Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Secure hosted mail

Miles Fidelman mfidelman at meetinghouse.net
Sat Feb 25 10:40:49 PST 2012


John Graham-Cumming wrote:
> I'd be interested to hear opinions from the list in privacy aware and secure hosted email.
>
> Are there opinions about any of the services like Hushmail, Neomailbox, ... Looking to dump gmail.
>

Well... hosted implies that you have to trust the hosting provider.  You 
get some protection by encrypting your traffic.

You're a bit better off if you run your own server - be it on a virtual 
or physical machine - but it still ends up "living" somewhere, be it on 
your laptop, desktop, in a data center rack, or as a virtual server on 
someone's cloud (it's still in a rack somewhere).  Security remains an 
issue of how hard it is for someone to get to that server, and then to 
its contents - and how much you care about traffic analysis (encryption 
doesn't help a lot there).

All of the above are somewhat vulnerable to DNS-based attacks, and 
attacks on intermediate transport nodes.

If you want to be really paranoid, you can play with something like 
Freemail - email running over Freenet (see 
https://freenetproject.org/freemail.html).  Now you're sending mail 
peer-to-peer over freenet transport -- no intermediate servers to worry 
about at all.   Not sure though how things work when you're exchanging 
email with non-Freenet users.  (I also expect that there's something 
similar for gnunet, gnutella, and other p2p environments).



-- 
In theory, there is no difference between theory and practice.
In practice, there is.   .... Yogi Berra





More information about the liberationtech mailing list