On 11/10/11 19:00, Jeroen Massar wrote: > IMHO one can 'safely' use those kind of service up to a certain level > given that you either don't use it for communications you don't care > that they are leaked or if you do care about that that people sending > email to it use PGP so that only sender/receiver is disclosed when they > do get access to that store. (assuming adversary is unable to crack your > PGP crypto of course ;) Even if the sender doesn't encrypt before sending (as most don't), you can always PGP encrypt incoming mail as it hits your mail server. That way, if your server/network is compromised, at least your email from before the compromise took place is protected. It also protects the mail in the various caches of your IMAP clients, and if somebody hacks your email account, they wont be able to read any email that they download. I've been doing this myself for a while now. I wrote/released some software to do it. It's described here: https://grepular.com/Automatically_Encrypting_all_Incoming_Email And here: https://grepular.com/Automatically_Encrypting_all_Incoming_Email_Part_2 -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ tor-talk mailing list tor-talk@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk