Just read the “Threat Model” section of the website. They are working to prevent mass surveillance, not to stop targeted nation state level attacks against individual users. -Lance -- Lance Cottrell loki@obscura.com On May 19, 2014, at 10:36 PM, Александр wrote:

http://betabeat.com/2014/05/harvard-and-mit-students-launch-nsa-proof-email-...

well, it seems too good to be truth. Recently we"ve got a lot of projects like that.

Yes, there are enthusiasts. A real good ones. But we should also ask ourselves, (except what tpb-crypto mentiond), who these guys are? Could they be a project of... the NSA itself? Yes.

I read their security section. The first thing in my mind (i am not tooooo paranoid:)) is that it is too good. It is absolutely free WITHOUT any mention of donations. Not even a mention. Who supports them? Can we trust him/it? Are they millionaires:)? We see not even one word about the money. Second of all, when you read their security section, its like a honey for bees - it invites you. Its ideal. Too much ideal. So yes, i rely on my feelings too, and there is something wrong with that.

These guys are from Germany: https://lavaboom.com/en/beta.html It seems to me a better choice (except the problem of the fact that Germany has got its nsa=bnd and that they give everything to nsa)

In the end, we need to trust someone. But we dont read their minds:). And it could be, after all, a big fall.

We"ve got pgp. Thanks God. But a 100% reliable and bulletproof email provider? No.

Dnia wtorek, 20 maja 2014 09:05:37 Kelly J. Rose pisze:

Which is totally subverted if you are American citizens or located in the us. Simply by the national security letters.

You could have the sexiest cryptosystem ever and the NSL attack will still beat you if you put it on American soil.

I guess that's why they are not putting it on American soil. -- Pozdr rysiek

Message du 20/05/14 18:20 De : "rysiek" A : cypherpunks@cpunks.org Copie à : Objet : Re: Harvard and MIT Students Launch ‘NSA-Proof’ Email Service | Betabeat

Dnia wtorek, 20 maja 2014 09:05:37 Kelly J. Rose pisze:

...

Which is totally subverted if you are American citizens or located in the us. Simply by the national security letters.

You could have the sexiest cryptosystem ever and the NSL attack will still beat you if you put it on American soil.

I guess that's why they are not putting it on American soil.

-- Pozdr rysiek> [ signature.asc (0.3 Ko) ]

It doesn't matter, if you got a link to the US like citizenship, you are liable to receive a NSL. If you come from a poorly defended country, like say Saudi Arabia, they will snatch you out to guantanamo. This kind of problem should be tackled by some honest idealists from either China, Russia, Brazil, India or other big country (Indonesia or Malaysia?) that doesn't extradite and would cause an enormous stink if one of their citizens was taken away to be tortured. If that country would not effectively attack the US in some very painful way. Like I suppose you are Polish, if you are Polish, Poland itself will give you away to the US at the minimal sign of trouble. I don't blame Poland, it is that or being Russia's bitch. Poor Polen always squeezed.

Not buying it. Elaborate. -- Lance Cottrell Sent from my iPad

On May 20, 2014, at 8:05 AM, "Kelly J. Rose" wrote:

Which is totally subverted if you are American citizens or located in the us. Simply by the national security letters.

You could have the sexiest cryptosystem ever and the NSL attack will still beat you if you put it on American soil.

...

On Tuesday, May 20, 2014, Lance Cottrell wrote: Just read the “Threat Model” section of the website. They are working to prevent mass surveillance, not to stop targeted nation state level attacks against individual users.

-Lance

-- Lance Cottrell loki@obscura.com

...

On May 19, 2014, at 10:36 PM, Александр wrote:

http://betabeat.com/2014/05/harvard-and-mit-students-launch-nsa-proof-email-...

well, it seems too good to be truth. Recently we"ve got a lot of projects like that.

Yes, there are enthusiasts. A real good ones. But we should also ask ourselves, (except what tpb-crypto mentiond), who these guys are? Could they be a project of... the NSA itself? Yes.

