Security of global inbox

I have recently started using the global inbox. My database is kept on a truecrypt image for security. Am I correct in assuming that this is not a secure approach. By using the global inbox, my files are left unencrypted until I move them to the truecrypt database. Does anyone have a better suggestion/recommendation? Thanks.

That’s correct. Files sent to the Global Inbox are not encrypted, and so the security of those files depends on your control of access to your computer by others.

If you are using the Global Inbox as a convenient temporary receptacle of new content during a working session at your computer, and before ending that session you move the contents of the Global Inbox into your encrypted databases and then close the encrypted databases, you have maintained a high level of security for your data. If your computer is stolen after your working session, your sensitive data is going to be very difficult to access.

There are a number of ancillary security procedures that should be routine as well, and there’s no point in listing all of them. I’ll just mention two: don’t let someone look over your shoulder and read your data while an encrypted database is open; if you have scanned and OCRd confidential documents, use secure deletion of the image-only PDFS that are sent to the Trash.

Systems for protecting access to data are no more secure than the weakest links in the system. An insanely high level of data encryption makes no difference if the password itself isn’t secure, or you go to lunch leaving encrypted files open.

The vast majority of cases of unauthorized access to sensitive data do not involve a hacker breaking the encryption scheme. A smart spy looks for the weaknesses in data management.

This seems to be the most recent thread related to encryption. I wanted to know if per item encryption is in-plan for 2.0? If not, is it in-plan for any future release?


Seems the answer to this is no. No encryption. No multi-user stuff. No real client server. Maybe that will be the focus of 3.0?

Christian has noted several times in the forum that he has plans for encryption in DT 2.x.