Thread replies: 42
Thread images: 5
Thread images: 5
Anonymous
How faulty is the email platform? 2016-10-28 19:51:21 Post No.
[Report] Image search: [Google]
How faulty is the email platform? 2016-10-28 19:51:21 Post No.
[Report] Image search: [Google]
File: IMG_6537.jpg (53KB, 811x500px) Image search:
[Google]
53KB, 811x500px
>Show we move to a more secure way of communicating important information within an open network?
>>
File: 147736190138.jpg (121KB, 480x854px) Image search:
[Google]
121KB, 480x854px
>>57284131
Steganography
>>
>>57284131
encrypted email?
>>
>>57284131
RFC 1149
>>
Carrier pigeon
>>
File: IMG_20161028_144837.png (1018KB, 2047x1650px) Image search:
[Google]
1018KB, 2047x1650px
>>
>>57284131
>secure
>open
>>
>>57284131
>disclosing methods to escalate normie networks
>>
>>57284791
>methods that require secrecy to be secure.
>>
>>57284891
pretty much every form of security involves secrecy in some way, whether a secret encryption key or just being flat out closed-source
>>
>>57284734
Clever little shit aren't you?
>>
>>57284131
Encrypting it.
>>
>>57284131
Gmail is extremely secure
>>
>>57284131
Battlestation.
>>57286223
FBI approved.
>>57284192
Focusing on the cage...
>>
Make DKIM mandatory
Make SPF hardfail mandatory
Make DNSEC mandatory
Make STARTTLS for SMTP mandatory
Only send email to servers you trust
Use PGP wherever possible
>>
>>57284131
considering all the shit you have to set up to get a working, secure webservers, which other webservers will accept email from.... it's pretty broken
>>
>>57286392
>webservers
*emailserver
>>
File: IMG_0569.jpg (2MB, 4032x3024px) Image search:
[Google]
2MB, 4032x3024px
>>57284192
That's a pretty budgie!
>>
>>57284192
>>57286891
I miss my bird now.
>>
It's time to face that basically every majorly used communication protocol on the current web is not secure. There's a couple in there with secure chat but they tend to rely on third party servers and closed source platforms. Note that "Muh obscure client" doesn't count if the vast majority of normal users aren't using them.
We probably won't have any decent solution until web 3.0 starts gaining traction
>>
>>57284131
front end encryption.
>>
carrier pigeons are technology
>>
>>57284131
the communications are secure. the problem is giving normies full access to technoligy they don't understand. Who the fuck keeps all they email they've received on their server?? once you read it that shit should go into local storage/backup or be deleted.
>>
Encryption isn't sufficient. This is also a criticism of the modern internet stack as well. Encryption protects the contents of the message, however, sometimes merely knowing who is communicating is too much information leakage for some people/situations. Additionally, the way we handle encryption and identification now, through certificate authorities, is also flawed. The authority can easily abuse it's privileged and give out fake certificates breaking or causing lost credibility to it's users, either through malice or incompetence. And it requires that the certificate authority can verify who you are, usually through the collection of personal information that others have access to unless requested, and even then can be taken if the servers are hacked. PGP and similar "web of trust" security architectures is like all commie "build trust by building networks": shit is run by your average incompetent.
The IDEAL network is completely anonymous (as in no one knows who is communicating), unless the user allows it; completely trustless, unless someone wants it to be; and works without anyone doing a damn thing (i.e. storing keys safely, or blinding trusting someone's pub key).
>>
>>57287046
people who work on multiple devices and prefer not to have to rely on backups of a local pc to keep their email safely backed up
I have an archive of important mails like receipts and accounts going back years, stored on the server and cached in my client so I can't lose them easily
>>
>>57287300
>I have an archive of important mails like receipts and accounts going back years, stored on the server and cached in my client so I can't lose them easily
Anon I get it, but ask yourself would you want any or all of those emails to be in the front page of the New York Times tomorrow?
>convenience
>security
Choose one, and only one.
>>
>>57284131
Bitmessage
>>
>>57287443
Better, but proof-of-work isn't ideal. What if I want to run that shit on my laptop with a fucking U processor and they have to raise the difficulty to deal with someone trying to corrupt the network with a botnet?
>>
>>57287046
Can you really blame them, when the resources are there, but they aren't utilized on the backend? all of this shit should have been GPG from day fucking one.
>>
>>57284131
>read title of this thread
>avast popup comes up saying "everyone can see what you do online"
im done
>>
>>57284131
there is nothing wrong with email when it's used with the proper security measures
It's incompetent users that are the problem who can't understand who controls their data or what proper security model to use with email
>>
Email is like sending a postcard through the mail system. Neither is faulty.
>>
>>57287124
>This is also a criticism of the modern internet stack as well.
The internet stack isn't for privacy. If you want privacy you build an application layer that's secure. It's not the physical networks job to protect your identity.
>The authority can easily abuse it's privileged and give out fake certificates breaking or causing lost credibility to it's users, either through malice or incompetence.
>easily
>abuse once
>go bankrupt because no one trusts you
>hacked once
>massive shitstorm, every OS drops your certificate
>go bankrupt
it's meant for businesses, not your ultra leet hacker shit
>PGP and similar "web of trust" security architectures is like all commie "build trust by building networks": shit is run by your average incompetent.
Regardless of your opinion of the people using it, they've proven effective
>IDEAL
Nothing in cryptography is ideal. literally not a damn thing. You can forever try to discredit modern approaches to crypto by comparing them to your magic theoretical world, but the fact is that CAs have virtually never failed, PGP has virtually never failed, and when they do it's often the users fault, and not the standard being broken, and when it is the standard, the whole world very swiftly switches to something better
>>
>>57287329
>convenience
>security
This is what's wrong nowadays.
It's totally out of balance.
>>
File: sore_ga_seiyuu-02-ichigo-question_mark-confused-cute-chibi-pink_hair.jpg (81KB, 1280x720px)
81KB, 1280x720px
If I use PGP I encrypt the message with my private key and it is sent encrypted till someone fetches my public key from a keyserver to unecrypt it.
So basicly anyone can decrypt it or am I missing something ?
It just protects the message from being tampered with ?
>>
>>57291382
you don't understand the basics of pki
>>
>>57286986
>web 3.0 or web having anything to do with email
Hmm rmyt
>>
>>57286223
except from the people you should actually be scared off....
>>
>>57286962
Me too.
>feelsbadman.jpg
>>
>>57284365
Fucking knew what this was going to be before even googling it
>>
>>57286336
The last one is too hard for normies.
>>
>>57291382
I do not remember the history lesson at the start, but if this is the vid i think it is, this explains it pretty well: https://www.youtube.com/watch?v=YEBfamv-_do
Thread posts: 42
Thread images: 5
Thread images: 5