Hi Ted,
At 11:10 21-03-2014, Ted Lemon wrote:
Actually, they just put taps in Googles and Facebook's data
centers. No need to tap an undersea cable. They even did it on
the far side of SSL concentrators, where the traffic was flying
unencrypted. So encrypting traffic as Google is now doing
certainly does address a meaningful threat model.
"We" did that because you left that window open [1]. :-) Time will
tell whether the (new) threat model is a good one or not.
There are a lot of things you'd like your mail to do that can't be
done if you don't trust the machine where the mail is stored. If
you want both security and features, you probably need to run your
own server, or else you need some trust relationship with the
service provider that likely isn't practical in a lot of cases, and
isn't even _possible_ if your threat model is something on the level
of not being victimized by NSLs.
Even if you run your own server you might still have to trust some
body. I would not use the word "victimized" for NSLs [2]. There
were papers published in 2009 in which subpoena threats were
mentioned. A threat model which only considers data in flight does
not qualify as a threat model.
Regards,
-sm
1.
http://entertainment.guardianoffers.co.uk/csp/nmp/products/medium/AA_RM001699.jpg
2.
http://www.washingtonpost.com/wp-dyn/content/article/2007/03/20/AR2007032000921.html
_______________________________________________
perpass mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/perpass
