Send is not E2E

Wow. Bitwarden’s claim that Send is endpoint to endpoint (E2E) encrypted is such a fraudulent abuse of the term it is mind blowing. It seems to be counting on consumers to not understand that they just transmitted their unencrypted data into the wild when they uploaded it from their computer through dozens of switches containing tons of other traffic. And that this will happen again when Bitwarden sends their message to the recipient.

Endpoint means all the way to the end. Which is the end-user’s personal home computer, not Bitwarden’s WEB based computing, that is in the MIDDLE of these two end points.

The way for Send to be E2E would be for both users on both ends to install it on their devices from source code, in which case encryption and decryption of the file would in occur inside of their devices, before they send, and inside of their devices, after they download.

This may keep out average hackers, but not state actors. Its a given that the CIA can bug a phone to surveil the phone apps that upload voice, video, and text etc. go to and download from Signal.

We think maybe, one might get around the Send problem with a robust VPN that also includes AES or equivalent encryption, if one could find one that sturdy that Bitwarden would not automatically reject at login. That is not totally secure, because the VPN breaks at the handoffs to both the user’s device and to Bitwarden, which was a massive roblem (See article attached). But it is protecting ones data in transit. They are alot better than no AES level encryption in transit.

Regards,
Meta

Not following you here. What makes you think the data payload is NOT encrypted prior to upload and/or decrypted client-side upon receipt? If encrypted data is passed between endpoints through a service, but that service does not have the encryption key, where is the danger?

You are making bold accusations here, so I think some details are required to back them up (and to prove you actually know what you are talking about).

1 Like

Ditto.

I hope he will come back and clarify his concerns and also help us ALL if we are off in our thinking. My review shows ALL BW payloads leaving my machine as packaged in encryption. Although unnecessary, I also use a strongly encrypted VPN tunnel going through all the gateway switches.

If I am wrong please help me understand!!

3 Likes

Absolutely, I think evidence is best.
I have read through Bitwarden’s security white papers and their extensive code audit (albeit a few years old and did not cover new features such as “Send”) and while some minor concerns they were quickly resolved by the Bitwarden team or were a simple misunderstanding by the team evaluating the code as it is fairly complex.

No major or critical issues though and I believe this goes to the expertise that is required in writing quality code that maintains security, and the quality that goes into accepting new changes to the code-base.
While I have not personally inspected the Send feature I am confident in Bitwarden given the history and barring any possible future major concerns (I prefer a company at least be open in the event of a breach rather than stay silent about it, and should something like that ever occur I hope Bitwarden would be transparent about such an event).

All my previous testing has showed every client, even the web-vault to only load locally with encryption happening on the device prior to transmission.
Can even be confirmed by “pulling the plug” on your network connection after a page loads. Only time it causes an issue would be when needing to load and switch between pages or vaults, but otherwise as long as the encrypted data has loaded it continues to work even without network access.
Though ofc in a read-only type mode.

If there are possible issues or security flaws I believe majority of the community here is very security sensitive and would want to be aware given such a major claim, but again evidence is highly needed and if able to back up such a claim would be a cause for possible concern.
Otherwise I am guessing it may just be a misunderstanding or confusion as again the Bitwarden architecture and code in general is fairly complex, but truly amazing.
I don’t even pretend to understand most of it, but I trust in others that can :slight_smile:

1 Like