[arch-general] Suggestions for email for a paranoid Archer

Fri Oct 12 03:44:31 EDT 2012

On Thu, Oct 11, 2012 at 07:49:00PM -0500, sungpae at gmail.com wrote:
> On Thu, Oct 11, 2012 at 02:13:54PM -0400, Dave Reisner wrote:
> 
> > Really, just add two-factor auth to a gmail account and be done with
> > it. Google has no interest in singular people.
> 
> It should be noted that Gmail's two-factor authentication provides
> no extra security if you're planning on using it with a mail client.
> You will have to set up an "application specific password", which is
> a fixed-length alphanumeric password given to you by Google. Despite
> the name, it is simply another password that can be used to log in via
> IMAP/POP through any client (`openssl s_connect`, etc), without the
> out-of-band verification.
> 

Sure, what I had in mind was actually to take advantage of it. Disable
POP/IMAP access and use OTP with webmail. This is true two factor auth
and *does* provide added security.

> > Moreover, Googlers who take an interest in data or logs belonging to
> > singular people find themselves no longer working at Google.
> 
> This is true, but if you were really very paranoid, you would notice

No, if you were really very paranoid, you'd realize that you just need
to stay off the Internet.

> that you don't have any control over how long Google keeps "deleted"
> email on the server, and that any unencrypted emails on a server can be
> obtained by governments with relative ease.

Well, I happen to know the retention policies, so this doesn't apply to
me. I'll further point out that Google in particular is extremely
transparent about what they give out to the government:

http://www.google.com/transparencyreport/removals/government/

I'm not sure what you're trying to imply about unencrypted email and
government bodies, but it sounds rather silly. Perhaps I don't drink
enough koolaid.

> If you control the server and mailserver, you can encrypt your drive and
> also have all incoming email encrypted with your public key, so that
> your mail isn't just sitting around on a box for the taking.

Receive encrypted email? How are you going to ensure that this always
happens?  I suppose you could simply deny anyone who isn't relaying over
TLS (and just accept that you're going to miss out on a lot mail), but
how do you control the sender's environment? There's equally many things
on the sender's side (assuming they're vulnerable) that could
potentially implicate you in whatever it is you're trying to hide. To
expand on this, how do you control what happens to a message that you
forward or write? You need to equally paranoid friends.

> Neither of these things would stop a truly determined government-level
> attacker (unencrypted mail is still vulnerable in-flight for instance),
> but it would be useful if you have not yet been identified as someone of
> interest.

Again, if you're really going to be paranoid, just stay off the
Internet. What we have here is an OP who's merely "waking up" to the
realization that the definition of freedom is a bit different between
meatspace and cyberspace.

d