![]() "Back in the Day" - we used to authenticate documents with a signature, made with a pen and paper. how will you do this? again, a phone call or private meeting can be used to check the "fingerprint" or identification on your keys The interesting thing about symmetric keys - related to PGP/GPG - is, again, around the authentication of the keys. this would be symmetric encryption you would share the password with your correspondent over the phone or by private meeting you must insist on end-to-end encryption: which means you must learn to manage the keys and apply PGP|GPG Īs an alternative you could just edit your message OFFLINE using LibreOffice or any text editor pack the file using ZIP - with a password send it as an attachment. Zimmerman's original essay on PGP tells you this: if your computer is compromised there is nothing PGP can do to help.Ģ. you must use a secure O/S - don't forget physical security. I'm testing it currently and will discuss with the authors soon.ġ. I'm following this project, it may help me: But at least it's under your surveillance. I like the idea of having the mail server at home too. You encrypt and decrypt locally and use the mail server to send and receive encrypted emails. I strongly believe that security implies that your encryption key STAYS on your system. I have heard a few concerns about startmail also. Why a different email provider would not do it in the future? They can modify the code to store it at that moment. They ask you to type in the encryption key at one moment. Yes I knew you where thinking about ProtonMail.īut all these private emails that encrypt your emails work with the same method. It could be done with any e-mail provider if both the recipient and the sender uses OpenPGP too, but that's not realistic. Is there any way to set up something like this with for example Gmail or any e-mail service that encrypts my letters this way without letting the provider know their content first? I use the firstly mentioned e-mail provider because of that test, good reviews and because my mailbox is stored encrypted, even those messages are stored encrypted that were initially not encrypted. If I have erred somewhere in my reasoning, please kindly let me know. And it's open source so I hope if there's something wrong in it somebody reveals that. The e-mail service I spoke about did not fall on this test. Some e-mail providers don't require the password to give the users a new password which is a clear sign that the company has access to their data. I haven't checked whether resetting my password to the initial password could enable me to see my mails or not, I'm curious about that now, I wish I checked that. This was a good sign (but not a proof) that my encryption password was really needed to recover my data. Not really lost, but it was encrypted and I couldn't decrypt it. I could easily reset my encryption password too, but all the data that I had was lost. ![]() I could easily reset my login password via Gmail (that I use as my secondary e-mail). This provider has an open source web client (I wonder if it can be checked whether we really load this open source client or not when we load the website, any ideas?) and that has a login password and an encryption password. I have made an account, wrote some letters, after that I've tried resetting both my passwords. Is this what you thought of? If yes, why do you doubt that it's such a company? I did the privacy test with it. So don't see this as an ad, please, anyone. I did not wish to advertise anyone, because this is a forum, not an advertising page. Well, it's not Hushmail, but I think it's not what you thought of. Thanks for the link, killer de bug! I'll read that. We had proof of the opposite in the past. I'm sure I know whose company you refer to. Lemongrass38 wrote:There exists an European e-mail service (maybe more, I know about one) that was designed not to be able to handed over to anyone requesting it (encrypted data can be handed over only, they don't know the keys).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |