Is there any email that is not surveiled by the authorities?

[drew]

The rules says we should not talk politics so
Please please don't talk politics. This thread
is about the practical outcome of the known facts
that Guardian news mag gives us. Go to Guardian
and look for text today on GCHQ and you see how
almost everything is tapped on the fibers going in and out
of GB/UK and in/out of US of America and seems to be
like that for Canada and Australia NZ too they all cooperate.

So what email would be less affected to use?
I mean does it even help to use Lavabit or others?
These have to go over same fibers in and out of UK too

And UK being part of European Union why would Germany
France Italy Spain behave any differently? What to do?

[ReuvenNY]

quote: Is there any email that is not surveilled by the authorities?

How would we know??

Assume EVERYTHING is being surveilled...

[cheviot]

Agreed.

There is a provider (Italian) that has been mentioned here before: autistici.org, which supposedly is a grass-roots effort, and keeps absolutely no records of anything on their servers, including addresses and passwords. I have used them occasionally over the last year or so, but not for anything that I needed to keep any hard copy or evidence thereof. Have seen comments of those who weigh in on both sides of their manifesto, and often times they are in conflict with each other.

I am not naive enough to believe that anything cannot be traced, but if it does remotely exist, this is the closest thing that I have seen...

http://www.autistici.org/en/services.html

[drew]

Quote:

Originally Posted by ReuvenNY

quote: Is there any email that is not surveilled by the authorities?

How would we know??

Assume EVERYTHING is being surveilled...

Yes you are right. Naive question maybe more an emotional
outburst after reading the Guardian text on their latest story on how deep this goes. Not that I have anything to hide
but it stills feel like we are going into a future
that George Orwell warned us about. Scary how accurate he was. he must have had a great intuition sensing what was a possible future based on his own personal experiences.

[drew]

cheviot yes it gets mentioned here in EMd now and then.
They want to help those that are politically close to them.
But if the GCHQ does it right it does not help much.
the tap is on the infrastructure itself so they cover all
kind of internet traffic AFAIK based on that Guardian text.

[faldringham]

In the end, you just have to assume everything is being surveilled and being stored for later review.

Just because you don't think you have nothing to hide doesn't mean that all current (and future!) governments will agree that there is no evidence of criminal activity in your data and communications.

It might seem that small, independent service providers could be the best bet, under the assumption that they should be better able to operate "under the radar" and not draw the attention of the parties conducting surveillance. But a critical weakness with small operators is that they are probably much more vulnerable to the kinds of pressure that governments can bring to bear in the effort to persuade, or force, operators to cooperate. Challenging government orders in the courts can be a very expensive proposition.

And why wouldn't government surveillance agencies just budget in a payoff to ensure the quiet cooperation of a small email provider? Everyone has his or her price. A few million euros or dollars means nothing for a government security budget, but could mean early retirement for a small, independent email service provider.

[communicant]

Quote:

Originally Posted by cheviot

Agreed.

There is a provider (Italian) that has been mentioned here before: autistici.org, which supposedly is a grass-roots effort, and keeps absolutely no records of anything on their servers, including addresses and passwords. I have used them occasionally over the last year or so, but not for anything that I needed to keep any hard copy or evidence thereof. Have seen comments of those who weigh in on both sides of their manifesto, and often times they are in conflict with each other.

I am not naive enough to believe that anything cannot be traced, but if it does remotely exist, this is the closest thing that I have seen...

http://www.autistici.org/en/services.html

This has been pointed out at EMD before in other threads, but it is worth noting that autistici.org is not a neutral service that might perhaps provide a higher level of privacy. It is a politically committed activist group which is quite open about its leftist agenda and point of view. (That is not a political point or a criticism, merely a fact, which autistici itself would no doubt confirm.)

I mention this because it is relevant for someone to consider, who is either not political at all, or whose politics are very different, and who might perhaps use autistici's services without knowing that he is using the services of a highly politicized group.

As I have posted before (I think it was in response to a post by Tsunami about using autistici's email services), the point is simply that sending from such a service might give the impression to recipients (and others) that the sender supported the views of the group sponsoring the service, regardless of whether the sender was aware of the service's political leanings or not.

