emacs-orgmode@gnu.org archives
 help / color / mirror / code / Atom feed
* org-mobile : security
@ 2012-08-02 10:49 Richard Riley
  2012-08-02 13:59 ` Greg Troxel
  0 siblings, 1 reply; 3+ messages in thread
From: Richard Riley @ 2012-08-02 10:49 UTC (permalink / raw)
  To: emacs-orgmode


org-mobile allows you to use some form of encryption when pushing to the
MobileOrg directory. Encrypts and works fine. The issue is that the
mobile app has a password setting to unencrypt but there is no
protection on the app itelf meaning anyone can read the org files from
thje mobileorg app itself kind of defeating the object since dropbox has
its own encrption based on id/pasword anyway. I realise I can encrypt
org entries myself (I do) using gpg keys but since there is no built in
gpg decryption facility in mobileorg thats hard work (you need to copy
the encrypted entries to oPenGPG which does feature app pin protection and
holds my secret key (which needs a password too)).

Is there a way to protect the mobileorg app? Or do I need to manually remove
the password from the mobileorg settings each time?

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: org-mobile : security
  2012-08-02 10:49 org-mobile : security Richard Riley
@ 2012-08-02 13:59 ` Greg Troxel
  2012-08-04 14:05   ` Richard Riley
  0 siblings, 1 reply; 3+ messages in thread
From: Greg Troxel @ 2012-08-02 13:59 UTC (permalink / raw)
  To: emacs-orgmode

[-- Attachment #1: Type: text/plain, Size: 1649 bytes --]


Richard Riley <rileyrg@gmail.com> writes:

> org-mobile allows you to use some form of encryption when pushing to the
> MobileOrg directory. Encrypts and works fine. The issue is that the
> mobile app has a password setting to unencrypt but there is no
> protection on the app itelf meaning anyone can read the org files from
> thje mobileorg app itself kind of defeating the object since dropbox has
> its own encrption based on id/pasword anyway.

Please explain your threat model :-)

Seriously, the fact that the org files are available on the phone does
not seem any scarier than one's email being available on the phone.

I am boggled that you think anything about dropbox security is ok.   In
my view, the whole point of org-mobile encryption is to put ciphertext
only on the webdav server used to transfer between emacs and phone, so
that the webdav server does not need to be trusted for confidentiality.
It seems unwise to trust dropbox, given the lack of clarity around access
to plaintext by dropbox staff, and encryption lets one comfortably use a
shared web server whose admins are not cleared to see the private org data.

> I realise I can encrypt
> org entries myself (I do) using gpg keys but since there is no built in
> gpg decryption facility in mobileorg thats hard work (you need to copy
> the encrypted entries to oPenGPG which does feature app pin protection and
> holds my secret key (which needs a password too)).
>
> Is there a way to protect the mobileorg app? Or do I need to manually remove
> the password from the mobileorg settings each time?

It seems like perhaps you want a phone-wide confidentiality solution.


[-- Attachment #2: Type: application/pgp-signature, Size: 194 bytes --]

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: org-mobile : security
  2012-08-02 13:59 ` Greg Troxel
@ 2012-08-04 14:05   ` Richard Riley
  0 siblings, 0 replies; 3+ messages in thread
From: Richard Riley @ 2012-08-04 14:05 UTC (permalink / raw)
  To: emacs-orgmode

Greg Troxel <gdt@ir.bbn.com> writes:

> Richard Riley <rileyrg@gmail.com> writes:
>
>> org-mobile allows you to use some form of encryption when pushing to the
>> MobileOrg directory. Encrypts and works fine. The issue is that the
>> mobile app has a password setting to unencrypt but there is no
>> protection on the app itelf meaning anyone can read the org files from
>> thje mobileorg app itself kind of defeating the object since dropbox has
>> its own encrption based on id/pasword anyway.
>
> Please explain your threat model :-)

My org files contains confidential information. My email does not.
>
> Seriously, the fact that the org files are available on the phone does
> not seem any scarier than one's email being available on the phone.

See above.

>
> I am boggled that you think anything about dropbox security is ok.
> In

I didnt say it was ok or mega secure. I said that its already encrypted
on their end and without user id/pass pretty hidden.

> my view, the whole point of org-mobile encryption is to put ciphertext
> only on the webdav server used to transfer between emacs and phone, so

(I dont use webdav)

> that the webdav server does not need to be trusted for confidentiality.
> It seems unwise to trust dropbox, given the lack of clarity around
> access

I dont trust dropbox per se. But dropbox repo isnt on my phone without a
password access. ie if I leave my phone on the table or lose it. And as
I pointed out, even on dropbox the files *are* encrypted. Its the phone
side that is the issue.

> to plaintext by dropbox staff, and encryption lets one comfortably use a
> shared web server whose admins are not cleared to see the private org
> data.

Yes, which is why my files *are* encrypted using the org-mobile
encrption.

>
>> I realise I can encrypt
>> org entries myself (I do) using gpg keys but since there is no built in
>> gpg decryption facility in mobileorg thats hard work (you need to copy
>> the encrypted entries to oPenGPG which does feature app pin protection and
>> holds my secret key (which needs a password too)).
>>
>> Is there a way to protect the mobileorg app? Or do I need to manually remove
>> the password from the mobileorg settings each time?
>
> It seems like perhaps you want a phone-wide confidentiality solution.
>
>

No. Just the ability to not have people see my org files if they pick
up/find my phone. This can be done, as I outlined above, by pgp
encryption of the org entries themselves but this is a pain since there
is no built in decryption and I have to do it in openPGP manually.

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2012-08-04 14:05 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-08-02 10:49 org-mobile : security Richard Riley
2012-08-02 13:59 ` Greg Troxel
2012-08-04 14:05   ` Richard Riley

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/emacs/org-mode.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).