Locally Secure Email Clients? 77
Mattcelt asks: "I share my PC with my roommates, two of whom don't have their own PCs. In order to keep things simple, I have Windows98 running on it - they are used to the interface; it runs the programs they need to run from the University; and I refuse to pay the money to Microsoft to upgrade to a newer Windows OS. Unfortunately, there are some issues with privacy, and though I trust my roommates, there are work-related things I wouldn't want them to stumble into. Has anyone seen an email client other than Outlook that has -local- file security? Outlook has a feature to allow the password protecting of .pst files on the local drive, but it seems that every other email client figures that once the mail is on your machine, you don't need it protected any longer. Is there another email client with integrated password protection?"
Tried a combination of... (Score:5, Informative)
Just set thunderbird up to store your mail in a subdirectory of the root thunderbird dir, and encrypt it from there recursively.
Re:Tried a combination of... (Score:3, Informative)
As such, if you use Mozilla Thunderbird (great client, better every month) you can put the following line in your user.js file (check the mozilla site for how-to)
user_pref("mail.password_protect_local_cache", true);
which will hide all e-mail (except for a folder list) until you enter a password.
Obviously this is very low se
More general solution? (Score:4, Insightful)
This way, you could store all your sensitive files on the encrypted/protected folder, and have it only be unlocked when you are there.
Here are some links:
http://www.passtheshareware.com/c-encryption.htm [passtheshareware.com]
http://www.globalshareware.com/Utilities/Security
http://www.everstrike.com/protect-folder-98.htm [everstrike.com]
IMAP? Web Mail? SSH? (Score:5, Informative)
--
Evan "IMAP/Kontact user myself"
Re:IMAP? Web Mail? SSH? (Score:1)
Storing the encrypted mails on the machine would mostly serve his purpose, if they were only decrypted for reading (tho remember the swap...
Re:IMAP? Web Mail? SSH? (Score:2)
Storing the mails on the server is no more risky than using the server. You're one rule away from having a mirror of all email sent to you away being stored, and likely anybody you're using for email has a record dating back at least six months, if not years, of all the email you've
Re:IMAP? Web Mail? SSH? (Score:2)
(I know that this sounds like an advertisement but I am just a customer.)
Re:Why shared at all?? (Score:1, Offtopic)
I am just saying you were presented with an IT problem, and you chose to treat it as social problem. It is not a bad approach, however it does not solve anything, and your answer qualifies as the anti-thesis of +1, Informative.
Re:Why shared at all?? (Score:1, Offtopic)
Why do you assume testosterone must be involved in such an "arrangement" - either hetero or not?? I know plenty of female geeks would negotiate such. :-) :-)
Re:Why shared at all?? (Score:1, Offtopic)
Re:Why shared at all?? (Score:1, Offtopic)
Re:Why shared at all?? (Score:1, Offtopic)
Re:Why shared at all?? (Score:3, Insightful)
The Bat (Score:3, Informative)
If you buy yourself a copy and let everyone else stick to outlook, the app won't open until the proper password is supplied. The mail folder itself is meanwhile encrypted (I think, but let me double check).
Re:The Bat (Score:2)
Re:The Bat (Score:2)
No, I remember having my home laptop with The Bat! on it and then lending it to a friend and being able to completely lock the mail app and Bat archives. It's been too long ago, since then I switched to Outlook at office, my personal server at home, and now Gmail.
SecureBat is more encryption and more security related to e-mail transfer and authentication, not e-mail storage.
Re:The Bat (Score:2)
However, I just added a password to TheBat! and opened the Inbox->Messages.TBB in a text editor to verify that all of the messages are (like Outlook) stored in plain text. The Bat!'s password will prevent someone from accidentally stumbling into your e-mail, but if they're the slightest bit interested they can read it easily.
