Avatar for Username

Rechercher dans l’assistance

Évitez les escroqueries à l’assistance. Nous ne vous demanderons jamais d’appeler ou d’envoyer un SMS à un numéro de téléphone ou de partager des informations personnelles. Veuillez signaler toute activité suspecte en utilisant l’option « Signaler un abus ».

En savoir plus

Encryption at Rest - Email Storage

  • 2 réponses
  • 0 a ce problème
  • 9 vues
  • Dernière réponse par Matt

chattysiddy
chattysiddy
more options

Hi,

I've been using Thunderbird for years now for various email accounts that I mostly used to information I would consider public. Thus while I would take simple and obvious precautions, I wasn't overly concerned with security.

Now, I'm connecting Thunderbird to my personal email accounts, including my ProtonMail account that I do use for private information. I'm happy with the ProtonBridge handles encryption and decryption when you send and receive emails but as I understand it, once on the device, all of your emails are just stored in plain text.

Yes you can put a Password on Thunderbird but that wouldn't deter anyone with any motive. I'm aware many people site FDE as a solution to this problem and while it's part of a solution, I would like an additional layer of security. I would like everything inside of '/home/user/.thunderbird' encrypted at rest. Ideally the Master Password would decrypt it but it's not the end of the world if it's a little more laborious.

From everything I've seen so far, unless I send and receive all of my emails with PGP, my emails will be stored plain text on my PC. Perhaps installing Thunderbird inside a veracrypt volume is the only option?

Any advice would be appreciated.

Hi, I've been using Thunderbird for years now for various email accounts that I mostly used to information I would consider public. Thus while I would take simple and obvious precautions, I wasn't overly concerned with security. Now, I'm connecting Thunderbird to my personal email accounts, including my ProtonMail account that I do use for private information. I'm happy with the ProtonBridge handles encryption and decryption when you send and receive emails but as I understand it, once on the device, all of your emails are just stored in plain text. Yes you can put a Password on Thunderbird but that wouldn't deter anyone with any motive. I'm aware many people site FDE as a solution to this problem and while it's part of a solution, I would like an additional layer of security. I would like everything inside of '/home/user/.thunderbird' encrypted at rest. Ideally the Master Password would decrypt it but it's not the end of the world if it's a little more laborious. From everything I've seen so far, unless I send and receive all of my emails with PGP, my emails will be stored plain text on my PC. Perhaps installing Thunderbird inside a veracrypt volume is the only option? Any advice would be appreciated.

Toutes les réponses (2)

DavidGG
DavidGG
  • Top 10 Contributor
more options

The way to accomplish this would be some generic form of filesystem encryption, not something specific to Thunderbird, but what you have to encrypt is the profile folder where all your mail data is stored, not the Thunderbird application itself:

https://support.mozilla.org/kb/profiles-where-thunderbird-stores-user-data

Modifié le par DavidGG

Cela vous a-t-il été utile ?

Matt
Matt
  • Top 25 Contributor
  • Moderator
more options

Are you aware of user account controls in your operating system, they are more than capable of encrypting the data stored in the user account, including Thunderbird mail and all your other documents and tax records.

I have been hearing folk on about encryption at rest and refusing to use the facilities of the operating system that allow that for decades. I still fail to understand why anyone wants encryption amateurs (email developers) to encrypt data when they already have access to something written and tested over 20 or more years to be secure.

See https://www.cbtnuggets.com/tutorials/encrypt-data-at-rest-with-linux-tools and https://linuxsecurity.com/features/the-ultimate-guide-to-using-data-encryption-on-linux

Those are a couple of google result for Linux, which the forum reports you as using.

Cela vous a-t-il été utile ?

Poser une question

Vous devez vous identifier avec votre compte pour répondre aux messages. Veuillez poser une nouvelle question, si vous n’avez pas encore de compte.