-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On Monday, May 10 at 04:06 PM, quoth chombee:
> I'm wondering about the privacy implications of using mutt. Say I'm
> using it on my laptop (or any untrusted host, maybe a computer owned
> and administrated by someone else) and if my laptop gets stolen I
> don't want my email to be compromised in any way. I don't want a
> copy of my email to be stored on my laptop, or accessible from it
> without typing my password. So I use mutt, and I connect to my email
> account over IMAP with SSL. I don't put my IMAP password in my
> muttrc file, instead I type it every time I connect.
I used to do that, until I discovered the power of gpg to decode
things on the fly. Now I have an encrypted mutt config file that is
sourced by the main mutt config file, like this:
source "gpg -d .muttrc.secure.gpg|"
It'll ask for my gpg password, decode it, etc. I can even then use
gpg-agent to store my passphrase and allow me to quit and restart mutt
multiple times without retyping the passphrase.
> The header and message cache options seem like an obvious
> information leak. Which is a shame, because they really speed
> things up! I suppose a possibility is to encrypt a directory
> containing the mutt config and cache files etc., and each time you
> check your email decrypt that directory then launch mutt.
Depending on what you're after, you certainly don't *have* to encrypt
it. You *could*, for example, simply use a wrapper script around mutt
to automatically delete the header and message cache. It wouldn't make
first-visits to messages and mailboxes fast, but would allow you to
take *some* advantage of the caches.
But a wrapper script---or even something called from within your
muttrc---is a powerful way of making such an encrypted directory
simple and convenient.
If you're feeling *really* paranoid, however, you may wish to
reconsider using a laptop at all. If it's stolen, a smart thief can
recover your passwords by taking out your hard drive and scanning the
swap partition and/or swap files for anything that had been stored in
memory (like a password) but that had been swapped to disk for
whatever reason. Worse than that, an even smarter thief can get those
passwords even if you can prevent them from being swapped to disk, by
quickly cooling and then removing your RAM from your laptop. It's a
very scary, surprisingly easy technique:
http://maltainfosec.org/archives/92-Recovering-passwords-from-RAM.html
Because your RAM is vulnerable, ANYTHING on your laptop is vulnerable,
even if it's encrypted in memory (because you'd have to have a way to
decrypt it ALSO stored in memory).
So... it all boils down to how paranoid you're feeling. At that level
of paranoia, webmail might be the best option---even there, you have
some potential issues with password saving or, at the very least,
session-ID saving. Much more paranoia than that, though, and you
probably shouldn't use a laptop at all.
~Kyle
- --
Once again the conservative sandwich-heavy portfolio pays off for the
hungry investor!
-- Zoidberg
-----BEGIN PGP SIGNATURE-----
Comment: Thank you for using encryption!
iQIcBAEBCAAGBQJL6C2BAAoJECuveozR/AWeo48P/i/i6y9pQjBiThnAN+Hy/U4Q
DYcJfTMjAkceN+YH3svqz5xRuI0ekDoWB8lo1TQ/U4xXywymDEIk02u14vnizTch
qWGp93EnAE8ArPhgC2ZHHUh7eYHn9fIdb9FH3plaVv5cDSS65e0zG/mRIwigXj/b
aS72ov/vDZlZUGJwYWp+MNWudFWcCXqFlxzp568QaThs9tZbE00nHOKaBbRCNmUX
cMvts15ecnNvaVlzqTVuF5M0lSCZdwPeEWw+W7wBv6FP4ClItmKtmUo/31iQSFWc
IeVLYOnZuuKSB63mhWhG79nz+9+wFkFZ4gLL38cRaGYI4rIJW8Z+myIRMiAqQlBk
u4UZ1XOitTcHXZfggXwWTNEG4jkX+Rzl+lNNN07sm98oWIGgSVfGYNrg9vAus90u
nl5pEWkNhaBl8+25dhgjoM23IWvRIa+k6aLG4w45Eev7Za19VsWfoDoahRM/1aco
yHjFzOFjR5ENSw7U+vIQeH0RwuVJ/HGofaxf/FKvv8XkpxgYjeuervQ9JiDBLW/z
JdVNyJO73gzi8hWR9BZoc2RjdSYFD7m1aPyCTFcurwXMyAGYwhRMVRI+1ynixjEa
t6zmx6GvdvYywkYLUi/DfT6J/+oiAKPYf2xOdeLKgZMw6UXOT+GtuFeTcfjATvDb
Xr6zOKF5H7GQrNrI7Qcq
=SR6U
-----END PGP SIGNATURE-----