Use Anything (Score:5, Insightful)
I would guess that most programs (I know that Outlook let's you do this) will let you specify where to place the datafile with all the e-mails and such. All you do is have it put the file on another disk. The idea is that you use a USB key that you keep with you. The data file is stored on the key so only when you're at the computer and it's plugged in is the data accessable. Hard to get more secure than not having the file on the computer at all.
If the program objects to having the file on a removeable drive, you could make batch scripts and keep them on the desktop. The one you run after inserting the key would copy the file from the key to the hard drive in the apropriate place. The one you run when you're done moves the files off the hard drive back onto the key. They you remove your key and go.
Seems like about the best solution you'll get.
Note: also that there are some USB Keys (I seem to remember seeing one on Tom's Hardware reviewed once) that have functionality like this built in somehow. They contain their own e-mail client or other software to make doing this kind of thing easy. Look around, you're not the only person who would like to be able to do something like this.
Also note: for the ultimate in security, get one of the USB key drives that has a thumbprint sensor as an added layer of security.
Ok, here's the standard (Score:1)
I know, I know "My apps don't run in linux, and wine is teh sux0r5" blah blah blah.
Well then, do a dual boot. I know, I know "reboot to check my mail, hell no."
Install XP. I know, I know "Paying M$ for an upgrade, hell no."
Well, I know you don't want to hear it, but as long as you are using 98, you're fucked - UNLESS, you use yahoo or something similiar to store your pop mail. You have to get it off of the machine for it to be hidden from users that have local access to a machine that think
Re:Ok, here's the standard (Score:3, Interesting)
That's exactly what I do: I've got Linux, with an ext3 partition that Windows doesn't have a clue about, for my "sensitive files", and a Windows partition for when my brothers want to play games on the machine -- after all, it's the only computer in the house fast enough to play modern games.
If you're using Win98, you don't even need to re-partition the hard drive. Use something like LoopLinux to have a Linux system resident in
Re:Ok, here's the standard (Score:2)
Re:Ok, here's the standard (Score:2)
At th
Re:Ok, here's the standard (Score:1)
Re:Ok, here's the standard (Score:1)
Re:Ok, here's the standard (Score:2)
Re:Ok, here's the standard (Score:1)
Actually, even in linux if a person has local access to the system it's not secure, so your last part about encryption, or removal of the files (usb key) are the ONLY ways to make it secure, and encryption doesn't require linux. Even so, I'd say using linux is more desirable than using Win98, and just as easy, if not easier, with the right distro
Re:Ok, here's the standard (Score:1)
Re:Ok, here's the standard (Score:1)
Re:Ok, here's the standard (Score:1)
Re:Ok, here's the standard (Score:1)
[Your Next Flame Here]
Re:Ok, here's the standard (Score:2)
Wine works for most simplistic University-style programs.
And I've seen tests where WinXP outperforms 98 on older machines -- but if you were that concerned about performance, you'd install gentoo [gentoo.org] anyway. And WinXP lets you protect local files.
98 wont't do it. Ever. Security in Win98 is even more of an oxymoron than Compassionate Conservative.
Two words: key logger. Or if you use a USB keychain, key
Re:Ok, here's the standard (Score:4, Interesting)
Give each of your buddies regular 'user' accounts so a) they can't install crap, b) they can't directly access your files, and c) they can't screw it up. Each user has a profile and when they run whatever email client they want the files are stored in their profile. Sort of like
Re:Ok, here's the standard (Score:3, Informative)
And there's the fact that no Windows OS was all that secure anyway, last I checked. Lots of viru
Re:Ok, here's the standard (Score:2)
I suggested it instead of Linux because he was already semi-familiar with Windows and it would be familiar, and because all the support infrastructure he has available on a college campus is going to be Microsoft-centric. Also, it would be a little more work on his side, securing the system so they could use it as 'users'
Sarcastic Eudora on Windows 2000 (Score:2)
Give each of your buddies regular 'user' accounts so a) they can't install crap, b) they can't directly access your files, and c) they can't screw it up. Each user has a profile and when they run whatever email client they want the files are stored in their profile. Sort of like
For sure! I'm assuming that since they don't own their own computers, they're probably not too capable with them. They're not likely to break Windows 2000 (which is slightly more secure than Windows 98).
