Re: laptop & mails archive security

[Laurence Tratt <laurie_(_at_)_tratt_(_dot_)_net>]

On Mon, Aug 30, 2004 at 02:24:29PM +0200, Ed White wrote:

> I know that some developers work with a laptop and so I hope that someone 
> might have a good suggestion to share.
> 
> I have a powerfull home computer (amd64) and a modern laptop (centrino).
> At the moment I'm using a RAID setup on my amd64, however this means that I 
> can checkout mails only at home. I'd like to move all my mail setup (archive, 
> config, accounts) to my laptop so that I'll be able to chekout new mails when 
> I travel and browse my archive.
> 
> Until today I've never done it because I fear these problems:
> 
> 1 - laptop get stolen
> --- mail archive can be read by the thief
> --- mail accounts are valid until I change passwords & C
> 
> 2 - laptop HD fails
> --- mail archive can be partially lost (diff from the last backup)
> 
> 3 - SMTP and POP3 security
> --- I don't know the status of the network I'm using (hotel,airport,...)
> 
> 
> Is there a good solution ?

You have several overlapping concerns here. Here's one possible solution;
other posters have given other examples.

1) can be solved by using an encrypted filesystem [have a look at vnconfig
for example and [1]].

2) is solved by making sure your laptop isn't the sole source of your mails.
I would suggest using offlineimap (which is in ports) to synchronise your
mail against a central server. This allows you to have multiple "checkouts"
of your mail on different machine, all updated and kept in sync in a pleasant
way. I have my mail checked out this way on 3 or 4 different machines.

3) tunnel offlineimap over ssh. [I use Courier-IMAP as my server, but that's
not a significant detail - most servers will allow SSL and / or SSH
tunneling without any problems.]


Laurie

[1] http://www.backwatcher.org/writing/howtos/obsd-encrypted-filesystem.html
-- 
http://tratt.net/laurie/