[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-bugs-dist
Subject:    Bug#23947: KMAIL PASSWORD PROTECTION AND ENCRYPTION
From:       Jason Stephenson <jjas () engr ! uky ! edu>
Date:       2001-04-10 21:02:56
[Download RAW message or body]

On Tuesday 10 April 2001 15:55, Jose Luis Benitez wrote:
> In my case this isn't true. We have not any mail server. Our mail is
> retrieved from a POP3 account directly to Kmail.

And that POP3 account is where? If it's on someone else's server, then the 
person with the root or Administrator password on that server can read your 
mail, even have it automatically copied to another account as well as sent on 
to you without you ever knowing it is being done. (Which makes me wonder why 
the FBI claims it needs Carnivore.) You mail has to get to your machine 
somehow, and I'll guarantee you that there is an administrator on some system 
who can read your email without your password. This is precisely why you 
should follow the advice mentioned earlier and use PGP, or some work-alike 
software.

You've seen the bumper sticker and the T-shirt, and it's true: "I read your 
e-mail."

All of the above to say, that this bug report should be closed, since it 
isn't really a bug. If someone has root on your system, they'll get your 
email anyway. I don't think KMail should be storing passwords between 
sessions. The luser should be forced to type it in each time they 
restart KMail.

Passwords don't really provide anything that closely resembles security 
anyway.

[prev in list] [next in list] [prev in thread] [next in thread]