[tor-talk] "Confidant Mail"
Mike Ingle
mike at confidantmail.org
Wed Feb 4 02:27:58 UTC 2015
Non-www A record is added, and should show up soon.
As far as HTTPS:
The NSA has the ability to get into Amazon EC2 and mess with files too,
no doubt.
And they have a variety of compromised HTTPS CA certs they could use to
MITM.
If they wanted to do that they could, HTTPS or no. If they did it on a
large scale,
they would likely get caught, so they would only do such things if they
were after a
specific high value target. Hopefully you are not on their short list.
I think it's silly that a self-signed HTTPS is treated as less secure
than an HTTP by
the browsers. "Secure against a passive adversary" is better than "wide
open."
Did the cert authorities have a hand in that?
Please check the GPG signatures on the executables and source code
before installing.
The GPG private key is not kept on the server (unlike a SSL private key).
pub 2048R/038D4412 2015-01-23
Key fingerprint = 3C9A 0C66 1050 1265 D2AD 9D23 5903 FD94 038D 4412
uid Confidant Mail code signing key
<code at confidantmail.org>
sub 2048R/55D88C4E 2015-01-23
pub 2048R/ECFCD0C2 2015-01-23
Key fingerprint = D2B8 9E6F 95E7 2E26 E0C9 17D0 2D18 47DF ECFC D0C2
uid Mike Ingle <mike at confidantmail.org>
People who are interested in testing, please set up an account and email
me. The test servers
have Tor hidden service entries, so you can try out anonymous mode.
Mike
On 2/3/2015 5:51 PM, michael ball wrote:
> On *Tue Feb 3, Mike Ingle wrote:*
>
>> I don't have HTTPS because there is nothing secret on the site, and
>> because I don't place much trust in it
>>
>
> i may be mistaken that it is kinda stupid not to use HTTPS on a
> website with downloads, as documents released by Ed Snowden show that
> the NSA has the capability of injecting malicious software into active
> EXE file downloads in realtime.
>
> by the way, i cannot access your website without a preluding "www." to
> the domain. this needs to be fixed.
>
> thanks
>
More information about the tor-talk
mailing list