On Fri, 2011-03-04 at 07:17 -0500, Matthew Barnes wrote:
> On Fri, 2011-03-04 at 11:55 +0000, David Woodhouse wrote:
> > On Fri, 2011-03-04 at 06:50 -0500, Matthew Barnes wrote:
> > > Can you go into more detail about why it's needed?  Would help me to
> > > better understand the use cases.
> > 
> > Mostly corporate paranoia. If your phone/tablet/laptop is stolen, the
> > data on it should not be stored in clear text. That would let the thief
> > read all your ultra-secret memo-list mails.
> Would it not make more sense to encrypt files at the filesystem level
> rather than piecemeal through individual apps?  A quick Google search
> turns up several solutions for Linux.

We do have that option already. We've been using ecryptfs for that,
along with the PAM module that unlocks it automatically at login time.

> Perhaps it's a different story for mobile devices?

To a large extent, yes. The 'encrypt it all' solution means that you are
forced to unlock the device to do *anything* with it, while from a user
experience point of view we really do want to have a more fine-grained
approach which allows you to easily use the device for personal things
but just makes you unlock the *corporate* data before you access it.


evolution-hackers mailing list
To change your list options or unsubscribe, visit ...

Reply via email to