On Tue, Sep 13, 2016 at 11:31:12PM -0300, juan wrote:
On Tue, 13 Sep 2016 19:50:44 -0600 Mirimir <mirimir@riseup.net> wrote:
And mx2.sigaint.org isn't hosted by CloudFlare, but rather by QHoster, in Germany. Qhoster does have their website behind CloudFlare, I admit.
uh oh
But I suspect that it's a challenge for Sigaint to host it's clearnet gateway, and so they take what they can get.
typical evasive bullshit
So anyway, I'm not greatly worried. As I said, Sigaint is most secure within onionland.
more bullshit
And they peer with several other mailservers there. But they're one of the few with a reliable clearnet gateway,
a cloudflare 'protected' gateway?
which is useful when you need it.
So, you're a waywards CIA troll tasked with having to pre-empt (catch, best as possible) the next Snowden or Manning. NSA's honeypot Tor collects most wanna be run of your mill leakers, only thing is they need person to person comms to get up to speed / hints / connections with drop boxes etc. They need (or are likely to use) email of some form. How besst to create a sexy honey pot smtpd with plausidly deniably attractive properties, to maximise end point correlation capability and pre-emption possibilities. Conversely, were some hippy freedom loving daisies ill save the world implement her smtpd daisy garden bed, what would her best practices be? IOW, can we state a set of presumed best practices by which we can 'judge' the flower pots? some random thoughts: - public not private, human ownership/ attribution - verifiers ("yeah I know him") - canary statements - "owner" "controller" "all employees" - use of no known CIA/NSA/USA etc assets (e.g. CloudFlare) - admittedly, avoiding Tor might be a challenge for a while at least - obvious technical foundations (e.g. no user keys stored on server) - ?