From mr.dash.four@googlemail.com Fri Jul 6 02:41:39 2018 From: Mr Dash Four To: cypherpunks-legacy@lists.cpunks.org Subject: Re: [tor-talk] Email provider for privacy-minded folk Date: Fri, 06 Jul 2018 02:41:39 +0000 Message-ID: <172289281631.3881296.2860697717518591646.generated@mail.pglaf.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============3239830861244252848==" --===============3239830861244252848== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable > IMO, only stupid idiot doesn't use https with gmail. > That's why I think all talkings about gmail and beeing hacked is useless. > Let him set "Use always https" in the gmail settings, then log out, log in,= change password and secure q/answer and that's all. > > This should be about Tor and Tor close stuff... > > > Game's over. > =20 Indeed! I also employ one additional measure, which, admittedly, may not =20 be to everyone's taste - I have all my =20 browser/system/email/everything-else-you-care-to-name root certificate =20 store wiped out clean! If I have to access a specific (https) site or access a new email account=20 (by using secure pop/starttls, secure smtp or secure imap) I tend to get=20 the site's certificate well in advance via other means (not through tor,=20 obviously) and store it manually on my system for use by these programs.=20 That way, I know that if the "certificate unrecognised" error pops up there=20 is either 1) a new site I have never accessed before (most likely); or 2)=20 someone is trying to use spoof certificates. The latter doesn't occur very often, though I've had this on a number of =20 (rare) occasions when a tor exit node for example (prior to being banned =20 in my torrc file and banished forever) tries to pretend to be my email =20 server and gets caught out with its pants down, quite literally... This =20 measure also prevents the likes of hacked/rogue CA's out there leaking =20 certificates to people/organisations who use them for various =20 criminal/unsavoury purposes. _______________________________________________ tor-talk mailing list tor-talk(a)lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ----- End forwarded message ----- --=20 Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE --===============3239830861244252848==--