Locally Secure Email Clients?

Mattcelt asks: "I share my PC with my roommates, two of whom don't have their own PCs. In order to keep things simple, I have Windows98 running on it - they are used to the interface; it runs the programs they need to run from the University; and I refuse to pay the money to Microsoft to upgrade to a newer Windows OS. Unfortunately, there are some issues with privacy, and though I trust my roommates, there are work-related things I wouldn't want them to stumble into. Has anyone seen an email client other than Outlook that has -local- file security? Outlook has a feature to allow the password protecting of .pst files on the local drive, but it seems that every other email client figures that once the mail is on your machine, you don't need it protected any longer. Is there another email client with integrated password protection?"

Since it's your PC

[Neil+Blender]

Why not have your roomates have their mail forwarded to something like a yahoo account. Let them use a browser to read their email and you can still use Outlook.

Re:Ok, here's the standard

[Carnildo]

Well then, do a dual boot. I know, I know "reboot to check my mail, hell no."

That's exactly what I do: I've got Linux, with an ext3 partition that Windows doesn't have a clue about, for my "sensitive files", and a Windows partition for when my brothers want to play games on the machine -- after all, it's the only computer in the house fast enough to play modern games.

If you're using Win98, you don't even need to re-partition the hard drive. Use something like LoopLinux to have a Linux system resident in a disk image on the FAT32-formatted disk.

Re:Ok, here's the standard

[Glonoinha]

Install Windows 2000 Professional instead of WinXP - it is much less resource intensive (more likely to run (semi-well) on a machine that was current when Win98 came out.) And it is free (not free as in beer, nor free as in herpes - more like free as in pirated.)

Give each of your buddies regular 'user' accounts so a) they can't install crap, b) they can't directly access your files, and c) they can't screw it up. Each user has a profile and when they run whatever email client they want the files are stored in their profile. Sort of like ... it was designed to do.

How about setting up a file server?

[munpfazy]

One option that comes to mind, assuming you're willing to tinker and have more time than money:

Find an old (eg, first generation pentium-I) computer, and set it up in the closet running a trim linux or BSD distro. For something between free and $20 US, plus the cost of a hard-drive and two network cards (and or a hub), you can put together a nearly secure storage system. You could also turn it into a cheap firewall while you're at it, which could be a very good thing once security updates for win98 stop happening, if they haven't already.

For example, set up a samba server on the old computer with individual users for everyone in the house. Then just keep all your personal files there. If you want it to be more secure (eg - somewhat protected from people who might use a rescue disk to boot into your server box), then set up an encrypted filesystem for each user using loop-aes for linux or bsd's built in vnd encryption. SSH into the second machine and unencrypt your directory every time you want to use it. There's probably some way to set up the ssh client on windows to log in automatically and run a script, so that you can be one click away from the encryption password.

If you're really paranoid, note this doesn't protect you from someone desperate to get at your stuff - they could still pull out your hard drive and add a keystroke logger or file copier, but it would protect you from a casual browser. Basically, if you think they'd be willing to use screwdrivers, then you need a better solution, like a usb drive. You could also encrypt the whole drive on the server box, which would allow at least one person to know it is secure, but since they could just as easily add malicious stuff to the windows box to spy on you, it probably isn't worth it.

This is all assuming that it's possible to make windows forget samba passwords without rebooting. It's been years since I've used windows, and I've never messed with samba, so I'm just guessing that it is.

Of course an easier solution may be a usb flash drive, or an external hard drive, which you can lock in a drawer when you're away.