IRCaBot 2.1.0
GPLv3 © acetone, 2021-2022
#saltr
/2023/04/01
dr|z3d eyedeekay: not sure we need more than one password tbh.
dr|z3d password that encrypts storage could be the same login p/w for postman's server.
dr|z3d unless there's an issue with that?
dr|z3d what we could use is an in-susimail password manager for the account once logged in which may require some api tweaks server-side.
eyedeekay That would be useful, I asked about such an API in #mail.i2p earlier
eyedeekay I think different passwords for login and local storage is better for security in principle
dr|z3d not buying it. if the login password is exposed when you login to susimail, then it's exposed. 2 passwords is just adding more complexity for no reward as far as I can tell.
dr|z3d having one password means never logging into susimail with the wrong password and wondering why server login's not working.
eyedeekay It's the other direction I'm concerned about, even if the login password becomes exposed, the local storage password is not
dr|z3d eyedeekay: don't think it's worth worrying about.
RN I think some of that was just prioritizing out loud ;)
dr|z3d I mean, currently we have totally unencrypted storage, so just encrypting the storage with the login pass is better.
RN I wouldn't want my snark dl's in an encrypted dir, unless I made it that way, but I do get the want for that
RN but email might be a little different
RN the user logs in to get to them
RN if the router is off and someone can just go look at them without the router even being fired up
RN I think clear disclosure to the users about it might be a better solution for now... I mean if they use a common mail client with pop/smtp then does that client encrypt the emails on disk?
RN II'm pretty sure TBird stores email in a file format that's trivial to parse
dr|z3d we're talking about susimail mail dirs, RN.
dr|z3d thunderbird stores emails in cleartext.
RN right
RN so...
dr|z3d what eyedeekay and I have been discussing is encrypting the user's susimail download dir.
dr|z3d first off.
RN to make susimail more appealing
RN right
dr|z3d and also pgp support.
RN I was just saying of other email apps don't do it...
RN pgp support would rank higher than enc storage
RN imho
dr|z3d no they don't, but they function differently.
dr|z3d the user is lead to believe they need to login to access their e-mail in susimail.
RN with pgp you can have the emails encrypted in stored state by default
dr|z3d separate issue.
RN yeah, where is that leading? but I would probably have assumed the same when I was new to I2P
RN it's all encrypted
dr|z3d and recipient would need to have pgp support for it to make sense.
RN automagically protects me from being careless
RN hehe
RN right... so a note "if you are not deleting emails that don't use pgp encryption, be aware these emails can be read from the files withuot the router running"
RN or such
dr|z3d pgp is later. encrypted mail dir is first.
RN both promotes better opsec, using pgp, and promotes user awareness
RN ok, I'm listening
dr|z3d pgp is mroe involved.
dr|z3d to really make sense, you'd probably want an addressbook with contacts.
dr|z3d then you can attach their pgp key and everything else is taken care of.
dr|z3d and that also allows you to attach your pgp key to e-mails only if you the contact doesn't have a pgp keyed enabled or you're not sending to a contact in your addressbook.
RN ok
dr|z3d much more involved.
dr|z3d encrypting a user's mail dir, otoh, not so much.
albat Salut dr|z3d, j'utilise un traducteur que m'a montré RN :)
albat Hi dr|z3d, I'm using a translator shown to me by RN :)
albat You're there?
albat now i have good english lol
dr|z3d your english was fine before, albat
dr|z3d et salut.
albat now it's better, my beloved cockroach :)
RN remember though albat, it does send everything to Google
RN fun little find though
RN I don't remember him saying beloved cockroach before though... do you?
RN heheheh
mildseven oh its a hexchat plugin :)
mildseven is there a weechat plugin?
albat I don't know
RN yep. 64 bit os and 64 bit hexchat required
RN the danger of git is you will probably find one
RN ;)
RN if I knew rust... I'd divorce it from google and swithch to another translation engine
mildseven rust is a great game ;)
RN
dr|z3d albat le caffard. he's being symmetrical.
RN symetry can be pretty
RN but it is the tiny variations from symmetry that are truely beautiful