In any case, why would anyone want to send from a service that is part of the web presence of *any* openly far-left or far-right group? Especially now, with data mining and official surveillance even more pervasive and intrusive than was previously known, this would not be a prudent thing to do, unless a sender happened to support the known views of a particular service and didn't mind being associated with those views by his choice of a service.

At the least, this sort of choice should not be made casually or in ignorance of the possible implications, especially nowadays. That is not paranoia, merely common sense, made even more relevant by the disturbing news of recent weeks.

[Bamb0]

I think even www.hushmail.com gets read by the ppl who own the server!! (Even though they say they cant read them)

[cheviot]

I have heard autistici described as both on the left and on the right. IMHO, I would refer to them as an autonomous collective, ala "Monty Python and The Holy Grail". That being said, it is something to consider that IP address connections may be monitored and/or traced, particularly when it involves such a highly politicized group, regardless of which direction they are facing. Even those who use subscription-based VPN services eventually have the ability to be traced, no matter how many tunnels of encryption are used per connection. Therefore, one still has no alternative but to conclude that nothing can be absolutely certain when it comes to internet security, except to say that if something is that sensitive, just don't put it out there in the first place...
Some things are better left to the imagination, and to hand-to-mouth communication...

BTW (for communicant): It's the ones who disclose nothing that you cannot support at face value. I was not at all a fan of EarthLink's monetary support of Buddhism back in the day, but it did not stop me from using their free services (yes, there was a time when those existed, in particular MindSpring VoIP), nor question their motives in providing a good product on the consumer side...

[chrisretusn]

As already said, assume your email is being read.

Since the very beginning email has been vulnerable to eavesdropping. It travels via unsecured routes along the Internet. Using HTTPS with your browser or SSL in your email program only secures the data between your and the server. I does nothing to secure the actual message. As your messages travels to it's destination it most likely travel in the clear, anyone can intercept it and not just governments either.

Even if both parties are using a "secure" service, you have to rely on trusting that third parties service.

The only why to limit the chances of your messages being read is to encrypt it before you send it. Of course this means your receiving party needs to have the knowhow to decrypt it. Given the recent events, it has been speculated that using encryption is a guarantee that your message will be stored for possible later decryption. At least the will have to work at it to read it.

I'm more worried about data collection companies than governments collecting and storing data anyway.

[ccl1]

for what its worth i just got this email from mail.be

Dear Customer,

You probably recently heard about the PRISM surveillance system and the security and privacy issues raised by hosting data on American cloud services.

Mail.be protects your data against such systems. We value your data and privacy and thought it would be useful to inform you about how precisely we manage data on our servers:

Your data and their back-ups are hosted exclusively on European soil. We therefore comply with the European and Belgian legislation and regulations, among others these regarding data protection. You have a right to consult, rectify and delete your data (the right to be forgotten). If you ask for the deletion of your account, all your data will be completely deleted from our application.

We entirely control our servers: we wrote the Mail.be software and no subcontractor can access our systems. The Mail.be team members who can access the system have signed a confidentiality agreement.

In case of an inquiry we require an official injunction signed by a judge to reveal any data.

In addition your data are "anonymized" and spread throughout our servers: in case of intrusion, they cannot be located.

Since more than 13 years, our mission is hosting and protecting your data. Our business model relies on paid subscriptions and customized versions. Therefore, we don't analyze data to create marketing profiles nor do we monetize users through advertising.

[William9]

Right. Then what about the data exposure during transit?

[north]

Quote:

Originally Posted by cheviot

Agreed.

There is a provider (Italian) that has been mentioned here before: autistici.org,[...]

...but keep in mind, autistici are (left-wing) political activists. if you are (politically) maybe on the other side, i would not be sure that they are able to read and manipulate your mails too. as long as you are not use encryption for your mails, your mail will not be secure.

ops! communicant write the same but in better english and with more details... full ack! -> http://www.emaildiscussions.com/show...06&postcount=7

[drew]

But if all such services still goes over servers all over the world they are listen to and encryption of the email only delay when it can be read.

So how much of help is that? the more I read about how they try to get total control over all communication the more I think that one should treat it as a post card. Only write what you can send on a tourist post card. Mom the weather is just fine and I don't drink too much

[William9]

Unless the message is encrypted end-to-end.