On Fri, Aug 22, 2008 at 8:01 PM, Jacob Appelbaum <[EMAIL PROTECTED]> wrote: > ... > I think that if you're sending encrypted email, you still > have a massively unknown quantity with gmail or other commercial email > providers.
that really is the crux; email passes through so many possible hops, usually unecrypted (and even when the payload itself is encrypted, subject and other headers are not). i don't understand how/why many people think email can be private. it fails silently and frequently; truly good end to end and inter-MTA authenticated and private email is a usability and configuration nightmare. use off the record [0] or something equivalent for private conversations! you get clear indication of state (private/not private) and it was designed for end to end privacy. (just my personal opinion :) > Riseup also uses a lot of disk crypto FDE is an excellent suggestion though, and something everyone should enjoy. best regards, 0. Off-the-Record Messaging http://www.cypherpunks.ca/otr/
