On Aug 25, 2013, at 5:36 PM, John Young <jya@pipeline.com> wrote:
Phil probably means the infrastructure of email is the vul not the crypto. Crypto alone is sterile, a boy in a bubble which requires life support which can be assaulted.
That's precisely what we mean. The crypto is the easy part. The hard part is the traffic analysis, of which the worst part is the Received headers. Everyone should look at their own headers -- especially people on this list and at least comprehend that your email geotracks you forever, as it's all in the Mailman archive. There are plenty of other leaks like Message-ID, Mime-Version, X-Mailer, the actual separators in MIME part breaks, and so on. It's absolutely correct that some combination of VPNs, Tor, remailers of whatever stripe, and so on can help with this, but we're all lazy and we don't do it all the time. What we're learning from Snowden is that they're doing traffic analysis -- analyzing movements, social graphs, and so on and so forth. The irony here is that this tells us that the crypto works. That's where I've been thinking for quite some time. Imagine that you're a SIGINT group trying to deal with the inevitability of crypto that works being deployed everywhere. What do you do? You just be patient and start filling in scatter plots of traffic analysis. The problem isn't the crypto, it's SMTP. Jon