I read this on a Reddit post about backing up a vault on USB drives. I know that there’s a lot of false info on the internet (about everything), so I would like your thoughts. Here is what he wrote:
“Anybody who is creating unencrypted vault exports should be aware that this creates a temporary copy of your unencrypted vault on your device (this is true even if you use the “Save As” option to specify that the file should be saved “directly” to your external USB drive, or to some encrypted container). Even though the temporary file is deleted at the end of the export process, it may be possible to use file recovery tools, forensic tools, or malware to recover some or all of your vault contents from the device at a later date. If your device uses an SSD for persistent storage, it may not be possible to fully expunge all traces of a deleted file from the drive.
I’m not aware that anybody has demonstrated this type of vulnerability specifically for Bitwarden vault exports, but personally, the fact that the plaintext file is created to begin with is enough to give me pause.
My understanding is that this is a limitation of how JavaScript/TypeScript implements file save operations. I don’t have sufficient technical expertise to know whether it is possible for js/ts code to circumvent this file-saving mechanism.”
What do you think? Is he correct that saving the file as an unencrypted .json file directly to a USB drive (or any drive) can still leave a trace of the file on your device?
Thanks