[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: gmail usage

I believe that the best option is to be aware that everything that
you're sending is systematically scanned by machine learning algorithms,
stored and sent to whichever has the money/ power to convince your email
provider. This applies to gmail or any other company.

If your corncern is that your mail are only read by the person you
intend to, you could perfectly use gmail with gpg and be sure enough
that your messages won't be read until the advent of quantum computing.
Protonmail is doing this basically from a webmail, so you don't have to
worry about managing your keys, *only* trust that they encrypt well your
private key.

But if your level of tinfoil hat-edness is high enough you probably
shouldn't be using email at all, but other protocols with perfect
forward secrecy, and mechanisms that you can make sure that the messages
you send can be securely erased. In an increase of paranoia,
Whatsapp/Signal/Jabber+OTR+Tor are good choices. All these options use a
client-server model in which you have to "somehow" that they don't leak
the metadata to national agencies or such, even though they are not able
to obtain the plain texts of your messages in a foreseeable future. You
could run your own Jabber server, get a certificate, and route the
messages through tor yourself, but it obviously takes time. Pond, which
has been discussed many times in this list, is the closest you can get
to email, without being email.

Difficult to categorize but worth looking are Bitmessage, which is
"like" mail, but uses bitcoin's blockchain protocol, and Ricochet, which
send messages by running hidden services. It does not provide encryption
beyond the transport layer provided by tor.

Then, it comes the turn of serverless systems that are somewhat less
known. Your messages get to their destination in a similar fashion that
you get files through torrent. There are promising projects such as Tox
which isn't a messaging app in itself, but a protocol (famous clients
exist such as qTox or uTox), Retroshare, Ring (found by one of the
creators of Skype) etc.

At the end it depends mainly on your needs, and how nuts you are.
Hope this helps.

John Newman:
> Do any gmail users (which I've noticed there a lot of on the list,
> as well as in real life, heh) feel at all threatened by what Google
> is doing with access to your entire mail stream? They've publicly
> stated users have no "reasonable expectation of privacy".  
> Do you use gmail for your main / private / important emails, in
> addition to list correspondence?
> Or do you consider the internet so pwned that it doesnt matter? 
> (although, why make it easier for them..)
> I'm just curious... I started getting squeamish about it myself a
> good few years back, before snowden, just because it seems like an
> obviously bad idea to house all my correspondence at the HQ of one
> of the biggest corporations in the world, for them to play with, mine,
> and cross-index for targeted advertising as they see fit..
> Setting up your own mail server
> (postfix+spamassasin+...clamav+..whatever) isn't really that hard,
> although you gotta pay a hosting fee, depending on how you decide
> to do it. And I guess there are other alternatives to gmail
> that are much better in this area, although I'm still inclined
> to use my own thing..


Attachment: signature.asc
Description: OpenPGP digital signature