Exchange's privacy issues

[Joanna Rutkowska <joanna () invisiblethings org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Over time, when I get more and more computers I really am starting to
feel the need to migrate my Outlook's local .PST file to some server
solution, like e.g. MS Exchange Server. I'm least concerned about mail
(as I'm using IMAP4 anyway) but mostly about syncing my calendar,
contacts, task list and memos.

So, why I don't like Exchange (and other similar solutions)? After all
one can buy an Exchange hosting for some $10/month... Well, I don't like
it because the idea of somebody else (i.e. the hosting company) having
full access to all my personal data (calendar, etc) is simply scary.

Many people on this list will probably just shrug off and say that they
are using their's company Exchange server, which they trust. But then
again, would you place a "New Job Interview" appointment in your
calendar if you knew that your corporate admin will be able to see it?

So, the simple question is -- does anybody know an encryption solution
that would work on the client-to-client level? I.e. I would like my
Outlook program to encrypt all the fields in my calendar, todo list, etc
and send them to the exchange server as encrypted base64. Simple,
symmetric crypto, one shared key, will do.

True, the server would still know that I have a meeting on Friday at
11.am, but it would not be possible to decipher what kind of meeting it
is. Similarly they would see that I have 15 tasks on my todo list, and
maybe they can also see that 3 of them are of an 'Important' priority,
but they would not be able to read them.

In other words I'm looking for something analogous to PGP. With PGP your
adversary still can see who you got mail from or to whom you send it,
heck, they can even see the subject of the mail (which is BTW really
annoying), but they don't see the content.

Would be nice if the solution also worked for BlackBerry devices.

Yes, I know, that one solution would be to buy a collocation, put there
my own server, disable FireWire ports and put some glue into spare PCI
slots, so that nobody can get access to the machine's memory, even
having a physical access... But that solution is too pricey. Not because
of the hosting fee, but because the time needed to administer such a server.

I would greatly appreciate all the feedback.

Cheers,
joanna.
-----BEGIN PGP SIGNATURE-----

iQEVAwUBRtPviMwG7MOLAMOlAQIUTQf/W3hjSz+jliH747g0HRDiHp2ihl1Yb+A0
c5gR9U7syooSgGachP6RxcaqzXgG/R5P/9QNpPvueCGaTWeJyjjESgvtRgnmZOgc
kgRRCi6hI5VmDp5axW0jTbYVAEsW2V7TDzCgkB70/ZAqAKu1tLy7mylHGBWiYvoH
TW6bBccx+vxClJr5f2GtJW5ho+cul+ajxZYFqyY+VZn/7sTByr/p+X5unn5EIzLO
12H14eoLKpqqiuDb9CkgwgACDWHuKFJiQafMCIZMOv7HA/kBYuPfBi6DHe0siiKp
83hm5UyLWqy6ngRTq8kPD+d2REEvw4GSG455O+UhUhT7K6ZY/3lKxg==
=yRKD
-----END PGP SIGNATURE-----
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave