----- Original Message ----- > From: Nick M. Daly <[email protected]> > To: Michael Rogers <[email protected]>; Eugen Leitl <[email protected]> > Cc: [email protected] > Sent: Friday, November 16, 2012 8:04 AM > Subject: Re: [Freedombox-discuss] Email Encryption Basics > > Michael Rogers <[email protected]> writes: > >> On 16/11/12 07:35, Eugen Leitl wrote: >>> Most attempted delivery from dynamic user space will bounce, and >>> requiring smarthosts clashes both with the zero administration >>> requirement and adds an additional point of attack. >> >> I think this is way too pessimistic. Yes, it's unrealistic to run an >> incoming or outgoing mail server on a dynamic home IP address, but a >> PageKite-style proxy would work. > > For no reason I can explain, my box can send outgoing mail without issue > (I haven't purchased or defined an MX record or smarthost, IIRC). It > can't receive anything at all, but mail goes out without problem, which > allows service signups and the like. I'll try to figure out why I can > send mail one of these days. > >> Alternatively, the FBX could act as a PGP proxy for an existing email >> account: the FBX would encrypt email before sending it to the existing >> account's SMTP server and decrypt it after collecting and deleting it >> from the existing account's POP/IMAP server. No email would be stored >> long-term on the provider's servers, which is a legally important >> distinction in the US. The FBX would use Tor to store and retrieve PGP >> public keys on multiple independently operated keyservers, making it >> difficult for any keyserver to replace a user's key with a MITM key >> without detection. > > Very interesting! As long as we tie ourselves to someone else's > infrastructure, re-serving as a client becomes easy.
That might be the easiest way for a user to get up and running with reliable service. Just keep in mind that the metadata is still very much subject to collection and mining-- who you are sending to, when you are sending, subject line?, and probably a lot else which is stored on the server after being deleted for a fairly long period according to many TOS I've seen. In the case of Paula Broadwell, owning a FBX with such a setup would have changed nothing at all: the recipient of some of her messages started the investigation, metadata identified her as the sender, and the content of her email/documents was revealed by physically removing her machine. If she had used Tor, or a FBX that goes through Tor or some other anonymizing overlay, identifying the sender by metadata would have been much more difficult. -Jonathan _______________________________________________ Freedombox-discuss mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
