maemo.org - Talk

maemo.org - Talk (https://talk.maemo.org/index.php)
-   General (https://talk.maemo.org/forumdisplay.php?f=7)
-   -   Email sync on public WiFis. Is it safe? (https://talk.maemo.org/showthread.php?t=57131)

scifi.guy 2010-06-25 17:51
Email sync on public WiFis. Is it safe?
 
Since I am stuck with AT&T 2G on my N900, whenever I get a public Wifi I connect to it. In Email Settings, I have set "Update Automatically" and "Update When Connected via --> Wifi". Because this doesn't say which Wifi, the emails are synced on all Wifi networks including public (unencrypted) networks.

So my questions are:
1) Are the IMAP and POP3 transactions safe on a unencrypted Wifi connection?

2) If no, is there a way to specify which Wifi connection (only) to use for automatic syncing of emails?

clasificado 2010-06-25 18:04
Re: Email sync on public WiFis. Is it safe?
 
they are safe if your pop3 server are configured with an encription method (both ssl and tls works)

for both connection and authentication.

check your modest settings

wmarone 2010-06-25 18:04
Re: Email sync on public WiFis. Is it safe?
 
You can tell the mail client to use secure authentication and a secure connection (SSL) which will allow you to safely check your e-mail from most any access point.

Some could say "but man in the middle attack!" but that requires breaking the chain of trust for certificates, and is highly unlikely.

clasificado 2010-06-25 18:06
Re: Email sync on public WiFis. Is it safe?
 
but man in the middle attack! oh, dont hear me. wmarone already told you that.

lancewex 2010-06-25 18:07
Re: Email sync on public WiFis. Is it safe?
 
Passwords depend on your email service and if they use SSL. For instance Road Runner email does not use SSL. If the service does use it your login and passwords are mostly safe. The text/body of emails likely are not. Neither is your general web browsing (without https).

scifi.guy 2010-06-25 18:41
Re: Email sync on public WiFis. Is it safe?
 
Thank you all for your responses. I enabled SSL for all email accounts now.

Quote:
Originally Posted by lancewex (Post 729309)
Passwords depend on your email service and if they use SSL. For instance Road Runner email does not use SSL. If the service does use it your login and passwords are mostly safe. The text/body of emails likely are not. Neither is your general web browsing (without https).

Why do you say part of the IMAP/POP3 transactions are not secure? In web I can understand that some sites use https and some dont. But once an email client connects to an IMAP server using SSL, wouldn't all the transactions remain encrypted until the connection is closed?

dchky 2010-06-26 01:33
Re: Email sync on public WiFis. Is it safe?
 
Quote:
Originally Posted by scifi.guy (Post 729351)
Why do you say part of the IMAP/POP3 transactions are not secure? In web I can understand that some sites use https and some dont. But once an email client connects to an IMAP server using SSL, wouldn't all the transactions remain encrypted until the connection is closed?
With IMAP and POP3 you have the option of encrypting just the passwords (all other traffic is sent in the clear) - for full encryption between you and the mail server you can use IMAP(s) or POP3(s) - These latter protocols are on different ports.

Also if security is an issue when sending email, you might want to consider smtps as well.


All times are GMT. The time now is 02:36.

vBulletin® Version 3.8.8