[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Email provider for privacy-minded folk



In all the multiplicity of good ideas here, here's a "A Tutorial on
Anonymous Email Accounts" from the Electronic Frontier Foundation -

https://www.eff.org/deeplinks/2012/11/tutorial-how-create-anonymous-email-accounts

and two, related, wiki subject pages at World University and School,
which is like Wikipedia with MIT OCW, with plans to be in all 7,413 +
languages:

Privacy -
http://worlduniversity.wikia.com/wiki/Privacy

Security -
http://worlduniversity.wikia.com/wiki/Security

Is there a way to check or prove that Tor / Vidalia / Firefox etc., is
actually working?

Regards,
Scott




On Tue, Feb 19, 2013 at 11:08 AM, Mr Dash Four
<mr.dash.four@xxxxxxxxxxxxxx> wrote:
>
>> IMO, only stupid idiot doesn't use https with gmail.
>> That's why I think all talkings about gmail and beeing hacked is useless.
>> Let him set "Use always https" in the gmail settings, then log out, log
>> in, change password and secure q/answer and that's all.
>>
>> This should be about Tor and Tor close stuff...
>>
>>
>> Game's over.
>>
>
> Indeed! I also employ one additional measure, which, admittedly, may not be
> to everyone's taste - I have all my
> browser/system/email/everything-else-you-care-to-name root certificate store
> wiped out clean!
>
> If I have to access a specific (https) site or access a new email account
> (by using secure pop/starttls, secure smtp or secure imap) I tend to get the
> site's certificate well in advance via other means (not through tor,
> obviously) and store it manually on my system for use by these programs.
> That way, I know that if the "certificate unrecognised" error pops up there
> is either 1) a new site I have never accessed before (most likely); or 2)
> someone is trying to use spoof certificates.
>
> The latter doesn't occur very often, though I've had this on a number of
> (rare) occasions when a tor exit node for example (prior to being banned in
> my torrc file and banished forever) tries to pretend to be my email server
> and gets caught out with its pants down, quite literally... This measure
> also prevents the likes of hacked/rogue CA's out there leaking certificates
> to people/organisations who use them for various criminal/unsavoury
> purposes.
>
> _______________________________________________
> tor-talk mailing list
> tor-talk@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk



-- 
http://scottmacleod.com/worlduniversityandschool.htm

This email is intended only for the use of the individual or entity to
which it is addressed and may contain information that is privileged
and confidential. If the reader of this email message is not the
intended recipient, you are hereby notified that any dissemination,
distribution, or copying of this communication is prohibited. If you
have received this email in error, please notify the sender and
destroy/delete all copies of the transmittal. Thank you.
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk