[liberationtech] RiseUp
Anthony Papillion
anthony at cajuntechie.org
Fri Oct 18 13:23:56 PDT 2013
On 10/18/2013 01:20 PM, Fabio Pietrosanti (naif) wrote:
> Il 10/16/13 12:07 AM, Yosem Companys ha scritto:
>> If you have any thoughts about Riseup, whether
>> security/privacy-related or otherwise, I'd love to hear them.
>
> While i appreciate Riseup project goals and approach, i would not
> personally keep my usual email flow (inbound/outbound) going trough a
> communication line that's used by many other "sensible users", because
> it's more likely to be massively monitored.
>
> Generally is not valuable to use only 1 email provider, because email is
> made up of many pieces:
> - Inbound flow
> - Outbound flow
> - Data storage
>
> That require a user to have at least 3 different providers by:
> - Splitting your communication flow
> - Stay on countries with (strong economy & strong privacy law)
I'm not sure how any of that would help if your upstream connection is
tapped or if the attacker has a sufficiently large view of the Internet
as we thing agencies like GCHQ and NSA have. Assuming they don't have
the TLS keys for the particular services you're using, it would be
trivial to do traffic analysis and grab the data as it's being
transferred between provider machines. Keep in mind that most server to
server email traffic isn't actually encrypted yet.
Or am I missing something you're saying?
Anthony
More information about the liberationtech
mailing list