Since it's your PC (Score:2, Interesting)
Bottom line: you're screwed. (Score:4, Informative)
Say you install a more secure, multi-user OS like Linux or FreeBSD or (gasp!) Windows 2000. Even if they can't learn your password, they can boot Knoppix or similar, mount your partitions and crack your box that way.
The bottom line is that if they have physical access to your box, you're pretty much screwed. Either trust them and find some other way to separate work from home, or lock your box away in a cabinet they can't get to, install Linux/BSD, keep them patched against local root exploits, and don't let them get you drunk/stoned/in a state where you might divulge your passwords.
Re:Bottom line: you're screwed. (Score:3, Insightful)
Encrypted loopback filesystem. Assuming they can find the disk image in the first place, they still need to crack the password before they can mount it.
Nope. (Score:2)
It's called a "keylogger", and it intercepts passphrases. They're pretty commonplace nowadays. My favorite's a little dongle you plug into a USB port and then plug the laptop's USB port into the dongle.
An encrypted filesystem is not, repeat, is not, any kind of defense against untrustworthy people with ongoing physical access to the hardware. If you've got a laptop and you're concerned about it being stolen, an encrypted filesystem makes a lot of sense. But in this situa
Re:Nope. (Score:1)
This still doesn't prevent someone installing 'spies' that will copy your data when it is mounted, though. While hard, physical access to the machine can help facilitate it.
Re:Bottom line: you're screwed. (Score:1)
Re:Bottom line: you're screwed. (Score:3, Insightful)
Re:Bottom line: you're screwed. (Score:3, Insightful)
Re:Bottom line: you're screwed. (Score:1)
BTW original poster - I cannot suggest anything that hasn't already been suggested.
steve
Consider RDP/Citrix/OWA if available (Score:2, Informative)
I'd say bite the bullet and WinXP/2000 yourself... (Score:2)
Re:I'd say bite the bullet and WinXP/2000 yourself (Score:5, Funny)
Here's a Slashdot answer:
I suggest upgrading to Linux. If some apps don't work, suggest to the developers that they port their apps.
Encrypt separate directories, store mail there (Score:3, Informative)
I know that with some MUAs one can specify certain folders for local mail storage, and you can do this with Eudora [eudora.com] in particular (you can probably do it with The Bat or maybe even Outlook; I've used neither of those, so I can't say). So install Eudora, and create your shortcuts for each user like in the link. You'll want to create folders on a different drive letter for each user. User #1 gets h:\mail, User #2 gets i:\mail, etc.
Now, install BestCrypt [jetico.com]. You have three users, so create three container files. Have each roommate type in their own passphrase. Open each one, mounting each on the drive letter where the icon shortcuts above point to. Ensure that Eudora can get/send mail (look for mtimes on the .toc files for the inboxes if nothing else).
Now create three small batch files, one for each Eudora shortcut from above. In each, you'll have a line with the command for that user's bcrypt container mounting command, then the text in the "Target" from the Eudora icon above after that. Edit the properties of each icon, and point them to the appropriate batch file.
When User #1 clicks his Eudora desktop icon, BestCrypt will fire off, asking him for a passphrase. Then once the container with User #1's mail folders is mounted, Windows will start Eudora, pointing it at the newly mounted drive. It'll check mail, and store everything. When User #1 is done reading his mail, he can either leave his mail container moutned, or right-click the system tray icon and unmount it. (You could alternately create a batch file that shuts down Eudora and then unmounts the container.)
It sounds like a lot of work, but it should take more than 5-10 minutes to set up. And it'll be secure. You can pick many different algorithms with BestCrypt. Using Blowfish with a 256-bit key ought to be just fine for your needs. An alternate solution would be to go on ebay and find some cheap used laptops for your roommates' mail needs. Then you can encrypt your entire filesystem.
