I’m slowly returning to KDE development after a few months of being mostly in bugfix mode due to my other-life obligations (more on that later), so I decided to implement a new feature for my youngest project – the Plasma Vault.

One of the possible attack vectors to your Plasma Vaults is that people could potentially have access to your computer while the vault is open.

This is not a problem if we consider direct access because it is something that is easily controlled – you see everyone who approaches your computer, but the problem can be remote access.

We have recently seen that even CPUs can sometimes be used as attack vectors, it is common for the web browsers to be, and obviously, through social engineering, the user can also be used to gain remote access to the system.

For this reason, starting with the next Plasma release, if you have an extremely sensitive data you can mark a vault as offline-only.

This means that networking will be shut down as soon as you open the offline-only vault so that any potential remote access is inhibited.

Offline Vault creation
Offline Vault creation

The networking will be restored as soon as you close all offline-only vaults.

For this to work, you will need to use Network Manager as it is the supported networking interface in Plasma. I know it might be a burden for some of you (it is for me), but there is no alternative at the moment.