After I wrote most of this, I see Norbert covered some of the same
points, but from the point of view of his specific use case. So I'm
just going to send despite a bit of redundancy.
Rich Kulawiec writes:
> Granted, this will diminish as more communications become encrypted, but
> for the
On Mon, 17 Apr 2017 19:22:52 -0400
Rich Kulawiec wrote:
> On Sun, Mar 19, 2017 at 06:14:22PM +0100, Norbert Bollow wrote:
> > That is true, if the attacker already knows whose communications
> > they want to snoop on. However one of the main benefit of using
> > encrypted
On Sun, Mar 19, 2017 at 06:14:22PM +0100, Norbert Bollow wrote:
> That is true, if the attacker already knows whose communications they
> want to snoop on. However one of the main benefit of using encrypted
> communications is in the area of making it much more expensive and
> politically risky
Jan Jancar writes:
>b) Added complexity, maintenance cost to Mailman's infrastructure.
> This can be mitigated by implementing encrypted mailing lists
> either as a plugin as was proposed here before,
In one sense, a plugin is the ONLY way this feature can be reasonably
implemented
On Wed, 22 Mar 2017 21:15:46 -0400
Barry Warsaw wrote:
> Is anybody even aware of any mainstream mobile email readers that
> support encryption?
One of my friends uses K9 on his Samsung mobile phone; it works fine for
him, allowing him to exchange GPG-encrypted emails with me.
On Mar 23, 2017, at 12:06 AM, Stephen J. Turnbull wrote:
>FYI: Encrypted lists *are* occasionally requested.
Another possible use case would be attempting to prevent the wholesale
compromise of email storage. Meaning, if you keep your email on some external
server, and that server is
On Mar 21, 2017, at 07:27 PM, Stephen J. Turnbull wrote:
>Not if the target membership isn't already paranoid. Remember,
>20%-40% of devices are already compromised. Even at the low end,
>assuming uniform draws, with *three* members odds are *even* that one
>is compromised.
Is anybody even
On 03/22/2017 04:02 PM, Stephen J. Turnbull wrote:
> Also references to existing knowledge would be appreciated, such as
> "zero knowledge" schemes that might allow untrusted root on Mailman
> host, and the various implementations like SELS that have been
> mentioned.
In my proposal [1 or 2], I
On 03/22/2017 04:06 PM, Stephen J. Turnbull wrote:
> Rich Kulawiec writes:
>
> > (In the specific case, e.g., the right people using the right
> > devices with the right knowledge and self-discipline: maybe. But
> > there are not many of those cases and any of them can revert to the
> >
On 03/21/2017 11:16 PM, Rich Kulawiec wrote:
> On Tue, Mar 21, 2017 at 04:04:20PM +0100, johny wrote:
>> Shifting the attacker to actively compromise devices is an overall
>> improvement.
>
> If "compromising devices" was difficult, I might agree. But it's not.
> Devices of all descriptions
Rich Kulawiec writes:
> (In the specific case, e.g., the right people using the right
> devices with the right knowledge and self-discipline: maybe. But
> there are not many of those cases and any of them can revert to the
> general case in seconds with one poor decision or perhaps even
>
Richard Damon writes:
> One big thing that I haven't seen in the discussion of this problem is
> exactly WHAT issue/problem this feature is intended to solve, There are
> several different problems that encryption can help with, each needing
> different sort of support from the software.
On Sun, Mar 19, 2017 at 07:33:24AM -0400, Richard Damon wrote:
> I would say that the problem that is being attempted to solve is
> fundamentally impossible to do perfectly. It is impossible to distribute
> messages in a secure manner to a number of recipients that you don't have
> total control
On Tue, Mar 21, 2017 at 04:04:20PM +0100, johny wrote:
> Shifting the attacker to actively compromise devices is an overall
> improvement.
If "compromising devices" was difficult, I might agree. But it's not.
Devices of all descriptions have been and are being compromised in
enormous numbers on
On 03/18/2017 09:04 PM, Rich Kulawiec wrote:
> On Fri, Mar 17, 2017 at 09:54:48AM +1100, Morgan Reed wrote:
>> I'd submit that this is tantamount to saying "it's impossible to make a
>> 100% secure system so why bother even trying".
