[liberationtech] Secure hosted mail

M Al-Masani director at maria-al-masani.com
Sun Feb 26 09:11:20 PST 2012 

I found a cloud server in Canada that is secure, outside the patriot act, tier 3, top security. I saw the facility, no snooping. It will be open around late march. I do not know if any or what email providers will store email there, but I will ask if there is an interest. There are no laws that would allow government snooping yet and they have access to parliament so the government has more of an interest to not snoop. 

Its secure storage for data such as emails. I will be writing an article for the Palo Alto-based bizcloudnetwork.com I am really excited about this find. Its a gem. 

Its a large facility with a capacity to expand further. If let's say twitter decides to move its storage there, it will not need to censor nor make its users comply to US snooping. It will likely more be storage for medical, financial, government data. 

You do need five encryption softwares as a minimum not to have email broken in and know where its stored, and how the data moves. If there is an interest in patriot act free cloud storage, the facility for that is opening soon. I can link the group the article when published if there is an interest. Its not activist, and there may be separate government cloud computing data storage. But everyone, especially many businesses are concerned for information security these days.

All the best,
Maria


________________________________
 From: Fabio Pietrosanti (naif) <lists at infosecurity.ch>
To: Micah Lee <micahflee at riseup.net>; liberationtech at lists.stanford.edu 
Sent: Sunday, February 26, 2012 5:51 AM
Subject: Re: [liberationtech] Secure hosted mail
 
On 2/25/12 10:15 PM, Micah Lee wrote:
> I recently dumped gmail for my personally email address as well, and
> now I solely use riseup.net. I really like the riseup collective and
> have had an account for years. They offer other good services such as
> a VPN. Their service is intended for activists to use.
> 
> Here's their privacy policy:
> https://help.riseup.net/en/privacy-policy

While i appreciate riseup works, i would never be happy to have my
personal email there.

When you concentrate a "certain amount" of "antagonism-related" and
"sensitive persons" in one single place, the likelihood that "something
bad happens" increase.

In italy some years ago the "autistici.org" collective created what
become the most used email/web/vpn services for the "anti-*" world of
political activism.

It happened so that first the law enforcement started intercepting all
the communications lines of the system, and seconds the intelligence
made a takedown of the server (making a copy of the disk, and bringing
it back online, directly into the datacenter).

I'm not saying that this will happen to riseup, but that if you stay on
a "sensitive system" plenty of "sensitive people" the amount of
"attentions" that you'll get (and proportionally the risks) increase.

I would also never use an "encrypted email service", as all the
"encrypted email services" are plenty of misuses by a lot of people
involved in criminal activities. What does it means?
It means that the "organization" (profit or no-profit) that keep the
service running have well established procedures to work with LEA (law
enforcement authorities) as they receive tons of requests to
intercept/seize email accounts.

I think that one of the best way to use "email systems" is not just to
use encryption, that's an always-good best-practice, but:

@First: you should first identify your enemy (and your enemy's friends
willing to cooperate with him to catch your email).

@Second: you need to *make it difficult for your enemy* to:
  - locate your email server
  - Intercept your email communication (inbound/outbound)
  - Seize your email data (if you, as most people, keep it on server)

After you have a clear idea, you need to make your choice for the
services you are going to use and important the GEO-POLITICAL location of:
  - Where you receive your email (Your inbound internet MX)
  - From where your send your email
  - Where your store your email

For example, if you consider US authorities as your enemy 'cause for one
reason or another they would be likely be your antagonist willing to
intercept/seize your email, your should probably be careful in:
- Not using US based systems
- Not using systems that are based in countries that make
extra-judiciary-cooperation with US authorities easily

Additionally i would suggest to store your sensitive email, any
free-email-services as when something it's free, typically you are the
good sold.

In that case a good way is to use 3 different services from 3 different
providers in 3 different countries for INBOUND, OUTBOUND, STORAGE.

INBOUND email services just act as a forward to the STORAGE email service.
OUTBOUND email services, just let you send outgoing email.

- Who will snoop your inbound email, will not get the archived data,
does not get sent email, does not known when your email data are
- Who will snoop your outbound email, will not get the archived data,
does not get inbound email, does not known when your email data are

In that case your a sort of "secrecy" firewall provided by INBOUND and
OUTBOUND email services that shield WHERE your email storage is.

For your email STORAGE, do not get something free.
Make a contract with someone and make it in a country where the "state
of law" and the "privacy rules" are strictly enforced.
For example Norway, Switzerland may be a good choice.
You may even think to use riseup for that, but with a no-name email
account, that outside world (including your enemy) does not know.

For sure, do not expose or say to third party, that you are using a
riseup account, especially if it's a US-located service, run by
US-people and you have as "enemy" the US-authorities (or friend of US).

That place is where you store your email, where you have your IMAP
service to use it with your email client on Desktop and Mobile.

This is a possible concept for an easy to use architecture for personal
email shielding and protection by considering geo-political location of
INBOUND and OUTBOUND flow and STORAGE, making it difficult for a
government "enemy" to easily intercept/seize your email.

I'm not saying that's the best concept, but i am going to implement it
while moving my personal email out of gmail.

I'm not saying that riseup is a bad initiative, but personally, i would
never use it as too many "sensitive persons" there.

-naif
_______________________________________________
liberationtech mailing list
liberationtech at lists.stanford.edu

Should you need to change your subscription options, please go to:

https://mailman.stanford.edu/mailman/listinfo/liberationtech

If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"

You will need the user name and password you receive from the list moderator in monthly reminders.

Should you need immediate assistance, please contact the list moderator.

Please don't forget to follow us on http://twitter.com/#!/Liberationtech
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20120226/e3186316/attachment.html>

More information about the liberationtech mailing list