On Sat, Oct 06, 2007 at 03:51:49PM -0500, icantthinkofone wrote:
> Chad Perrin wrote:
>
>
> >On Sat, Oct 06, 2007 at 05:07:45PM +0200, Wojciech Puchar wrote:
> >
> >
> >
> >
> >
> >>nobody intelligent (or completely not caring about it) use any of big
> >>
> >>
> >>public mail/news/etc services.
> >>
> >>
> >>
> >>
> >>
> >
> >
> >
> >There are two separate concerns here.
> >
> >
> >
> >
> >
> > 1. General Privacy: If you're concerned with your documents and
> >
> >
> > communications being collected, indexed, and scanned for patterns
> > and
> >
> > flagged terms along with billions of other documents and
> >
> >
> > communications, without any specific attention to yours in
> > particular,
> >
> > you're right -- don't use "public", web-based services.
> >
> >
> >
> >
> >
> > 2. Specific Privacy: If you're concerned with someone cracking
> > security
> >
> > on your account, targeting your communications for electronic
> >
> >
> > eavesdropping, and similarly making use of the "public" nature of a
> >
> >
> > service like that for nefarious intent, you're probably among the
> >
> >
> > millions of computer users who are carefully locking the front door
> >
> >
> > while leaving the bay windows and garage door wide open. Are you
> > using
> >
> > public key encryption systems like OpenPGP to secure your email?
> > Are
> >
> > you encrypting word processor documents when you send email? Are
> > you
> >
> > using a text-based mail user agent instead of reading XHTML "rich"
> >
> >
> > emails in a GUI mail client? Are you anonymizing communications via
> >
> >
> > the Tor network? What exactly are you doing to avoid leaving
> > yourself
> >
> > at least as wide open with plain text transmission of data as you
> > would
> >
> > be with a web-based, SSL-encrypted mail service? You're probably
> > even
> >
> > transmitting login data to a web server in clear text.
> >
> >
> >
> >Now . . . I know this is the freebsd-questions mailing list, and many
> >of
> >
> >you are running mail servers locally, and otherwise mitigating these
> >
> >
> >risks. On the other hand, simply telling people that they'll be safer
> >
> >
> >avoiding web-based services without explaining that this is only true
> >if
> >
> >they also pay significant attention to securing their other
> >communication
> >
> >and collaboration tools might be considered dishonest, or at least
> >
> >
> >irresponsible.
> >
> >
> >
> But then you are assuming Google, as well as the others, are willing to
>
>
> lose public trust by allowing those things to happen and running an
>
>
> insecure system. It would also be assuming an in-house group could
>
>
> provide better security than Google and the others.
No . . . I'm assuming that I have zero control over whether Google et al.
are "willing to lose public trust by allowing those things to happen", et
cetera. I'm not assuming any decisions on their part -- only that I'm
not a party to those decisions (and maybe, just a little bit, that
corporations like Google play by different rules that may require them to
in some ways prove less trustworthy, such as the fact that it takes a
warrant to search *my* computer, but only a subpoena to search Google's).
--
CCD CopyWrite Chad Perrin [ http://ccd.apotheon.org ]
Dr. Ron Paul: "Liberty has meaning only if we still believe in it when
terrible things happen and a false government security blanket beckons."
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