I read their security section. The first thing in my mind (i am not tooooo paranoid:)) is that it is too good. It is absolutely free WITHOUT any mention of donations. Not even a mention. Who supports them? Can we trust him/it? Are they millionaires:)? We see not even one word about the money. Second of all, when you read their security section, its like a honey for bees - it invites you. Its ideal. Too much ideal. So yes, i rely on my feelings too, and there is something wrong with that.

These guys are from Germany: https://lavaboom.com/en/beta.html It seems to me a better choice (except the problem of the fact that Germany has got its nsa=bnd and that they give everything to nsa)

In the end, we need to trust someone. But we dont read their minds:). And it could be, after all, a big fall.

We"ve got pgp. Thanks God. But a 100% reliable and bulletproof email provider? No.

-- Kelly J. Rose Edmonton, AB Phone: +1 587 982-4104 Twitter: @kjrose Skype: kjrose.pr Gtalk: iam@kjro.se MSN: msn@kjro.se

Document contents are confidential between original recipients and sender.

Message du 20/05/14 18:44 De : "unixninja92"

Last time I checked, NSLs could only be used against people in the US. Not people located in Switzerland even if they are US citizens. So as long as they don't travel to the US it's safe.

Do Harvard and MIT offer complete graduation courses without your physical presence? Are they willing to never step again in the US or its allied countries? If any of those questions ys answered in the negative, then they will get a NSL asap. But considering the lack of obvious financial backing, you already know who is backing them. And that's sad.

In the end, we need to trust someone. But we dont read their minds:). And it could be, after all, a big fall.

No, you don't need to trust anyone, and should not. That model's long been broken. You should audit the code, spec and docs and then trust that.

We"ve got pgp. Thanks God.

And have only thus secured the message body. A valuable tech advance to be sure. But far from approaching a near wishfully complete checklist solution.

But a 100% reliable and bulletproof email provider? No.

Countless businesses fail, sellout, etc every day and that will not change. It is proven since dawn of business for them to fail or at least morph into something unrecognizable. [Note it doesn't take $much/account to run a good barebones email service 100%, especially if you stick to only mail and cut features. There's no reason we shouldn't have 50 punkish ones in curious jurisdictions to choose from by now.] Back to p2p... your recipient, and your peers are all independent businesses. Look out in your city, other than you and Alice who both are 'up' by definition of wanting to talk some method, you could fail many people/nodes/businesses and still route a p2p message through. It's hard to eval trust of a single business or %'s of nodes. Yet just like all the millions of torrenters, your odds of the majority of the nodes [which have real IP's hard to fake in the disparate millions] being on your side are probably better with p2p than whether one single brick and mortar business is screwing you over, or forced to to so. Business centralization, vanity, monetization, etc to run the lava*'s, proton's and so on is counter to some of the problems they attempt to solve. Their real benefit is often adding research to the educational pile of debunked non-solutions to such problems. A natural selection process of sorts. And as legal test cases for fighting the good fight, pushing boundaries and changing that end of things. If Ladar didn't stand up and speak out we wouldn't know to evolve those parts of our process. We need more people like that.

[image: Inline image 1] http://www.smbc-comics.com/comics/20140527.png On Tue, May 27, 2014 at 5:13 AM, Cathal Garvey

wrote:

...

lavaboom.com and protonmail.ch both appear deliver you their code (javascript) on the fly to run in your browser. Yeah, that's secure.

I have long thought that it's high time to implement JS code signing that can be verified by the client, either innately or through an extension.

A quick addition to the comment-metadata system devised to provide licensing information (and parsed by an FSF extension to inform you whether the code your browser is running is libre or not) could be used for this purpose; what's left, then, is to establish a way to translate code signatures into trust.

For a monolithic system like a zero-knowledge email host, that's easy; when you sign up, you install their pubkey into your extension, preventing MITM attacks on the JS payload. At best, that's an additional layer over SSL, or it could be used instead of SSL (a crypto-AJAX engine run in browser for sending and receiving data; could be handy for shared hosting where SSL isn't an option).

