Avatar for Username

Caută ajutor

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Află mai multe

Encryption at Rest - Email Storage

  • 2 răspunsuri
  • 0 au această problemă
  • 9 vizualizări
  • Ultimul răspuns de Matt

chattysiddy
chattysiddy
more options

Hi,

I've been using Thunderbird for years now for various email accounts that I mostly used to information I would consider public. Thus while I would take simple and obvious precautions, I wasn't overly concerned with security.

Now, I'm connecting Thunderbird to my personal email accounts, including my ProtonMail account that I do use for private information. I'm happy with the ProtonBridge handles encryption and decryption when you send and receive emails but as I understand it, once on the device, all of your emails are just stored in plain text.

Yes you can put a Password on Thunderbird but that wouldn't deter anyone with any motive. I'm aware many people site FDE as a solution to this problem and while it's part of a solution, I would like an additional layer of security. I would like everything inside of '/home/user/.thunderbird' encrypted at rest. Ideally the Master Password would decrypt it but it's not the end of the world if it's a little more laborious.

From everything I've seen so far, unless I send and receive all of my emails with PGP, my emails will be stored plain text on my PC. Perhaps installing Thunderbird inside a veracrypt volume is the only option?

Any advice would be appreciated.

Hi, I've been using Thunderbird for years now for various email accounts that I mostly used to information I would consider public. Thus while I would take simple and obvious precautions, I wasn't overly concerned with security. Now, I'm connecting Thunderbird to my personal email accounts, including my ProtonMail account that I do use for private information. I'm happy with the ProtonBridge handles encryption and decryption when you send and receive emails but as I understand it, once on the device, all of your emails are just stored in plain text. Yes you can put a Password on Thunderbird but that wouldn't deter anyone with any motive. I'm aware many people site FDE as a solution to this problem and while it's part of a solution, I would like an additional layer of security. I would like everything inside of '/home/user/.thunderbird' encrypted at rest. Ideally the Master Password would decrypt it but it's not the end of the world if it's a little more laborious. From everything I've seen so far, unless I send and receive all of my emails with PGP, my emails will be stored plain text on my PC. Perhaps installing Thunderbird inside a veracrypt volume is the only option? Any advice would be appreciated.

Toate răspunsurile (2)

DavidGG
DavidGG
  • Top 10 Contributor
more options

The way to accomplish this would be some generic form of filesystem encryption, not something specific to Thunderbird, but what you have to encrypt is the profile folder where all your mail data is stored, not the Thunderbird application itself:

https://support.mozilla.org/kb/profiles-where-thunderbird-stores-user-data

Modificat în de DavidGG

Te-a ajutat?

Matt
Matt
  • Top 25 Contributor
  • Moderator
more options

Are you aware of user account controls in your operating system, they are more than capable of encrypting the data stored in the user account, including Thunderbird mail and all your other documents and tax records.

I have been hearing folk on about encryption at rest and refusing to use the facilities of the operating system that allow that for decades. I still fail to understand why anyone wants encryption amateurs (email developers) to encrypt data when they already have access to something written and tested over 20 or more years to be secure.

See https://www.cbtnuggets.com/tutorials/encrypt-data-at-rest-with-linux-tools and https://linuxsecurity.com/features/the-ultimate-guide-to-using-data-encryption-on-linux

Those are a couple of google result for Linux, which the forum reports you as using.

Te-a ajutat?

Adresează o întrebare

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.