Google to encrypt cloud storage
grarpamp
grarpamp at gmail.com
Tue Aug 20 16:56:34 PDT 2013
>> They use XMPP and they allow connections from outside their network.
>> ...
>> In most ways they are way ahead of the competition.
> How gracious of them!
No, that is old model. Yet how ahead and gracious are the punks?
imap4[s only], submission[starttls only], transport smtp[s preferred,
and fixed keyed amongst peers], nothing asked for but username and
password, allow connections from anywhere including Tor, simple
documentation for the user (thunderbird, mutt, outlook, openpgp,
enigmail, ...)
The demand for these things is very high right now.
You don't need to offer webmail.
The setup is not hard.
There could be 30 new mail providers running around the globe in
three months.
All of them teaching the user how to encrypt, exactly where
it belongs.
And that's just for simple mail, a big win, even without resorting
to more exotic http://prism-break.org/ systems.
>>> This matter is very relevant to me. I believe if somebody is saying "we offer
>>> encryption", the encryption should be actually, you know, protecting the data.
>>> ...
>>> No. Google SHOULD provide safe, privacy-aware services and encryption that
>>> actually truly protects the data, or at least not claim to do so
Unless it is the user who keeps and manages their own keys, no
service with any 'offer of encryption that actually protects' can
ever be true. Services are classed by who manages the keys. Any
service that manages keys on behalf of the user and claims to offer
protection is nothing more than a false marketing SCAM.
Unfortunately, people keep buying the bullshit.
Offering at least a little less bullshit can also make you rich
(leastauthority.com, rsync.net, etc).
More information about the cypherpunks
mailing list