Physical access security

mmrabbni · January 4, 2020, 7:00am

Data center and VPS provider can access my disk and read my file. Can they read my inbox emails or MiaB encrypt emails on disk? Is there anyway that increase MiaB security from physical access and disk access?

alento · January 4, 2020, 1:18pm

Yes, they can. However, why would they? As a service provider they do not want the liability that they would incur by doing so. They don’t want to be a party to your plans to murder someone or to be in possession of your child porn. For if they were to access and read your email, they would lose the protections afforded them under the laws that protect ISP’s as common carriers.

Yes, email is stored unencrypted in maildir format on the disk. If you seek encryption of your data at rest then you need to use a service geared towards that such as Protonmail or Tutanota.

Install Mail-in-a-Box on a server in your basement … which in most cases is absolutely impractical.

Look, unless you are some high level government employee, corporate executive, or famous celebrity … and even if you were … nobody is going to risk the legal consequences of snooping in your VPS. And, if you were one of the people mentioned, you would not be considering Mail-in-a-Box as you would have the financial and legal resources to be using something that offered more security.

However, there is one option. Purchase your own server, colocate it in a data center, and install Mail-in-a-Box on it. Nobody but you or whomever you gave access to your server would have access to it.

fracai · January 13, 2020, 4:20am

You could install MIAB on a drive configured with full disk encryption. Linode has instructions for this and it’s fairly straightforward.
It’d be up to you to decide if that’s enough to protect your information from the VPS host.
I think these are the instructions that I followed. https://www.linode.com/docs/security/encryption/use-luks-for-full-disk-encryption/