Introduction
Introduction Statistics Contact Development Disclaimer Help
----------------------------------------
Data Security Ratings
August 10th, 2018
----------------------------------------
Christina has been posting about data security [0][1] with some
engagement from others [2].
[0] Christina - Infosec And Data Privacy Part 1
[1] Christina - Infosec And Data Privacy Part 2
[2] Solderpunk - Data Security Ratings
It's very interesting stuff which started on Mastodon and
continued in gopherspace. It's worth a read.
I had one last thought I wanted to share based on an exchange on
IRC. Some people have brought up threat levels and planning your
security for the type of danger you really face, not ridiculous
levels of paranoia. We're not all Snowden, after-all. That being
said, I wanted to share my email system so you can see what
happens when you go off the deep end with no real reason.
First of all, I use neomailbox for my mail provider. They're
pretty great, in a country with better data privacy laws than the
US, and have solid privacy policies and encryption measures in
place to protect their users. They offer a unique feature that
I've not found in other providers: they will auto-sign incoming
mail with your public key if you request it. While mail that
wasn't encrypted at the source may still be vulnerable in
transmission, after it hits their servers its safety just took
a major step up.
Next, I only connect to neomailbox over a VPN & Tor. Outgoing mail
relayed through their servers wipes metadata anyway, but it's just
another stupid thing to do in protecting the connection itself.
How do I connect? Good old pop3, baby. I don't leave anything on
the server.
Mail is fetched locally and the system auto-disconnects from the
internet. When browsing messages I remain offline. I reply and
queue up my outgoing mail. When ready to send, browsing shuts down
and the machine reconnects safely to send it on its way.
The local maildir is backed up over spideroak, encrypting the
mailboxes of already encrypted messages offsite to another machine
in case of calamity.
That's it! Fun right?
I want to reiterate, this is completely unnecessary for my threat
level and it was done more as a hobby project to see how far
I could push it. Airgapping, redundant encryption, it's too much
for people to bother with. It's a great illustration of why other
people give up and just settle for whatever.
If you're new to infosec, do yourself a favor and get a protonmail
account. That's about as good as you're going to do without
putting in a bunch of work. Is it as good as what Snowden does? Oh
hells no. But you're not on the run from the US government, are
you? It'll keep google off your back, and you're less likely to
fall victim to simple scams.
You are viewing proxied material from gopher.black. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.