Encrypted Contacts anywhere?


I am looking for a local Contacts/Addressbook, that I can store as a file and have thunderbird interact with as necessary. Although I am happy to look at third party applications.

I don’t have access to servers and I do have a requirement for E2EE, this rules out CalDav, Tutanota, Protonmail and of course NextCloud. The reason I have to use something remote (USB, encrypted remote drive) is that I do not have sufficient internal space on my other devices. (This would appear to rule out SyncThing, RClone is a godsend).

So far the closest I’ve got is with the Calendar, where I can export it to my desired encrypted location and then use “File > Open > Calendar File”. There appears to be no equivalent for contacts/tasks and such.

Does anyone have any FOSS solutions that work without needing a server?

What about Thunderbird’s own address book?

And if you are running KDE Plasma, kaddressbook works fine. It can export as vCard (version 3 and 5) or as CSV, either as a single file or as individual files for each contact.

The problem with that is that it’s a direct import and all of the data from the USB is copied to the device. This is unsuitable as space is at a premium.

The open calendar file option, reads and writes directly to the .ics file that is stored on a remote location for example. I would love to do a straight copy but I just don’t have the space to do so. Unfortunately I can’t just offload the data to the USB entirely (i.e by creating a symlink where the thunderbird directory should be), as I use different email accounts on the different devices and manage the security and privacy in different ways.

Syncing temporarily is an option but not really an ideal solution as I’d then have to go through and re-delete. It’s why I want to be able to share remotely. The ideal situation would be for nextcloud to support E2EE for all files out of the box, but CalDav etc makes this pretty tough and I would need to run my own server.

What about creating an encrypted container on the USB itself?

Yep that’s largely the route I’m trying to go down. It’s where I have my Calendar.ics file that I can “File > Open > Calendar File” it then reads and writes to the calendar file as I make changes. The moment I unplug the USB thunderbird pretty much forgets all about it, because there’s no ‘import’ process.

I can’t seem to find an equivalent for contacts/tasks etc. The tasks themselves don’t necessarily need to be encrypted so long as the end objective is achieved… no one but me can read them. Hence using Crypt containers with RClone and Veracrypt with usb sticks.

But you’re seeking an address book that encrypts its data. Look at it the other way, i.e. a non-encrypted address book that stores its data on an encrypted drive.

If your USB stick has a Linux-native filesystem on it and if you are running KDE Plasma, then you can install plasma-vault. It allows you to encrypt a folder.

The problem isn’t necessarily the address book being itself encrypted, but it was the best way to put what my requirement is across.

Provided no one else can see the data, such as by using veracrypt and that I don’t need to copy the data to the second device, then that’s my solution. CalDav would normally fulfill this purpose but it doesn’t support E2EE, Tutanota does support E2EE but I can’t use the calendar outside of Tutanota. So hence looking for the local solution, where veracrypt is my E2EE solution at the moment… but I can’t seem to get thunderbird to use it without importing everything, this risks having multiple versions of the truth.

So I’m looking for some kind of app that does support encrypted contacts that potentially thunderbird could use when it is able to access that information… say on a usb stick. This is why my first line was: “I am looking for a local Contacts/Addressbook, that I can store as a file”

For what it’s worth I am running Manjaro Cinnamon. KDE is largely too buggy/intensive for me and I’ve never been able to run it for any length of time. I use manjaro LXQT on smaller devices.

Well, in that case I am out of ideas, and thus I must leave things in the hands of someone else. :man_shrugging:

What do you mean?

I mean typical syncing see Nextcloud sync copies data from the cloud to the device. I need to avoid this due to space restrictions. It’s why I use RClone, which means things are kept on the remote server and only brought across as required.

Going through the cloud is one way of synchronizing files. You can also synchronize directly between devices or even between local folders.

Considering your restrictions, what you need may be a combination of mobile storage encryption + local synchronization:

  • you keep using an encrypted mobile storage, so that only you can access its content, as well as the system it is plugged on once you unlocked it
  • in order to solve the issue of importing/forgetting whenever you (un)plug the storage, you may benefit from a synchronization tool on your main system, that will synchronize your local address book file with the one on the storage whenever it is accessible

Turns out it’s actually pretty much the same technique just a different way of going around it.

Through the use of CardBook (Thunderbird Plugin), it turns out you can export an address book to a directory.
Then go to the hamburger.
Address Book → New Address Book → Local → Open Existing Address Book (Directory)… :palm_down_hand: :microphone: .

With the calendar it’s the same process pretty much, export the calendar as a .ics file.
File → Open → Calendar File.

There’s no reason for this not to work with RClone, meaning E2EE Calendars, Tasks and Contacts and you can keep things separate. So no need for some dodgy web app, but you might need a cloud provider that doesn’t have a transfer limit. (Looking at you mega). Since you can use a “Crypt” container no one but you and others with the crypt details can access said details. You should be able to share these on multiple devices… and to anyone that access to that particular RClone drive. :smiley: . Also this means precious local storage space is still available.

I’ll be testing of course to make sure it does what I think it does.

Of course if you want to share or rather allow a group of people to have access this method is not going to be the most convenient. I’m willing to sacrifice some convenience for my security and I don’t do much sharing with others from a calendar point of view.

Oh yeah pro-tip: for calendar, and indeed contacts you may need to enable offline support for each one otherwise it throws a fit.