Active Topics
-
Installing CSSU Stable in year 2024 (1)
to Maemo 5 / Fremantle by Maemish - 7 hrs, 43 mins ago -
[ANNOUNCE] CSSU-thumb thread - stable Thumb2 on N900 (2,266)
to Maemo 5 / Fremantle by pali - 9 hrs, 46 mins ago -
Firefox with Leste (7)
to Maemo 7 / Leste by teroyk - 13 hrs, 49 mins ago -
Porting apps to Leste (32)
to Maemo 7 / Leste by Arno_11 - 6 days, 16 hrs ago - more...
|
2010-10-29
, 00:15
|
|
Posts: 41 |
Thanked: 19 times |
Joined on Jan 2010
|
#2
|
so what you are saying is that a thief would look for your emails in home/user/.modest/cache/mail/imap/ ?
why couldn't he just use the email app?
... what is the point of encryption if the e-mail app is unprotected. could you please explain. =D
why couldn't he just use the email app?
... what is the point of encryption if the e-mail app is unprotected. could you please explain. =D
 |
|
2010-10-29
, 00:18
|
|
Posts: 2,355 |
Thanked: 5,249 times |
Joined on Jan 2009
@ Barcelona
|
#3
|
|
|
2010-10-29
, 01:01
|
|
Posts: 8 |
Thanked: 0 times |
Joined on Oct 2010
|
#4
|
Originally Posted by Dante
Dante, I don't store the email passwords on the device (email setup), so the thief won't be able to log into the account, however emails are being stored as plain text which is a huge security issue.
so what you are saying is that a thief would look for your emails in home/user/.modest/cache/mail/imap/ ?
why couldn't he just use the email app?
... what is the point of encryption if the e-mail app is unprotected. could you please explain. =D
|
|
2010-10-29
, 01:06
|
|
Posts: 8 |
Thanked: 0 times |
Joined on Oct 2010
|
#5
|
Originally Posted by javispedro
Yes, thanks I had seen this, but it is talking about usernames/passwords being stored in plain text which is not an issue for me since I never store passwords on the device.
We already went over a similar thing
http://talk.maemo.org/showthread.php?t=41164
I am concerned that email messages are stored in plain text, which is a big problem.
 |
|
2010-10-29
, 01:39
|
|
Posts: 3,397 |
Thanked: 1,212 times |
Joined on Jul 2008
@ Netherlands
|
#6
|
Encrypt your homedir, search for bug report about this and if there isn't one file a new one. This was also discussed in the Brainstorm forums already, btw.
__________________
Goosfraba! All text written by allnameswereout is public domain unless stated otherwise. Thank you for sharing your output!
Goosfraba! All text written by allnameswereout is public domain unless stated otherwise. Thank you for sharing your output!
|
|
2010-10-29
, 01:41
|
|
Posts: 2,225 |
Thanked: 3,822 times |
Joined on Jun 2010
@ Florida
|
#7
|
I am pretty sure we have SOME program available in the repos for mounting/creating encrypted disks/volumes. I would just delete all cached emails if paranoid enough - but I can see why you'd want encryption.
However, I'm pretty sure even if you encrypt the emails using the available tools, the N900's email app would take some hacking to make it capable of opening and saving them in that encrypted volume.
Perhaps turn to one of the community email apps that are being actively developed, and see if you can get them to integrate that with email encryption upport?
Last edited by Mentalist Traceur; 2010-10-29 at 01:42. Reason: left out a word
However, I'm pretty sure even if you encrypt the emails using the available tools, the N900's email app would take some hacking to make it capable of opening and saving them in that encrypted volume.
Perhaps turn to one of the community email apps that are being actively developed, and see if you can get them to integrate that with email encryption upport?
Last edited by Mentalist Traceur; 2010-10-29 at 01:42. Reason: left out a word
|
|
2010-10-29
, 01:56
|
|
Posts: 1,463 |
Thanked: 1,916 times |
Joined on Feb 2008
@ Edmonton, AB
|
#8
|
because this is not an E-series device?
|
|
2010-10-29
, 02:24
|
|
Posts: 992 |
Thanked: 738 times |
Joined on Jun 2010
@ Low Earth Orbit
|
#9
|
Want encrypted emails? Get a Blackberry
|
|
2010-10-29
, 03:08
|
|
Posts: 8 |
Thanked: 0 times |
Joined on Oct 2010
|
#10
|
Thanks for all the replies. I guess the issue is, in this case, is with the actual native mail client on the N900. It does not encrypt stored messages. This is a major security issue since the application does not comply with industry security standards. I was actually very surprised.
So the correct solution is for the native email client to store this info encrypted.
I have done some other research and apparently there are a number of apps both native and/or developed that stores info like usernames, passwords, chat messages, SMS, etc, in plain text.
For the time being does anyone know of a secure email client?
Should we report this as a bug?
So the correct solution is for the native email client to store this info encrypted.
I have done some other research and apparently there are a number of apps both native and/or developed that stores info like usernames, passwords, chat messages, SMS, etc, in plain text.
For the time being does anyone know of a secure email client?
Should we report this as a bug?
If you check the directory “/home/user/.modest/cache/mail/imap/” you will find all your email accounts subfolders, if you navigate to any of those you will find that all the information is stored in plain text. There are also subfolders within each email account. For example if you go to the INBOX subfolder you will find that emails are stored in plain text.
This is a major security issue if the device is lost or stolen.
Is there an encryption option somewhere that I haven’t noticed or is this simply the lack of encryption within the device?