[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] WSJ- Google- Sonic Mr. Applebaum



On Mon, Oct 10, 2011 at 07:07:35PM +0200, Jeroen Massar wrote:
> On 2011-10-10 18:42 , Andre Risling wrote:
> > Here's how Google is a compliant slave.  
> > 
> > You still use Gmail?!
> 
> Does not matter what service you use, they all fail under the pressure

Use your own servers at the co-lo. Use TPM and tamper-proof systems.

I used to store crypto secrets on USB smartcards, and have
streaming video in the rack, all on UPS. Nowadays, it's even easier.

No point to make it too easy. Mallory should earn his keep.

> of organizations that want access to it, be that legal or illegal.
> (The bigger problem with the context of the article is the 1984'ish
> behavior of an apparent legal entity).
> 
> As long as you make sure you properly encrypt your messages (PGP or if
> it is available for your medium OTR; and don't let your keys fall in the
> wrong hands, but then again rubberhose anyone?) and use Tor to access
> the service so that figureing out which IP you came from is useless as
> it is an exit, you should be pretty fine.
> 
> PGP + email's prime weakness is the fact that the from/to/subject are
> passed in the clear and that rubberhosing you or planting a bug on your
> person/computer yields those precautions futile.
> 
> Then again, it also depends on what your adversary is and what you are
> trying to protect, note also that not everybody has just one single
> email address.

-- 
Eugen* Leitl <a href="http://leitl.org";>leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk