From mboxrd@z Thu Jan 1 00:00:00 1970 From: Richard Riley Subject: org-mobile : security Date: Thu, 02 Aug 2012 11:49:54 +0100 Message-ID: Reply-To: emacs-orgmode@gnu.org Mime-Version: 1.0 Content-Type: text/plain Return-path: Received: from eggs.gnu.org ([208.118.235.92]:42367) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Swsyt-0003GQ-W5 for emacs-orgmode@gnu.org; Thu, 02 Aug 2012 06:50:21 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Swsyp-00059E-O4 for emacs-orgmode@gnu.org; Thu, 02 Aug 2012 06:50:15 -0400 Received: from plane.gmane.org ([80.91.229.3]:42333) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Swsyp-00058t-Ht for emacs-orgmode@gnu.org; Thu, 02 Aug 2012 06:50:11 -0400 Received: from list by plane.gmane.org with local (Exim 4.69) (envelope-from ) id 1Swsyj-00065u-7I for emacs-orgmode@gnu.org; Thu, 02 Aug 2012 12:50:05 +0200 Received: from client-86-29-206-19.glfd-bam-2.adsl.virginmedia.com ([86.29.206.19]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Thu, 02 Aug 2012 12:50:05 +0200 Received: from rileyrg by client-86-29-206-19.glfd-bam-2.adsl.virginmedia.com with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Thu, 02 Aug 2012 12:50:05 +0200 List-Id: "General discussions about Org-mode." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-orgmode-bounces+geo-emacs-orgmode=m.gmane.org@gnu.org Sender: emacs-orgmode-bounces+geo-emacs-orgmode=m.gmane.org@gnu.org To: emacs-orgmode@gnu.org org-mobile allows you to use some form of encryption when pushing to the MobileOrg directory. Encrypts and works fine. The issue is that the mobile app has a password setting to unencrypt but there is no protection on the app itelf meaning anyone can read the org files from thje mobileorg app itself kind of defeating the object since dropbox has its own encrption based on id/pasword anyway. I realise I can encrypt org entries myself (I do) using gpg keys but since there is no built in gpg decryption facility in mobileorg thats hard work (you need to copy the encrypted entries to oPenGPG which does feature app pin protection and holds my secret key (which needs a password too)). Is there a way to protect the mobileorg app? Or do I need to manually remove the password from the mobileorg settings each time?