On 2017-10-17 03:43, Anton Aylward wrote:
On 16/10/17 05:59 PM, Carlos E. R. wrote:
Oh, I use other email providers as well.
But is Gmail really secure? The FBI and CIA will be reading it. Google machine reads it. So I guess it is not really more secure and private.
It might be worse, much worse.
There's an entry in my DatabaseOfDotSigQuotes
Using encryption on the Internet is the equivalent of arranging an armored car to deliver credit card information from someone living in a cardboard box to someone living on a park bench. -- Gene Spafford
I'm sure I don't live in a cardboard and that my end is safe. That's as much as I can do.
Or perhaps in reverse. Securing the end points but leaving the steps along the way unsecured.
That is what is actually happening with plain email today.
If and only if the originator used a secured machine that overwrote the temp file, overwrote the temp memory, after using TLS to authenticate itself the server and SMTP-S to transfer, and the server was the machine you accessed via TLS and IMAPS so you didn't have to worry about the security of any intermediate machines (check the 'received-by in your headers!), and it also wiped temporary storage .... and you PGP encrypted the message ... and traffic analysis wasn't an issue for your operational security, then OK.
I'd worry about that if I had to transmit state or industry secrets.
But I don't think all that holds when reading this list.
And WTF, its not like most mailing list that I subscribe to don't send me a reminder of what my password each and every month, in plain text.
Not this one :-)
Getting the list password does not allow people to intercept or fake list email, I think. -- Cheers / Saludos, Carlos E. R. (from 42.2 x86_64 "Malachite" at Telcontar)