[cryptome] Re: 2nd closure - provider of encrypted emails

  • From: Ben McGinnes <ben@xxxxxxxxxxxxx>
  • To: cryptome@xxxxxxxxxxxxx
  • Date: Sun, 18 Aug 2013 11:32:35 +1000

On 18/08/13 9:05 AM, In Harms Way wrote:
>
> The line of argumentation by the Silent Mail folks is known (though
> disputed:. http://www.youtube.com/watch?v=XL5rItvoMfw )

I think it's more likely that Phil Zimmermann doesn't want to get
dragged across the Congressional coals, like he did in the early '90s.

> But Lavabit didn't shut down under this "excuse". Lavabit and others
> must believe and have proof that it is still or again possible to
> safeguard and guarantee total e-mail security

This can be done, but it costs.  I get around it by running my own
mail server.

> and anonymity,

This can also be done, but requires consistently stable and reliable
external infrastructure (e.g. Mixmaster anonymous remailers, Tor,
USENET, etc.).

> if the heavy-handed oppression of the powers-that-be can't get
> physical or legal domination - as Barack Hussein's Regime dares to
> execute and demand for all future - otherwise new operations like
> https://startmail.com would not be in full swing and embassies would
> have already been forced by their governments to likewise stop using
> e-mail, if it would be true what SilentCircle so blatantly and
> bluntly stated by their sentence: "Email as we know it with SMTP,
> POP3, and IMAP cannot be secure."

This is true, especially with the discovery of certain flaws in SSL
and TLS recently.  However, it is still possible to transmit a secure
message along an insecure medium.  Which is where OpenPGP comes into
the picture.  It doesn't matter if you're sending the encrypted data
via email, via a web form or leaving it on a bulletin board; as long
as the cryptographic algorithms are strong enough, the communication
method only matters in as much as the message reaches the intended
recipient.


Regards,
Ben

Attachment: signature.asc
Description: OpenPGP digital signature

Other related posts: