[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Question for Job and others / was: Re: Tor and Thunderbird: Outgoing Email Unsafe?



On Tue, 2007-01-02 at 11:53, Job wrote:
> . . .I just want to be sure receivers of email wont be able t see my 
> IP and stuff. . .
> As long as i dont send any emails to anyone isnt it safe? I 
> understand my ISP and mail.com will be able to trace me but not 
> receivers of emails as I am not sending any at that moment.

I got curious about Tor because of concerns of businesses, including my
ISP, tracking my activities over the Internet. Ultimately I became most
concerned about Google due to the thousands of searches I've performed
over the years, including medical, political, and financial searches
that I thought were of a private nature. I've learned that Google keeps
a permanent history of all searches, and if they wished, could probably
sell most of my search history, properly linked to my real name and
address. I don't believe the US has any laws to stop this. What I've
learned about Google disturbed me enough that I removed Google ads from
my web site.

As it develops, it appears that Tor's most valuable contributions will
be in the area of allowing people under repressive governments (and
other non-benign powerful organizations) to access and share information
their governments does not want them to see, and to communicate with
like minded individuals, in and out of their own countries. The "Why We
Need Tor" section of the Overview http://tor.eff.org/overview.html.en
says "It [lack of anonymity] can even threaten your job and physical
safety by revealing who and where you are. For example, if you're
traveling abroad and you connect to your employer's computers to check
or send mail, you can inadvertently reveal your national origin and
professional affiliation to anyone observing the network, even if the
connection is encrypted."

While Tor certainly can hide you from your final destination, whether it
be a server or individual, that seems more a by product than a core
feature.

I've found parts of this thread mildly disturbing. The Overview suggests
an excellent reason for email through Tor, though in such a case you
will not at all be anonymous to the email's recipient, but should be
anonymous to the first and subsequent links providing the connection
back to your employer. I'm having some trouble visualizing (maybe I lack
imagination) why it should be so important to hide yourself from someone
receiving your email. If you've already gone through a free email
service, and used an obscure email name, your real IP has negligible
value. That is unless the emails were harassing or otherwise violated
the origin ISP policies, in such a way that the ISP might reveal sender
information to the recipient, or cancel the sender's account. 

Job, can you explain, in an abstract manner, why it is important to you
to send emails where the recipient has no way to identify you, but you
do not care about your ISP or independent email provider being aware of
your other activities, except when you are contacting these special
recipients, when you will be using Tor?

It's unlikely to be relevant in this situation (Job does not appear to
be a US resident), but US residents who use Tor to harass or annoy email
recipients anonymously are committing a federal crime. In early January
2006, Bush signed the Violence Against Women Act, which provided among
other things "Whoever...utilizes any device or software that can be used
to originate telecommunications or other types of communications that
are transmitted, in whole or in part, by the Internet... without
disclosing his identity and with intent to annoy, abuse, threaten, or
harass any person...who receives the communications...shall be fined
under title 18 or imprisoned not more than two years, or both."
http://www.internetnews.com/bus-news/article.php/3576511 So you can
annoy someone by email if you don't hide your identity, but if annoy
someone anonymously it becomes a federal crime.

George Shaffer
-- 
Get my GnuPG public key from http://geodsoft.com/about/ or
use gpg --keyserver subkeys.pgp.net --recv-key A1A23194

Attachment: signature.asc
Description: This is a digitally signed message part

_________________________
Get now your FREE e-mail! http://freemail.1net.gr
Live your Myth in Greece! http://www.gotogreece.gr
Register Domains for $9.5/year! http://www.aegeas.net
Hosting 100mb only $2.5/mo! http://www.hostingkey.com