[tor-talk] Securing servers
Jeroen Massar
jeroen at unfix.org
Tue Oct 11 18:34:13 UTC 2011
On 2011-10-11 20:24 , tor at lists.grepular.com wrote:
[..]
> I've been doing this myself for a while now. I wrote/released some
> software to do it. It's described here:
>
> https://grepular.com/Automatically_Encrypting_all_Incoming_Email
>
> And here:
>
> https://grepular.com/Automatically_Encrypting_all_Incoming_Email_Part_2
Yes, that is an awesome method for very cheaply keeping your emails safe
from prying eyes. (though unless one has an external server polling the
mail and saving it again, it is not applicable to gmail, especially as
one does not know how much data gmail and other such services retain as
they don't guarantee deletion).
The big advantage is also that there is no keying material that can
cause the mails to be read, unlike most 'crypto filesystems' which tend
to keep the crypto keys in memory for both reading and writing to the
filesystem, thus if somebody is able to hack a process that can write
(your incoming mailer) they can generally also read those files.
The only missing component in the above puzzle is then to mirror new
mails asap to a set of other hosts to act as a backup, just forwarding
them to the other boxes with a rewrite can solve that though.
Greets,
Jeroen
More information about the tor-talk
mailing list