PGP sounds like a good idea in theory, and it does guarantee that nobody can read the data 'in bulk', but, if we're talking about most 'poor african countries', IF this guy is specifically targeted by his government, and they can somehow read those emails, and all they see is a bunch of conversations in encrypted PGP, guess what's going to happen? That'll be more than proof enough for them, and they'll use torture or whatnot to compel him to give up the key file. or they just use it as a pretense to throw him in a pit and throw away the key.
In that sense, it's much better if you can trust that the server he's logging into does not leave any sign of the data itself on the client PC, and at least in theory gmail appears to be just that. You don't need to trust google very much. it's rather unlikely that those in charge at google for giving away this information to governments are happy to do it, so it becomes a business decision: If google denies such a request, what can the government making the request do to 'hurt' google? For example, china can throw google in the great firewall, and this would be economically very bad for google. One can imagine google would acquiesce in the face of this kind of blackmail. But some 'poor african country'? The PR risk is MUCH higher for google, the potential economic damage is MUCH lower, and the human factor (the morals and personal convictions of those making the decision) must surely also fall in favour of google NOT granting the request for access to this data. In short: * You do need to trust google, but not very much. I would trust them enough for this specific case. * PGP is not a solution whatsoever. There are still ways to use crypto here (steganographics), but it's very very tricky to use, and the tools aren't mature. On Thursday, June 27, 2013 11:09:50 AM UTC+2, rakesh mailgroups wrote: > > Hi guys, > > with the recent PRISM debacle, I was wondering if any government can > access people's emails? > > Specifically, if I was communicating with someone using Gmail in a poor > African country, would that government have the means to read the email of > its citizens? > > I thought that the answer would be no, since the email content is sent > encrypted over SSL and the end and start points are in Google data centres > so off limits to this specific government. > > Am i wrong? > > Rakesh > > PS This particular government has a reputation for eaves dropping on phone > calls. > -- You received this message because you are subscribed to the Google Groups "Java Posse" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/javaposse. For more options, visit https://groups.google.com/groups/opt_out.
