Also, there’s Thunderbird if you NEED a fat client for your email. Except Proton’s strength is where the service is located and the security of access. Having a full copy locally on your system kind of defeats that.
Unless you also employ very strict sandboxing, a rogue app or script could read those emails from your running system while LUKS is unlocked. There are plenty of CVEs relating to code execution; an infected JPEG, browser exploit, or any number of other things could expose your Thunderbird email database or the running memory to an attacker, particularly if you use “secure” services like Proton because you’re the kind of person who would be targeted by state actors.
Also, there’s Thunderbird if you NEED a fat client for your email. Except Proton’s strength is where the service is located and the security of access. Having a full copy locally on your system kind of defeats that.
If you have properly implemented LUKS I don’t see any reason that should be a concern.
Unless you also employ very strict sandboxing, a rogue app or script could read those emails from your running system while LUKS is unlocked. There are plenty of CVEs relating to code execution; an infected JPEG, browser exploit, or any number of other things could expose your Thunderbird email database or the running memory to an attacker, particularly if you use “secure” services like Proton because you’re the kind of person who would be targeted by state actors.
deleted by creator