Tuesday, June 25, 2013

NSA-proof Your E-mail in 2 Hours

Drew Crawford:

Today we kill your excuses. Because I’m going to show you exactly how to do it, it’s going to take about two hours to set up, and it’s a “set it and forget it” kind of setup. Not only that, but it is actually going to be better than GMail, from a purely features perspective. It might surprise you to learn that people continue to develop email server software in a post-Google-apps world, and that the state of self-hosted is much better than you remember.

However, the e-mail is probably still moving between servers in cleartext, and also stored on the servers of your correspondents. You could use PGP, but:

For those who seek to preserve their privacy by encrypting their communications, in effect shielding themselves from the ominipresent “Eye”, the gloves come off and they can be declared non-U.S. citizens for purposes of sidestepping any pesky “Constitutional” restrictions

2 Comments RSS · Twitter

Hi there Michael, thanks for the link :-)

A surprising amount of my email actually routes over TLS all the way. By default, postfix uses "opportunistic encryption" on incoming mail although this can be further configured. Obviously you still have to trust the sender and his/her mail server in this case.

The trick with PGP is, as it's always been, getting people to use it. I think exactly zero of the many email clients I use support it out of the box. That should change.

"The trick with PGP is, as it's always been, getting people to use it. I think exactly zero of the many email clients I use support it out of the box. That should change."

Of course, PGP is, as we always suspected, and now know for sure, a red flag for the NSA sure to draw special attention. Same with TOR.

If you can't hide in plain sight, you can't hide. And I for one welcome our new insect overlords. I’d like to remind them that as a trusted blog commenter, I can be helpful in rounding up others to toil in their underground sugar caves.

Leave a Comment