[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Securing servers



On 2011-10-11 20:24 , tor@xxxxxxxxxxxxxxxxxx wrote:
[..]
> I've been doing this myself for a while now. I wrote/released some
> software to do it. It's described here:
> 
> https://grepular.com/Automatically_Encrypting_all_Incoming_Email
> 
> And here:
> 
> https://grepular.com/Automatically_Encrypting_all_Incoming_Email_Part_2

Yes, that is an awesome method for very cheaply keeping your emails safe
from prying eyes. (though unless one has an external server polling the
mail and saving it again, it is not applicable to gmail, especially as
one does not know how much data gmail and other such services retain as
they don't guarantee deletion).

The big advantage is also that there is no keying material that can
cause the mails to be read, unlike most 'crypto filesystems' which tend
to keep the crypto keys in memory for both reading and writing to the
filesystem, thus if somebody is able to hack a process that can write
(your incoming mailer) they can generally also read those files.

The only missing component in the above puzzle is then to mirror new
mails asap to a set of other hosts to act as a backup, just forwarding
them to the other boxes with a rewrite can solve that though.

Greets,
 Jeroen
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk