On Mon, Nov 02, 2015 at 09:13:08PM +0100, carlo von lynX wrote:
[ a bunch of good points and one thing I'd like to expand/elaborate on ]
> Correct. Still it makes no sense for benevolent nodes to fabricate
> false warnings about insecure TLS usage. Question is if it makes
> sense for malevolent
Thanks for taking on the challenge to discuss things for real.
On Mon, Nov 02, 2015 at 07:11:00AM -0500, Rich Kulawiec wrote:
> On Sun, Nov 01, 2015 at 06:42:23PM +0100, carlo von lynX wrote:
> > Let's frame the threat models. Bulk collection probably does
> > not include using OS backdoors so
On Sun, Nov 01, 2015 at 06:42:23PM +0100, carlo von lynX wrote:
> Let's frame the threat models. Bulk collection probably does
> not include using OS backdoors so the suggestion to use mutt
> on BSD isn't wrong, but not necessary to move a step forward.
And why not? If the endpoints aren't
"Fabio Pietrosanti (naif) - lists" writes:
> - KNOW if emails being received from Mr. X has been in-transit encrypted.
there's a thunderbird addon called "paranoia" that does this
--
http://endefensadelsl.org
--
Liberationtech is public & archives are searchable on
Quoting Fabio Pietrosanti (naif) - lists (2015-10-31 20:02:21)
> so, the in-transit email encryption problem isn't yet solved.
>
> The uses of opportunistic encryption with SMTP STARTTLS help, but also
> this is out of the end-user control.
I think mail providers should stop accepting starttls
On Sun, Nov 01, 2015 at 12:32:37PM -0300, fauno wrote:
> there's a thunderbird addon called "paranoia" that does this
Correction: there's a Thunderbird addon called "Paranoia" that pretends
to do this. Everyone should know by now that you can't trust any
"Received" headers other than those
Let's frame the threat models. Bulk collection probably does
not include using OS backdoors so the suggestion to use mutt
on BSD isn't wrong, but not necessary to move a step forward.
On Sun, Nov 01, 2015 at 05:39:29PM +0100, ma...@wk3.org wrote:
> I think mail providers should stop accepting