One point that often gets overlooked in discussions of cryptography is that if you only encrypt the few things that must be kept secret, you make it a lot easier for nefarious miscreants to focus their efforts on your secrets. Whereas if you routinely encrypt everything, then those miscreants have to work a hell of a lot harder decrypting a lot of worthless crap in hopes of eventually uncovering your secrets.
On Sun, Jun 24, 2018 at 1:20 PM, Bill Horne <[email protected]> wrote: > On 6/23/2018 11:35 PM, Derek Martin wrote: > >> On Wed, Jun 20, 2018 at 04:26:14AM -0400, David Kramer wrote: >> >>> My main motivations for running my own mail server is that I rely >>> heavily on procmail rules to deliver mail to the right folders, and >>> I am also not crazy about third parties scanning and storing all my >>> mail, though that's negotiable. >>> >> I'm in pretty much this situation, but I've kind of given up on the >> idea that no one should be able to read my e-mail. The fact is your >> e-mail is already being consumed by the great government surveillance >> machine regardless, since both incoming and outgoing mail has to >> traverse multiple ISP backbones (excepting perhaps the case where all >> your recipients are on your own server), and only crazy people like me >> were ever willing to put up with the hastle of encrypting all their >> mail, so... it's a total loss, pretty much. >> > > No matter how effective the NSA and the deep state and the man behind the > curtain and J. Edgar's ghosts have been at weakening encryption algorithms, > it's still a good idea to use end-to-end encryption on any emails that you > want to keep private. In the first place, most of the people you want to > prevent reading you emails don't have access to any decryption capability, > and in the second, even law-enforcement agencies will be forced to get a a > warrant (admittedly an easy task) or poison any evidence they gather. Even > if you assume that the AES standard has custom-made holes in it for the use > of government(s), the "equities" issue is as good a defense as any lawyer: > if Uncle Sam introduces decrypted messages as evidence in a trial, then it > has ipso facto admitted that it _can_ decrypt them, and thus will have > compromised an invaluable source of information and offended some campaign > contributors who would like that not to be true. > > No matter what, end-to-end encryption buys you time: you can't prevent the > powers-that-be from obtaining envelope data, but there are ways around that > problem, too. > > Bill > > -- > Bill Horne > > > _______________________________________________ > Discuss mailing list > [email protected] > http://lists.blu.org/mailman/listinfo/discuss > -- John Abreau / Executive Director, Boston Linux & Unix Email [email protected] / WWW http://www.abreau.net / PGP-Key-ID 0x920063C6 PGP-Key-Fingerprint A5AD 6BE1 FEFE 8E4F 5C23 C2D0 E885 E17C 9200 63C6 _______________________________________________ Discuss mailing list [email protected] http://lists.blu.org/mailman/listinfo/discuss
