What part of uninstall was unclear?

EndlessDIY · October 17, 2019, 3:09am

How come uninstalling inSync basically just removes some executable files but leaves all of the sensitive data on disk? I would like to have thought that inSync wouldn’t leave active OAuth refresh tokens to my entire GSuite sitting around on disk after I’ve uninstalled the app (I’d like to have thought they aren’t ever unencrypted on disk, but that’s a feature request for another day), and yet the token is clearly both still there and still active because I can re-install inSync and all of my settings and account are still present.

Could clearing all data and revoking tokens on uninstall be added as an option on the uninstall dialog?

mia · October 18, 2019, 4:08am

Hi @EndlessDIY,

Thank you for bringing this up. I’ll raise this concern to our team for further investigation.

EndlessDIY · October 18, 2019, 4:31am

Thank you. I made a separate feature request for encrypting secrets on disk.

mia · December 3, 2019, 10:15am

Hi @EndlessDIY,

Thanks for waiting for our feedback regarding this. We’re doing it the way it is right now so that the user can resume using Insync if they ever re-install. However, we’ll implement a prompt to keep or remove the user data during the uninstall with a warning that re-installing the Insync won’t resume from where they left off.