[liberationtech] SecureGmail Chrome extension
Kyle Maxwell
kylem at xwell.org
Wed Jul 24 20:40:06 PDT 2013
To me, the real question is whether it protects against relevant
threat models. For example, it might not protect against an adversary
with nation-state resources or the mail provider per se (Google could
in fact subvert it via the Chrome store, for example). But it can
certainly change the cost-benefit calculation for the attacker, and
make it at least *impractical* for certain LEAs (e.g. state / local)
or against external attackers who just compromise the account.
It's a start, anyway.
On Wed, Jul 24, 2013 at 10:13 PM, Al Billings <albill at openbuddha.com> wrote:
> If it is webmail done in browser, you can't trust that it is fully encrypted
> end to end. Too many ways to subvert it through poor design and bugs, as
> well as malicious code.
>
> --
> Al Billings
> http://makehacklearn.org
>
> On Wednesday, July 24, 2013 at 8:02 PM, Rebecca MacKinnon wrote:
>
> http://blog.kaspersky.com/send-gmails-that-not-even-google-can-read/
>
> Interested in people's opinions of this.
>
> Thanks.
> Rebecca
>
> --
> Rebecca MacKinnon
> Author, Consent of the Networked
> Project Lead, Ranking Digital Rights
> Co-founder, Global Voices
> Senior Research Fellow, New America Foundation
> Twitter: @rmack
> Office: +1-202-596-3343
> --
> Too many emails? Unsubscribe, change to digest, or change password by
> emailing moderator at companys at stanford.edu or changing your settings at
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
>
>
> --
> Too many emails? Unsubscribe, change to digest, or change password by
> emailing moderator at companys at stanford.edu or changing your settings at
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
More information about the liberationtech
mailing list