On Mon, 22 Feb 2016 03:58:38 +0100, Ralf Mardorf wrote: >On Sun, 21 Feb 2016 21:22:02 +0100, Stig Roar Wangberg wrote: >>I only encrypt to people I trust IF the message requires it. > >Here we face another issue. If you don't always encrypt messages, then >a judge could assume that the encrypted email are related to a crime. >In some countries, IIRC e.g. Great Britain, people can be forced by law >to decrypt data, if they don't do it, they get arrested. In Germany we >have a strong data protection, AFAIK you can't be forced to decrypt >data. Btw. by accident I lost some unimportant keys, so I can't decrypt >some unimportant data, but this could become an issue in countries, >that are allowed to force you, to decrypt data. However, some nations >even use torture. "IF the message requires it" is a strange statement. >Actually all mail, perhaps excepted of postcards, are liable to >inviolability of the mail. If you like to turn the spotlight on you, >then encrypt just a few messages, so police and others know at least >dates, when you might be involved in crimes or whatsoever they are >interested in. IOW by decrypting messages that "require" decryption and ^^^^^^^^^^ ^^^^^^^^^^ encrypting encryption
:D >at the same time not encrypting other messages, you already provide >useful data to those who are interested in it. The content of the >message might be unimportant to them, the only information they need >is, that at a given date you corresponded by encrypted emails. Now you >could argue, that in addition you're using anonymous mailing, mixminion >or similar. Since TOR was mentioned I'll quote from the FAQs: > >"So I'm totally anonymous if I use Tor? >No. >[snip]" > >"What attacks remain against onion routing? >As mentioned above, it is possible for an observer who can view both >you and either the destination website or your Tor exit node to >correlate timings of your traffic as it enters the Tor network and also >as it exits. Tor does not defend against such a threat model. > >[snip] > >Furthermore, since Tor reuses circuits for multiple TCP connections, it >is possible to associate non anonymous and anonymous traffic at a given >exit node, so be careful about what applications you run concurrently >over Tor. Perhaps even run separate Tor clients for these >applications." >- https://www.torproject.org/docs/faq.html.en > >IOW e.g. even if you run Ardour, a digital audio workstation that >phones home and it phones home, while you are using TOR browser, a lot >of the security provided by TOR could be null and void. > >Regards, >Ralf _______________________________________________ evolution-list mailing list evolution-list@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-list