[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: AVG + TOR = BARF



On Fri, Aug 22, 2008 at 8:01 PM, Jacob Appelbaum <jacob@xxxxxxxxxxxxx> wrote:
> ...
> I think that if you're sending encrypted email, you still
> have a massively unknown quantity with gmail or other commercial email
> providers.

that really is the crux; email passes through so many possible hops,
usually unecrypted (and even when the payload itself is encrypted,
subject and other headers are not).

i don't understand how/why many people think email can be private.  it
fails silently and frequently; truly good end to end and inter-MTA
authenticated and private email is a usability and configuration
nightmare.

use off the record [0] or something equivalent for private
conversations!  you get clear indication of state (private/not
private) and it was designed for end to end privacy.

(just my personal opinion :)


> Riseup also uses a lot of disk crypto

FDE is an excellent suggestion though, and something everyone should enjoy.

best regards,


0. Off-the-Record Messaging
   http://www.cypherpunks.ca/otr/