On 09/13/2016 05:40 PM, grarpamp wrote:
On Tue, Sep 13, 2016 at 2:26 PM, oshwm <oshwm@openmailbox.org> wrote:
As for your comments earlier with regards to morals and ethics, if you provide an anti surveillance service then you'd expect a trustworthy service to take a very anti-surveillance stance and refuse to deal with corps that are part of the surveillance machine. It is the very basis of who sigaint is and yet they seem happy to be associated with Cloudflare, raises questions in my mind about who they really work for or how much they care about those they are supposed to serve.
This. Sigaint *chose* to put up CF, which is weird as above. You could also roast them on offering webmail too. But as usual, that's just the surface level in this game. Also note cypherpunk Lackey was employed by cloudflare. In addition to CIA guy mentioned earlier.
It is strange that they're using CloudFlare for their "Sigaint ain't here, it's at http://sigaintevyh2rzvw.onion/" page. I strongly suspect that they did that because 1) if the page wasn't protected against DDoS, it wouldn't be reachable, and 2) it would have cost a lot more to host, and 3) they didn't want to setup their own anti-DDoS protection, which would have cost a fuckload more.
More realistically, if donations aren't covering attack bandwidth, hoster is getting pissed, and it's a lame clearnet static infopage, I'd probably CF the fucker too. CF's friends already tap it in other ways so no loss there.
Yes! Just about the only coherent response to this subthread! Maybe they are spending too much of their (likely considerable) onion web portal ad income on weed, whiskey, blow and hoes :) But just look at headers for messages from <timmay@sigaint.org>. It goes from sigaintevyh2rzvw.onion [127.0.0.1] to mx2.sigaint.org [62.113.238.120] using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits). Then it hits mail.pglaf.org [65.50.255.19]. And mx2.sigaint.org isn't hosted by CloudFlare, but rather by QHoster, in Germany. Qhoster does have their website behind CloudFlare, I admit. But I suspect that it's a challenge for Sigaint to host it's clearnet gateway, and so they take what they can get. So anyway, I'm not greatly worried. As I said, Sigaint is most secure within onionland. And they peer with several other mailservers there. But they're one of the few with a reliable clearnet gateway, which is useful when you need it.