Moritz Bartl: > On 13.02.2013 22:47, Joe Btfsplk wrote: >> I suppose even providers offering encryption of files while on their >> server (like Lavabit), could read the mail just before it was encrypted >> / decrypted, since they are doing the encrypting. > > Even if they encrypt maildirs on their servers and unlock only while you > are logged in, they can sniff your login/encryption password and poof. > That's what Hushmail was forced to do on request by law enforcement.
What if Hushmail (or any other mail provider) had recommended the user to install a browser add-on to do encryption locally? Could they get forced to convince the user to install a malicious browser add on, on request by law enforcement? _______________________________________________ tor-talk mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
