[prev in list] [next in list] [prev in thread] [next in thread]
List: pine-info
Subject: Re: [Pine-info] getross - email privacy /security of system
From: Alexey Toptygin <alexeyt () freeshell ! org>
Date: 2006-10-30 16:27:37
Message-ID: Pine.NEB.4.64.0610301622460.2146 () norge ! freeshell ! org
[Download RAW message or body]
On Mon, 30 Oct 2006, Bert Driehuis wrote:
> As Kenneth Crudup wrote, it's trivial for a mail administrator to access any
> Pine mailbox.
>
> It is theoretically possible to protect against that (by encrypting all
> mailboxes with the mailbox owners' public keys). However, this has one big
> drawback: if the user loses his private key (or the passphrase to it), he
> will lose all his e-mail, with absolutely no recourse.
It has the even bigger drawbacks that the MDA will see the messages
unencrypted before they are delivered, and that root can still read your
email while you have it decrypted in memory so that you can read it (and
for that matter, root can steal your private keys while you're using them
to decrypt mail). There is no known way to hide information from the owner
of the hardware it's being processed on. If you're worried about the owner
of the box spying on you, then don't use that box at all.
Alexey
_______________________________________________
Pine-info mailing list
Pine-info@u.washington.edu
http://mailman1.u.washington.edu/mailman/listinfo/pine-info
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic