On Thu, Oct 11, 2012 at 02:13:54PM -0400, Dave Reisner wrote:
Really, just add two-factor auth to a gmail account and be done with it. Google has no interest in singular people.
It should be noted that Gmail's two-factor authentication provides no extra security if you're planning on using it with a mail client. You will have to set up an "application specific password", which is a fixed-length alphanumeric password given to you by Google. Despite the name, it is simply another password that can be used to log in via IMAP/POP through any client (`openssl s_connect`, etc), without the out-of-band verification.
Moreover, Googlers who take an interest in data or logs belonging to singular people find themselves no longer working at Google.
This is true, but if you were really very paranoid, you would notice that you don't have any control over how long Google keeps "deleted" email on the server, and that any unencrypted emails on a server can be obtained by governments with relative ease. If you control the server and mailserver, you can encrypt your drive and also have all incoming email encrypted with your public key, so that your mail isn't just sitting around on a box for the taking. Neither of these things would stop a truly determined government-level attacker (unencrypted mail is still vulnerable in-flight for instance), but it would be useful if you have not yet been identified as someone of interest. guns