Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Need some advice re: online secure communications platform for a survivors group

Lina Srivastava lina at linasrivastava.com
Mon Jul 11 10:01:25 PDT 2016


Hello all--

Thank you all for your advice. I appreciate it. (For those of you who wrote
off-list, I will write separately.)

Just a quick note that I believe the group will include survivors who are
currently dealing with criminal cases or civil litigation. There is also
the possibility of students currently enrolled in high schools joining the
group (some of whom may be underage -- they have counselors, etc., and
legal counsel who are addressing this). So it's crucial that email
addresses and content be private. I understand the usability argument of a
data service company, but I do believe any service that is mining for data
should be avoided if possible. Still, I'll present all the suggestions to
them.

Thank you again. If there are any other thoughts, please let me know, but
in the meantime I will put your recommendations together in a document for
the group administrators and let them review.

Best regards,
Lina

On Mon, Jul 11, 2016 at 12:32 PM, Miles Fidelman <mfidelman at meetinghouse.net
> wrote:

> That may be - though some of the PGP solutions are pretty close to
> one-click install these days.  The old Napster never seemed to phase
> anybody.  Maybe, whomever is organizing the group needs to spend a little
> time picking a system and writing up a how-to-install checklist.
>
> The reality is that anything that's not encrypted tends to get indexed by
> google - so, if privacy is a concern (as the OP indicated), then any
> standard email list, probably including a google group, is problematic - at
> the very least one has to pay very close attention to configuration, and
> better to not have an archive (hard to do with google groups).
>
> At the very least, go with a service that has registration and strong
> privacy guarantees, or maybe set up a Wordpress or Drupal instance, with
> access limited to registered users.  Point and click on wordpress.com or
> godaddy.
>
> Miles Fidelman
>
> On 7/11/16 11:26 AM, Steve Weis wrote:
>
> Hello Miles. I think your suggestions are not practical for an ad hoc
> group of sexual assault survivors. You're talking about them using PGP,
> downloading open source clients, or using untested blockchain systems. I
> think for a random group of people, all of these will fail in practice due
> to poor usability and platform incompatibility. I think there is little
> benefit to using a P2P system in this case.
>
> Their threat model is against their abusers and potentially media,
> bloggers, or trolls who pick up on the story. It's not against hosted
> services like Google or the NSA.
>
> You want something dead simple that works on every platform and managed by
> an organization with their own security team. I suggested Google Apps
> because it's battle-tested, easy, and in this use case, free. Yes, Google
> would see this survivors' group data. They also see a enterprise data --
> even from competitors -- that is much more valuable and targeted.
>
> On Mon, Jul 11, 2016 at 5:09 AM Miles Fidelman <mfidelman at meetinghouse.net>
> wrote:
>
>> Personally, I'd recommend staying away from any kind of hosting service
>> - stick with a peer-to-peer system designed for privacy.
>>
>> One, really simple notion would be to simply use encrypted email,
>> perhaps over a list server.  It's a pain, but straightforward.  It does,
>> however expose group membership, in the form of email addresses.
>>
>
>
>
> --
> In theory, there is no difference between theory and practice.
> In practice, there is.  .... Yogi Berra
>
>
> --
> Liberationtech is public & archives are searchable on Google. Violations
> of list guidelines will get you moderated:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech.
> Unsubscribe, change to digest, or change password by emailing moderator at
> companys at stanford.edu.
>



-- 

--
Lina Srivastava
--
twitter <http://twitter.com/lksriv>  |  linkedin
<http://www.linkedin.com/in/linasrivastava> |  facebook
<https://www.facebook.com/lina.srivastava>  | instagram
<http://instagram.com/lksriv/>
www.linasrivastava.com
www.regardinghumanity.org
www.whoisdayanicristal.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20160711/71d8d251/attachment.html>


More information about the liberationtech mailing list