However, it falls down vs. NSLs, etcetera, because hosts can be compelled to send you malware signed with their keys. You need trustworthy third parties who can sign and verify that code is shipped intact. It'd be nice if you could hack a system like this to use the PGP web of trust as a first port of call, and then to fall back to a wider set of "trusted" people if that fails.

As a way to further enhance security, having people with these extensions installed send hashes of the JS payloads they receive to a comparison server would be nice. Might even detect some attacks that fly under the radar at present, like people being sent tailored-attack versions of major third-party libs like JQuery, etcetera. When an anomalous hash arrives that doesn't match any "official" releases of the lib, alarm bells should ring.

...

On Tue, May 20, 2014 at 11:05 AM, Kelly J. Rose wrote:

...

Which is totally subverted if you are American citizens or located in

...

...

us. Simply by the national security letters.

You could have the sexiest cryptosystem ever and the NSL attack will still beat you if you put it on American soil.

If you operate a machine upon which plaintext 'email' for users

On 27/05/14 05:27, grarpamp wrote: the transits/sits

...

on their behalf, you will still be subverted and beaten (literally or not)... either remotely by cooperative agreements (or simply giving), or your own local mitm, [extra]legal force major, etc. The only way out of the mess is either: a) basically start street protesting to change global law and practice and somehow manage to create utopia. b) defend in depth and bury all user messaging within secure p2p darknet overlay networks where only Alice and Bob are parties to the plaintext content. And the code you run to get on it is developed and audited by separate groups, be they well known nyms on such nets, or real world.

Any proposed messaging system that is centralized, not pay anonymous, not open, works by you giving up key material you shouldn't, or you needing to demandload their code instead of running your own trusted copy... isn't worth your time. Otherwise stick with plain old email, text, and whatever the fad of the day is. And don't try to call either of them secure.

...

This kind of problem should be tackled by some honest idealists from either China, Russia

Yet people applaud eliminating such idealists, even eg: Iraq, Iran, Cuba, DPRK, Venezuela, Israel, etc. Keep on wiping out your only counter voices and you'll get what you asked for next. None of these suggested places/people are immune either, only alternatively 'hard'[er] under some given threat models.

lavaboom.com and protonmail.ch both appear deliver you their code (javascript) on the fly to run in your browser. Yeah, that's secure.

-- T: @onetruecathal, @IndieBBDNA P: +353876363185 W: http://indiebiotech.com

It looks like they would be in a position to do so if they wanted. -Lance -- Lance Cottrell loki@obscura.com On May 20, 2014, at 12:16 PM, Juan wrote:

On Tue, 20 May 2014 06:49:26 -0700 Lance Cottrell wrote:

...

Just read the “Threat Model” section of the website. They are working to prevent mass surveillance,

Really? But they are going to collect 'metadata' about all their users, no?

...

not to stop targeted nation state level attacks against individual users.

-Lance

-- Lance Cottrell loki@obscura.com

On May 19, 2014, at 10:36 PM, Александр wrote:

...

http://betabeat.com/2014/05/harvard-and-mit-students-launch-nsa-proof-email-...

well, it seems too good to be truth. Recently we"ve got a lot of projects like that.

Yes, there are enthusiasts. A real good ones. But we should also ask ourselves, (except what tpb-crypto mentiond), who these guys are? Could they be a project of... the NSA itself? Yes.

I read their security section. The first thing in my mind (i am not tooooo paranoid:)) is that it is too good. It is absolutely free WITHOUT any mention of donations. Not even a mention. Who supports them? Can we trust him/it? Are they millionaires:)? We see not even one word about the money. Second of all, when you read their security section, its like a honey for bees - it invites you. Its ideal. Too much ideal. So yes, i rely on my feelings too, and there is something wrong with that.

These guys are from Germany: https://lavaboom.com/en/beta.html It seems to me a better choice (except the problem of the fact that Germany has got its nsa=bnd and that they give everything to nsa)

In the end, we need to trust someone. But we dont read their minds:). And it could be, after all, a big fall.

We"ve got pgp. Thanks God. But a 100% reliable and bulletproof email provider? No.