[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: AVG + TOR = BARF



Quoting coderman <coderman@xxxxxxxxx>:

that really is the crux; email passes through so many possible hops,
usually unecrypted (and even when the payload itself is encrypted,
subject and other headers are not).

Riseup, the other tech collectives named on the website of riseup and many (could someone confirm this, is "many" correct?) universities are using a technique called StartTLS. You may find more information here: [1] & [2]

So, for example, if you are sending a mail from riseup to nadir.org, a tech collective located in Hamburg / Germany, you _can't_ read the subject, the message itself, and the sender and receiver from "outside", which means for example if your are wiretapping the connection.

Of course this isn't 100% secure, and yes it can be attacked, and it doesn't work if you send a mail to hotmail or other shitty mail providers. But maybe better than send all the traffic unencrypted trough the net.

Just my 0.02, idefix :)

P.S.: I will add a part of a mail header using TLS. Mail came from so36.net, tech collective located in Berlin / Germany, and was distributed to riseup. And sorry for my bad english...

[1] http://sial.org/howto/openssl/tls-name/
[2] http://en.wikipedia.org/wiki/Extended_SMTP

Received: from lists.so36.net (lists.so36.net [83.223.73.118])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(Client CN "lists.so36.net", Issuer "lists.so36.net" (not verified))
	by mx1.riseup.net (Postfix) with ESMTP id AB84B5704B5
	for <idefix@xxxxxxxxxx>; Fri, 22 Aug 2008 16:47:18 -0700 (PDT)