autosave
Hi,
i have a question concerning the security of decrypted files
(email or otherwise) sadly i'm no computer expert myself, so i'll
bother y'all with this. Recently i heard a story about people who
did use encryption for their emails, but where the authorities did
get access to their communication due to the fact that their
computer made copies (some autosave function) of files worked on,
when decrypted. Something similar happens when someone sneds me an
encrypted email with attachement. When i open the attachment (from
a decrypted email) it gets saved on my desktop in decrypted state,
and stays that way. Normally i'd like to use something like
truecrypt to encrypt my whole disk, but, alas, that's not possible
with macs so how do i make sure my encrypted files and emails, are
not stored somewhere in decrypted state?
thanx a lot in advance
Comments are currently closed for this discussion. You can start a new one.
Keyboard shortcuts
Generic
| ? | Show this help |
|---|---|
| ESC | Blurs the current field |
Comment Form
| r | Focus the comment reply box |
|---|---|
| ^ + ↩ | Submit the comment |
You can use Command ⌘ instead of Control ^ on Mac
1 Posted by Alex on 28 Nov, 2011 05:27 PM
I think you might want to have a look at http://en.wikipedia.org/wiki/FileVault.
Alex closed this discussion on 28 Nov, 2011 05:27 PM.
teun * re-opened this discussion on 28 Nov, 2011 06:22 PM
2 Posted by teun * on 28 Nov, 2011 06:22 PM
hi alex,
thanx for your reply. I know of filevault, yes. However, there's
apparently some stuff aboout it that make it's workings less dependable
than either gpg or truecrypt (i read). The main question remains as
well: if i decrypt emails/files are they then stored somewhere
unencrypted, by some autosave function? If so, there would always be a
need for something like filevault and truecrypt and gpg for local file
storage would have no purpose? Or am i wrong?
thnx a lot
Op 28-11-11 18:27, Alex (via GPGTools) schreef:
3 Posted by Alex on 29 Nov, 2011 07:36 AM
No, I don't think so.
Mails: I guess not (@Lukas?). Files/Attachments: at least when you decrypt and open them with another application - but you can configure to delete them in Mail.app ("Remove unedited downloads"). But deleted files are still on your harddrive so you must securely delete the files.
Again: I suggest you to use FileVault for your scenario.
Support Staff 4 Posted by Luke Le on 29 Nov, 2011 10:17 AM
Mails are only decrypted and in cache and there decrypted content is not stored anywhere.
If you create a new mail yourself though and choose to encrypt it, the automatic save function of Mail.app will save your draft every few minutes or so. These drafts are NOT encrypted. There is however an option in the GPGMail settings to even encrypt the drafts, then you're good again.
But as Alex already said, Filevault is the best option I think for what you're trying to do
Alex closed this discussion on 16 Dec, 2011 12:49 PM.