My software goes through Tor hidden services (or exit node if necessary) and sets up a TLS session inside that. The From address of the mail only exists inside the encrypted envelope, which only the recipient can open. If someone had a global view of the Tor nodes, they might be able to track a particular message via timing, but going through Tor prevents mass surveillance by a passive observer. Mike On 4/10/2015 12:28 PM, Cathal (Phone) wrote:
Metadata includes who speaks to who, which can only be hidden by obfuscation in a mixnet, public-message-boards that recipients pull randomly or fully from, or similar ways of removing means of connecting endpoints.
On 10 April 2015 20:08:04 GMT+01:00, Mike Ingle <mike@confidantmail.org> wrote:
How does one go about getting on this list? I think Confidant Mail qualifies. It uses GPG end to end, and encrypts the metadata in transit.
On 4/10/2015 6:44 AM, hellekin wrote:
On 04/10/2015 03:59 AM, Seth wrote:
https://github.com/sweis/crypto-might-not-suck/blob/master/README.md
*** When EFF launched the Secure Messaging Scoreboard, lynX and I were a bit pissed that they even mentioned proprietary solutions, so we made an alternate list: http://libreplanet.org/wiki/GNU/consensus/Secure_Messaging_Scoreboard == hk
-- Sent from my Android device with K-9 Mail. Please excuse my brevity.