[Cryptography] Mail Lists In the Post-Snowden Era

J.A. Terranson measl at mfn.org
Tue Oct 22 05:46:21 PDT 2013


On Sun, 20 Oct 2013, grarpamp wrote:

> Subject: Re: [Cryptography] Mail Lists In the Post-Snowden Era
> 
> On Sun, Oct 20, 2013 at 10:22 AM, Jerry Leichter <leichter at lrw.com> wrote:
> > He raised the questions of whether we could make a Prism-proof Internet.
> >
> > That's a big problem, and we've been debating small pieces of it ever since.  I'd like to suggest a smaller problem, just as a kind of rallying point.
> >
> > So ... imagine we don't like that.  How could this list be constituted in a "secure" way?
> 
> You mention 'participant = adversaries', 'email', 'anonymity', 'open list'...
> Afaik, the only thing that would incorporate those rather easily today
> is setting up postfix, dovecot and mailman on a hidden service. It's all
> been done before. Run the software, make a nym@ account, you're done.

I don't believe this will suffice.  As I understand the intercept 
methodologies (from both the public perspective and the ISP perspective 
back when the fedz first came calling in 2002/3), NSA is intercepting at 
layer 1: your "hidden services" are waaay up the stack, and have been long 
intercepted by the time you are discussing "hiding" them.

This could be done, in theory at least, but it would require setting up a 
fully meshed vpn with strong encryption to any from all possible 
endpoints.  Think of a COIN, built as a virtual internet, implemented 
completely via VPN backbones and drops.

This is not a simple undertaking.

//Alif

-- 
Those who make peaceful change impossible,
make violent revolution inevitable.

An American Spring is coming:
   one way or another.






More information about the cypherpunks mailing list