[olug] OT: i r stoopyd

Christopher Cashell topher-olug at zyp.org
Thu Jul 21 21:20:12 UTC 2011 

On Thu, Jul 21, 2011 at 1:35 PM, William Langford <unfies at gmail.com> wrote:
> There's a "master password" enhancer plugin thing for thunderbird that
> requires the master password on start up before it even displays the main
> window.  I believe this will be an acceptable solution.

One warning on this . . . unless they've changed things, Thunderbird
primarily uses that master password to secure other saved passwords.
Any data (mail) stored on disk is still stored in straight plain text
files, and anyone who knows about the mailboxes/headers (and has
access to the machine) can access the files directly without
restriction.

> I'll be debating the TrueCrypt style container for the profile directories.
>  While I don't mind hiding my email from work's eyes, doing a full encrypted
> container does seem a tad eye-brow rising to me.  "What else could he be
> hiding in there?" etc.
>
> Shannon's suggestion of a USB key was my next alternative (without knowing
> that there was a repository of key-friendly apps out there, thanks
> Shannon!).

If this is for a work-type environment, double-check their policies to
make sure you're safe on something like that.  I've seen places that
are perfectly fine with encrypted volumes on the computer, but will
freak out if you're storing data on a USB drive that is coming in and
out of the network regularly.  The first could make data unavailable,
which is definitely bad.  The second could be a sign of data being
removed from the company's controlled environment and being made
available outside the company, which has the potential to be much,
much worse.  Of course, some companies may blow up over an encrypted
file (that they can't access), too.

Also, the much higher possibility of a USB drive being lost means that
encrypting the data there is even more important, IMO.  There's
options for setting up an encrypted TrueCrypt volume on a USB drive,
with the TrueCrypt software included, so it can be run and accessed
conveniently (see the Traveler Disk Setup info from TrueCrypt).  Note
though, TrueCrypt does need local admin privileges to run.

> -Will

-- 
Christopher

More information about the OLUG mailing list