-B
Local file protection? (Score:1)
Your situation could be seen in two ways:
1.You share your machine and wouldn't want your roommates to see your files, but they are not trying to mess with your stuff on purpose.
In that case you could just use mozilla as you've been told in the other posts. I do that here and it works, it's even better considering that you can also sepa
Errata (Score:1)
My mistake, sorry.
Bummer (Score:3, Insightful)
Bummer. The upgrade from 98 to 2k or XP would become worth the money in well under a week. Not only could you set up better permissions for stuff, but they're also harder to break accidentally. I'd point ya that way even though you don't want to, but it doesn't directly solve the problem you specfically asked about.
Re:Bummer (Score:2)
Sure it does; with XP, and a reasonablly intelligent mail client, your mail files will wind up in the docs and settings subtree, which, if properly permissioned, won't allow other people to access.
Couple that with proper logout discipline, and you're reasonably golden.
Scramdisk (Score:2)
I used it some years back in my Win9x days and it was very reliable (well version 2.02h was anyway). I used Eudora for email, but any email program that isn't so tied to the registry is good - e.g. uses ini files and you can tell the program where to find the ini and mails.
Here's how I did it:
Create a scramdisk container (encrypted file which you mount as a drive) big enough to hold your emails and other stuff.
Mount it as say M: (or z: or whatever - don't clash
Re:Scramdisk (Score:2)
In Outlook Express:
Pull down the Tools menu, select Options.
Select the 'maintenance' tab.
Clicky the button labelled 'store folder.'
Clicky the button labelled 'change.'
Point it at the ultra-secure, mounted, encrypted, case explodes when exposed to open air file server that's also holding up that corner of the couch; you know, Jimmy knocked the leg out when he was drunk that night, and was trying to do the worm dance, he thought it would impress that redhead with the peircing green eyes...yeah, that one,
Re:Scramdisk (Score:2)
With Outlook you'd have to create profiles for each user on each PC. This was in the Win9x days. Didn't really get to try roaming profiles. Do you know how well that works in practice?
Re:Scramdisk (Score:2)
Well, you've got two options.
Outlook, remember, is designed to be an Exchange client, and it works just great for that. Log into any machine on the domain, and there's your email. Or just use OWA.
Using WinNT's remote profiles should work just fine, but myself's not had any experience using them.
How about setting up a file server? (Score:2, Interesting)
Find an old (eg, first generation pentium-I) computer, and set it up in the closet running a trim linux or BSD distro. For something between free and $20 US, plus the cost of a hard-drive and two network cards (and or a hub), you can put together a nearly secure storage system. You could also turn it into a cheap firewall while you're at it, which could be a very good thing once security updates for win98 stop
Multiple Identities (Score:1)
Best part is you don't have to do anyt
Calypso (Score:1)
Although development has stopped for it, U still can use it (for free).
It stores all mail in a single DB file, which can be password protected.
The DB file can contain mutiple acounts.
http://10xshooters.com/calypso-free/
http://www.rosecitysoftware.com/calypso/
Get PGPDisk (Score:2)
Create a container with PGPdisk, mount it as a drive, install email client to that drive.
dump 9x, go... something else (Score:1)
"work-related things"? (Score:1)
"there are work-related things I wouldn't want them to stumble into"
um... in other words, you don't want your roommates to see you're on the mailing list for tranny pr0n sites?
Turnpike (Score:1)
I use it personally and find it quite a good system for a windows environment. Spell checking, threaded emails, a "Windows-like" interface. Not free, except for users of Demon Internet, who won it, but I think ha
Geez, what slackers... (Score:1)
Sorry, but if I can manage to piece together a mid-range gaming system on nothing but a minimum-wage job, these people have little excuse why they can't go take an on-campus job for oh, say, two weeks, and pick up an old Pentium 2/3 that can handle the basics.
My advice to you i
Exactly what you asked for. -- Courier (Score:1)