Re: [tor-talk] Secure email with limited usable metadata
----- Forwarded message from coderman <coderman@gmail.com> ----- Date: Fri, 9 Aug 2013 00:39:03 -0700 From: coderman <coderman@gmail.com> To: tor-talk@lists.torproject.org Subject: Re: [tor-talk] Secure email with limited usable metadata Reply-To: tor-talk@lists.torproject.org On Mon, Jul 1, 2013 at 10:10 PM, coderman <coderman@gmail.com> wrote:
... my contempt for email should be evident by provider; ... ;) [OTR, ZRTP, others preferable many years now]
another one decides email is inherently insecure: https://silentcircle.wordpress.com/2013/08/09/to-our-customers/ """ Silent Mail has thus always been something of a quandary for us. Email that uses standard Internet protocols cannot have the same security guarantees that real-time communications has. There are far too many leaks of information and metadata intrinsically in the email protocols themselves. Email as we know it with SMTP, POP3, and IMAP cannot be secure. """ use other tools and protocols for private communication! here's to hoping TorMail stays dormant... -- tor-talk mailing list - tor-talk@lists.torproject.org To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5
On Mon, Jul 1, 2013 at 10:10 PM, coderman <coderman@gmail.com> wrote:
my contempt for email should be evident by provider; ... ;)
Gmail seems intent on refusing signups via Tor without supplying other linkable and not rationally expendable data such as phone. I expect they'll bleed off users who need this to other providers through attrition, and incur negative publicity from prospective new users for failing to support it in these days. There were a few threads over on tor-talk in which a gmail staff participated. Some community suggestion was made for refundable bitcoin deposit to appease the google claims, not sure where that went.
use other tools and protocols for private communication!
Amongst your convinceable and tutorable peers, yes of course. Amongst the rest of the world..
here's to hoping TorMail stays dormant...
..I don't agree. It will be a long time before anything replaces traditional email worldwide. Until then traditional email services do need to be out there... accessible via Tor and free / donation based for basic messaging use. Independant mail nodes can work if done well, that's essentially what TorMail, Lavabit, SC, Hush, etc are. And though you may encrypt the body, there are uses for which you don't want to (non crypto peers). Know the weaknesses, your tools, and pick the right one for the right use. TorMail was in some sense the most interesting thing since the mail mixes. And other services that try to do crypto for you, can't, it's impossible hype. Better to continue building OpenPGP etc into traditional mail clients smoother. note: Last I saw TorMail up was Aug 5 early UTC.
Date: Fri, 9 Aug 2013 00:39:03 -0700 From: coderman <coderman@gmail.com> To: tor-talk@lists.torproject.org Subject: Re: [tor-talk] Secure email with limited usable metadata Reply-To: tor-talk@lists.torproject.org
Email that uses standard Internet protocols cannot have the same security guarantees that real-time communications has.
Precisely the opposite is the case. Email can go by way of anonymizing remailers, while real-time communications are vulnerable to IP packet time and volume correlation at the end points. With email, the security is in the message, not in the connection. -- -- StealthMonger <StealthMonger@nym.mixmin.net> Long, random latency is part of the price of Internet anonymity. anonget: Is this anonymous browsing, or what? http://groups.google.ws/group/alt.privacy.anon-server/msg/073f34abb668df33?dmode=source&output=gplain stealthmail: Hide whether you're doing email, or when, or with whom. mailto:stealthsuite@nym.mixmin.net?subject=send%20index.html Key: mailto:stealthsuite@nym.mixmin.net?subject=send%20stealthmonger-key
participants (3)
-
Eugen Leitl -
grarpamp -
StealthMonger