you lost your pss files, you could not get your data back again. We have no possibility to give you access again.
@uluckas: Yes, this is a good question and I will give you the information how we made this secure, because the public key for the new installations are not available until you activate them. So, we couldn't use the public key to encrypt the invitation in this case. We are instead using your password, but not directly, because we need a key with 256 bit length for the AES encryption. During the registration process of a device we are generating a 256 bit hash based on your password. If you register a new device, you will recieve this special encrypted invitation which will decrypted again with the 256 bit hash based on the same password. But this is only working, if you use the same password for all installations. You could test it: Create a new space on an existing client and invite your devices. Now, change your password during the registration process of a new client and you will not see the invitations in the new client, because this one will use a different 256 bit hash based on your new password (you will not see an error message, because we are just skipping invitations which could not be decrypted; you will only see an error in the log files). You have to invite the new device again using the normal Public-Private-Key invitation process.
Regards E. Pruehs