Faramir faramir.cl at gmail.com
Sat Apr 2 00:32:10 CEST 2011

Hash: SHA256

El 01-04-2011 9:15, Jerry escribió:
> Personally, I consider Google's web e-mail application grossly
> insecure. I further do not trust them for one millisecond to not be
> scanning documents passing through their server(s). It would not
> surprise me a bit to find out that one of their employees is actively
> distributing confidential information on its subscribers.

  I don't know about that, but that is what GPG is for. Any mail server
we don't control might be scanning documents, and if they don't do it,
it might be done elsewhere (have you heard about Echelon? I don't know
if that thing exists, but a lot of people thought it was possible for
them to "read" your emails).

  Fortunately, we have GPG, and Gmail provides SMTP, so it is really
easy to setup thunderbird, install GPG, and nobody at Google will be
able to read your messages (if you can make your correspondents to use
GPG too).

> While I do not claim that any of the other large web based operations
> such as Yahoo or Hotmail are immune to problems; I honestly do not
> believe that they actively engage nefarious acts to the degree of GMail.

  Again, I don't know, hotmail knows where I live (or at least it knows
the block of houses where I live, they have 1/6 chance or so to drop a
bomb in the right house), I had to provide my postal code. Gmail knows
my phone number, but that was optional when I provided it (I've heard
now it is mandatory, to prevent spammers creating accounts). Still, all
of them could be involved in nefarious acts, and none of them will admit
it, or provide statistics about their nefariousness. But one of them
provide POP3 and SMTP, which allows you to use GPG or S/MIME for free,
the other 2 charge for those services (or used to charge, last time I
checked, that may have changed).

  Talking about insecurity of webmail apps, probably (but I don't have
numbers about it, it's just my guess) the main problem is accessing to
them using compromised computers.

  And what do all this have to do with GnuPG? Nothing, but all started
with a spamm message received from the compromised account of a member
of this list. And since compromised accounts is something that worries
many of us (nobody want his/her own account to become compromised), we
replied and talked of general stuff. Probably this thread dies today due
to lack of interest.

   Best Regards

Version: GnuPG v1.4.11 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/


More information about the Gnupg-users mailing list