Dnia środa, 14 stycznia 2015 22:09:12 Cathal Garvey pisze:
So it would be prudent to use pseudonyms, and to access via some mix of VPN(s), JonDonym and Tor (according to ones need for anonymity vs speed). And using devices with removable local storage, there would be no traces to be inspected by adversaries.
Well, I use my real name in most places and communicate a lot with real-world friends and family by email, su using Peerio is therefore a step up in security for me even if I continue to go by my usual name and use my usual IPs.
If you need hard anonymity, this is only a marginal gain over regular email because metadata (when, who, how, where) is a significant threat to anonymity. So yea, use a burner email when setting up a peerio account (no longer required after setup, probably a throwback to email-as-salt in miniLock plus contact discovery by known email address), then use through Tor (do research whether websockets are tor-safe?).
Cool. But still, how is peerio more secure spideroak, for example?
Spideroak appears to be more about file storage and sync, whereas Peerio seems to me to simply be a better approach to server:client email. It's down to the bone: message-passing with attachments, and a nice UI.
As a crypto-app, it's targeted at the mainstream, and people who interact with the mainstream. People on this list will have better, more secure ways of communicating, but Nadim (to his credit) excels at making crypto-apps that can appeal to normal users while adding a significant privacy. It's an easier sell from "us" to "them".
With server code closed, it doesn't make sense to me to "sell" it to anybody. -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147