emacs-orgmode@gnu.org archives
 help / color / mirror / code / Atom feed
From: Greg Troxel <gdt@ir.bbn.com>
To: emacs-orgmode@gnu.org
Subject: Re: org-mobile : security
Date: Thu, 02 Aug 2012 09:59:23 -0400	[thread overview]
Message-ID: <rmimx2d2y4k.fsf@fnord.ir.bbn.com> (raw)
In-Reply-To: <g38vdxin59.fsf@news.eternal-september.org> (Richard Riley's message of "Thu, 02 Aug 2012 11:49:54 +0100")

[-- Attachment #1: Type: text/plain, Size: 1649 bytes --]


Richard Riley <rileyrg@gmail.com> writes:

> org-mobile allows you to use some form of encryption when pushing to the
> MobileOrg directory. Encrypts and works fine. The issue is that the
> mobile app has a password setting to unencrypt but there is no
> protection on the app itelf meaning anyone can read the org files from
> thje mobileorg app itself kind of defeating the object since dropbox has
> its own encrption based on id/pasword anyway.

Please explain your threat model :-)

Seriously, the fact that the org files are available on the phone does
not seem any scarier than one's email being available on the phone.

I am boggled that you think anything about dropbox security is ok.   In
my view, the whole point of org-mobile encryption is to put ciphertext
only on the webdav server used to transfer between emacs and phone, so
that the webdav server does not need to be trusted for confidentiality.
It seems unwise to trust dropbox, given the lack of clarity around access
to plaintext by dropbox staff, and encryption lets one comfortably use a
shared web server whose admins are not cleared to see the private org data.

> I realise I can encrypt
> org entries myself (I do) using gpg keys but since there is no built in
> gpg decryption facility in mobileorg thats hard work (you need to copy
> the encrypted entries to oPenGPG which does feature app pin protection and
> holds my secret key (which needs a password too)).
>
> Is there a way to protect the mobileorg app? Or do I need to manually remove
> the password from the mobileorg settings each time?

It seems like perhaps you want a phone-wide confidentiality solution.


[-- Attachment #2: Type: application/pgp-signature, Size: 194 bytes --]

  reply	other threads:[~2012-08-02 13:59 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2012-08-02 10:49 org-mobile : security Richard Riley
2012-08-02 13:59 ` Greg Troxel [this message]
2012-08-04 14:05   ` Richard Riley

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: https://www.orgmode.org/

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=rmimx2d2y4k.fsf@fnord.ir.bbn.com \
    --to=gdt@ir.bbn.com \
    --cc=emacs-orgmode@gnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/emacs/org-mode.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).