I think there would be some value to a system like that. It would address a lot of real world threats but it will not address large scale government monitoring systems, which many governments have (US, China, UK, Iran, etc).
Sounds like you should team up with Tim Prepscius with his system that he's been posting about here. .hc On Aug 9, 2013, at 2:07 PM, Griffin Boyce wrote: > This probably sounds very strange, but *what if* someone ran an email > service that required that all mails be GPG encrypted? > > So here's my idea: Barring the honor system, it would require a filter > to look at message content to check for PGP headers. And if said > headers didn't exist, the message doesn't get sent.[1] There's no "Sent > Mail" folder on the server, so if you want a copy, you'd need to have > Thunderbird (etc) set up to store them locally. > > It wouldn't protect from metadata collection, but it would at least > (to some extent) protect people from their own poor security decisions > while emphasizing that options exist to protect themselves. > > Considerations: > * This assumes that an order would arrive to disable PGP filter and > enable a sent folder (eg, this idea assumes metadata is unprotected) > > * Those playing at home may recognize this as a naive Bayes > classifier, given that the presence of PGP headers don't necessarily > mean the actual message is encrypted. There are other (heavier) steps > that could be taken, like checking for encryption on outbound with SJCL, > but I think that probability is on our side here. > > * In the face of an NSL, the service would realistically either fall > back to policy (removing tech-based enforcement by order) or shut down > entirely. > > What does everyone think? Is this totally nuts or what? > > best, > Griffin > > -- > "Cypherpunks write code not flame wars." --Jurre van Bergen > #Foucault / PGP: 0xAE792C97 / OTR: sa...@jabber.ccc.de > <mailto:sa...@jabber.ccc.de> > > My posts, while frequently amusing, are not representative of the > thoughts of my employer. > _______________________________________________ > Guardian-dev mailing list > > Post: guardian-...@lists.mayfirst.org > List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev > > To Unsubscribe > Send email to: guardian-dev-unsubscr...@lists.mayfirst.org > Or visit: > https://lists.mayfirst.org/mailman/options/guardian-dev/hans%40guardianproject.info > > You are subscribed as: h...@guardianproject.info -- Liberationtech is a public list whose archives are searchable on Google. Persistent violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
