Slashdot Mirror

← Back to Stories (view on slashdot.org)

Locally Secure Email Clients?

Posted by Cliff on from the protecting-your-email-from-prying-eyes dept.

Mattcelt asks: "I share my PC with my roommates, two of whom don't have their own PCs. In order to keep things simple, I have Windows98 running on it - they are used to the interface; it runs the programs they need to run from the University; and I refuse to pay the money to Microsoft to upgrade to a newer Windows OS. Unfortunately, there are some issues with privacy, and though I trust my roommates, there are work-related things I wouldn't want them to stumble into. Has anyone seen an email client other than Outlook that has -local- file security? Outlook has a feature to allow the password protecting of .pst files on the local drive, but it seems that every other email client figures that once the mail is on your machine, you don't need it protected any longer. Is there another email client with integrated password protection?"

9 of 77 comments (clear)

  1. Tried a combination of... by Vaevictis666 · · Score: 4, Informative
    Thunderbird (or any quick simple mail client) plus a software library to encrypt/decrypt a directory? Two batch files, one password, and that should set you up.

    Just set thunderbird up to store your mail in a subdirectory of the root thunderbird dir, and encrypt it from there recursively.

    1. Re:Tried a combination of... by GoodbyeBlueSky1 · · Score: 3, Informative

      I guess the question I have for Mattcelt is how much protection he needs (he uses the words "stumble onto", which to me implies he wants something hidden, but maybe not too involved)

      As such, if you use Mozilla Thunderbird (great client, better every month) you can put the following line in your user.js file (check the mozilla site for how-to)

      user_pref("mail.password_protect_local_cache", true);

      which will hide all e-mail (except for a folder list) until you enter a password.

      Obviously this is very low security, but if these roomies really are trustworthy it might do the trick; they won't see the classified project header or read your sappy love poems while you're gone. Plus I don't think we're dealing with computer-saavy roommates here (using a borrowed win98 pc?)

      --
      why? forty-two.
  2. More general solution? by josath · · Score: 4, Insightful

    Perhaps you should look for a more general solution instead of one focused on email clients: Encrpyting/Password protecting folders on your computer.

    This way, you could store all your sensitive files on the encrypted/protected folder, and have it only be unlocked when you are there.

    Here are some links:
    http://www.passtheshareware.com/c-encryption.htm
    http://www.globalshareware.com/Utilities/Security- Encryption/Security-Encryption-45.htm
    http://www.everstrike.com/protect-folder-98.htm

    --
    sig? uhh, umm, ok
  3. IMAP? Web Mail? SSH? by JabberWokky · · Score: 4, Informative
    Leave the mail on the server, and don't store your mail password. Using IMAP means you can use just about any mail client, but are limited to certain mail servers. Webmail is available all over the place, but I don't like it. There are loads of decent text mode mail programs, and I'm sure there's a system somewhere on campus that allows you to connect and pull your mail.

    --
    Evan "IMAP/Kontact user myself"

    --
    "$30 for the One True Ring. $10 each additional ring!" -- JRR "Bob" Tolkien
  4. Use Anything by MBCook · · Score: 4, Insightful
    Use anything that you want!

    I would guess that most programs (I know that Outlook let's you do this) will let you specify where to place the datafile with all the e-mails and such. All you do is have it put the file on another disk. The idea is that you use a USB key that you keep with you. The data file is stored on the key so only when you're at the computer and it's plugged in is the data accessable. Hard to get more secure than not having the file on the computer at all.

    If the program objects to having the file on a removeable drive, you could make batch scripts and keep them on the desktop. The one you run after inserting the key would copy the file from the key to the hard drive in the apropriate place. The one you run when you're done moves the files off the hard drive back onto the key. They you remove your key and go.

    Seems like about the best solution you'll get.

    Note: also that there are some USB Keys (I seem to remember seeing one on Tom's Hardware reviewed once) that have functionality like this built in somehow. They contain their own e-mail client or other software to make doing this kind of thing easy. Look around, you're not the only person who would like to be able to do something like this.

    Also note: for the ultimate in security, get one of the USB key drives that has a thumbprint sensor as an added layer of security.

    --
    Comment forecast: Bits of genius surrounded by a sea of mediocrity.
  5. Bottom line: you're screwed. by Anaxagor · · Score: 3, Informative

    If you don't trust them, no e-mail client is going to help. What's to stop them installing a keystroke logger and getting your IMAP credentials/PGP passphrase/shell account details? Running a cracker over the PST encryption? Shoulder surfing your password?

    Say you install a more secure, multi-user OS like Linux or FreeBSD or (gasp!) Windows 2000. Even if they can't learn your password, they can boot Knoppix or similar, mount your partitions and crack your box that way.

    The bottom line is that if they have physical access to your box, you're pretty much screwed. Either trust them and find some other way to separate work from home, or lock your box away in a cabinet they can't get to, install Linux/BSD, keep them patched against local root exploits, and don't let them get you drunk/stoned/in a state where you might divulge your passwords.

    1. Re:Bottom line: you're screwed. by watanuki · · Score: 3, Insightful

      I think the idea is to raise the barrier enough to prevent the roommates from casually browsing into his email, not against them cracking into his data.

  6. Re:I'd say bite the bullet and WinXP/2000 yourself by duffbeer703 · · Score: 4, Funny

    This is Slashdot, where practical solutions are impossible.

    Here's a Slashdot answer:

    I suggest upgrading to Linux. If some apps don't work, suggest to the developers that they port their apps.

    --
    Conformity is the jailer of freedom and enemy of growth. -JFK
  7. Re:Ok, here's the standard by Glonoinha · · Score: 3, Interesting

    Install Windows 2000 Professional instead of WinXP - it is much less resource intensive (more likely to run (semi-well) on a machine that was current when Win98 came out.) And it is free (not free as in beer, nor free as in herpes - more like free as in pirated.)

    Give each of your buddies regular 'user' accounts so a) they can't install crap, b) they can't directly access your files, and c) they can't screw it up. Each user has a profile and when they run whatever email client they want the files are stored in their profile. Sort of like ... it was designed to do.

    --
    Glonoinha the MebiByte Slayer