Avatar for Username

Pesquisar no apoio

Evite burlas no apoio. Nunca iremos solicitar que telefone ou envie uma mensagem de texto para um número de telefone ou que partilhe informações pessoais. Por favor, reporte atividades suspeitas utilizando a opção "Reportar abuso".

Saber mais

Encryption at Rest - Email Storage

  • 2 respostas
  • 0 têm este problema
  • 9 visualizações
  • Última resposta por Matt

chattysiddy
chattysiddy
more options

Hi,

I've been using Thunderbird for years now for various email accounts that I mostly used to information I would consider public. Thus while I would take simple and obvious precautions, I wasn't overly concerned with security.

Now, I'm connecting Thunderbird to my personal email accounts, including my ProtonMail account that I do use for private information. I'm happy with the ProtonBridge handles encryption and decryption when you send and receive emails but as I understand it, once on the device, all of your emails are just stored in plain text.

Yes you can put a Password on Thunderbird but that wouldn't deter anyone with any motive. I'm aware many people site FDE as a solution to this problem and while it's part of a solution, I would like an additional layer of security. I would like everything inside of '/home/user/.thunderbird' encrypted at rest. Ideally the Master Password would decrypt it but it's not the end of the world if it's a little more laborious.

From everything I've seen so far, unless I send and receive all of my emails with PGP, my emails will be stored plain text on my PC. Perhaps installing Thunderbird inside a veracrypt volume is the only option?

Any advice would be appreciated.

Hi, I've been using Thunderbird for years now for various email accounts that I mostly used to information I would consider public. Thus while I would take simple and obvious precautions, I wasn't overly concerned with security. Now, I'm connecting Thunderbird to my personal email accounts, including my ProtonMail account that I do use for private information. I'm happy with the ProtonBridge handles encryption and decryption when you send and receive emails but as I understand it, once on the device, all of your emails are just stored in plain text. Yes you can put a Password on Thunderbird but that wouldn't deter anyone with any motive. I'm aware many people site FDE as a solution to this problem and while it's part of a solution, I would like an additional layer of security. I would like everything inside of '/home/user/.thunderbird' encrypted at rest. Ideally the Master Password would decrypt it but it's not the end of the world if it's a little more laborious. From everything I've seen so far, unless I send and receive all of my emails with PGP, my emails will be stored plain text on my PC. Perhaps installing Thunderbird inside a veracrypt volume is the only option? Any advice would be appreciated.

Todas as respostas (2)

DavidGG
DavidGG
  • Top 10 Contributor
more options

The way to accomplish this would be some generic form of filesystem encryption, not something specific to Thunderbird, but what you have to encrypt is the profile folder where all your mail data is stored, not the Thunderbird application itself:

https://support.mozilla.org/kb/profiles-where-thunderbird-stores-user-data

Modificado por DavidGG a

Útil?

Matt
Matt
  • Top 25 Contributor
  • Moderator
more options

Are you aware of user account controls in your operating system, they are more than capable of encrypting the data stored in the user account, including Thunderbird mail and all your other documents and tax records.

I have been hearing folk on about encryption at rest and refusing to use the facilities of the operating system that allow that for decades. I still fail to understand why anyone wants encryption amateurs (email developers) to encrypt data when they already have access to something written and tested over 20 or more years to be secure.

See https://www.cbtnuggets.com/tutorials/encrypt-data-at-rest-with-linux-tools and https://linuxsecurity.com/features/the-ultimate-guide-to-using-data-encryption-on-linux

Those are a couple of google result for Linux, which the forum reports you as using.

Útil?

Colocar questão

Deve iniciar a sessão com a sua conta para responder às mensagens. Por favor, comece uma nova pergunta, se ainda não tiver uma conta.