>
> Then you're not grasping my point. Let me try again.
>
>
I hope it doesn't surprise anybody that despite being proponent of
this project I'm quite sympathetic to Rich.
Barry Warsaw writes:
> That assumes an open membership policy. Wouldn't much of this be
> mitigated with a closed subscription policy?
Not if the target membership isn't already
Rich Kulawiec writes:
> What all of this means is that once a list passes N members, where
> we can debate about N, the probability that at least one of those
> members has already been compromised even before they've joined the
> list starts rapidly increasing.
This is true, but you've
On Sat, 18 Mar 2017 13:54:05 -0400
Rich Kulawiec wrote:
> On Thu, Mar 16, 2017 at 08:10:03PM +0100, Norbert Bollow wrote:
> > Even if not every device is secure, the difficulty, and likely cost,
> > for an attacker to snoop on the communications is much greater for
> > an encrypted
On 3/18/17 4:37 PM, Rich Kulawiec wrote:
On Thu, Mar 16, 2017 at 05:30:36PM -0400, Barry Warsaw wrote:
...
It *might* be.
The problem is that the list owner and other list members have no way to
know. From their point of view, there is no way to know that whether the
latest list member --
On Thu, Mar 16, 2017 at 05:30:36PM -0400, Barry Warsaw wrote:
> On Mar 15, 2017, at 09:47 PM, Rich Kulawiec wrote:
>
> >What all of this means is that once a list passes N members, where
> >we can debate about N, the probability that at least one of those
> >members has already been compromised
On Fri, Mar 17, 2017 at 09:54:48AM +1100, Morgan Reed wrote:
> I'd submit that this is tantamount to saying "it's impossible to make a
> 100% secure system so why bother even trying".
Then you're not grasping my point. Let me try again.
I suggest that you re-read what I've written *and*
On Thu, Mar 16, 2017 at 08:10:03PM +0100, Norbert Bollow wrote:
> Even if not every device is secure, the difficulty, and likely cost,
> for an attacker to snoop on the communications is much greater for an
> encrypted mailing list is than for a non-encrypted one.
The difficulty is greater -- but
On Thu, Mar 16, 2017 at 12:47 PM, Rich Kulawiec wrote:
> I think that this is an instance where a huge amount of well-intended
> design and development effort will result in a "solution" that cannot
> provide what it intends to because underlying circumstances prevent it.
> And --
On Mar 15, 2017, at 09:47 PM, Rich Kulawiec wrote:
>What all of this means is that once a list passes N members, where
>we can debate about N, the probability that at least one of those
>members has already been compromised even before they've joined the
>list starts rapidly increasing.
That
On Thu, 16 Mar 2017 10:46:27 -0400
Rich Kulawiec wrote:
> I suggest that Mailman do nothing, because even if it solves all the
> problems that it can solve, all it will do is provide a thin veneer of
> security/privacy on top of a thoroughly rotten foundation. Yes, there
> will be
On Wed, Mar 15, 2017 at 11:31:44PM -0500, J.B. Nicholson wrote:
> I understand there are more insecure devices on the Internet all the time
> and that's unfortunate, but I don't think it's avoidable. What do you
> suggest we do about this using Mailman (since this is Mailman-developers)?
I
Rich Kulawiec wrote:
What all of this means is that once a list passes N members, where
we can debate about N, the probability that at least one of those
members has already been compromised even before they've joined the
list starts rapidly increasing.
I understand there are more insecure
All of these proposals overlook significant known, current threats --
none of which they're capable of addressing, but some of which badly
undercut the suggested approaches.
To list just one of those -- albeit a rather prominent one -- the
Internet's population of hijacked systems (aka bots or
Bhavishya Desai wrote:
Now I would like to know(specifically) what are some other threats,which
could effect this and any difficulties with implementation.
I imagine that the encryption and/or hash algorithms will change over time
as encryption is broken and people figure out ways to create
29 matches
Mail list logo