This probably sounds very strange, but *what if* someone ran an email
service that required that all mails be GPG encrypted?
So here's my idea: Barring the honor system, it would require a filter
to look at message content to check for PGP headers. And if said
headers didn't exist, the message doesn't get sent.[1] There's no "Sent
Mail" folder on the server, so if you want a copy, you'd need to have
Thunderbird (etc) set up to store them locally.
It wouldn't protect from metadata collection, but it would at least
(to some extent) protect people from their own poor security decisions
while emphasizing that options exist to protect themselves.
Considerations:
* This assumes that an order would arrive to disable PGP filter and
enable a sent folder (eg, this idea assumes metadata is unprotected)
* Those playing at home may recognize this as a naive Bayes
classifier, given that the presence of PGP headers don't necessarily
mean the actual message is encrypted. There are other (heavier) steps
that could be taken, like checking for encryption on outbound with SJCL,
but I think that probability is on our side here.
* In the face of an NSL, the service would realistically either fall
back to policy (removing tech-based enforcement by order) or shut down
entirely.
What does everyone think? Is this totally nuts or what?
best,
Griffin
--
"Cypherpunks write code not flame wars." --Jurre van Bergen
#Foucault / PGP: 0xAE792C97 / OTR: [email protected]
<mailto:[email protected]>
My posts, while frequently amusing, are not representative of the
thoughts of my employer.
--
Liberationtech is a public list whose archives are searchable on Google.
Persistent violations of list guidelines will get you moderated:
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe,
change to digest, or change password by emailing moderator at
[email protected] or changing your settings at
https://mailman.stanford.edu/mailman/listinfo/liberationtech
