|
FastMail Forum All posts relating to FastMail.FM should go here: suggestions, comments, requests for help, complaints, technical issues etc. |
|
Thread Tools |
27 Mar 2016, 02:19 PM | #1 |
The "e" in e-mail
Join Date: Jan 2002
Location: San Francisco
Posts: 2,458
|
Kudos from the NSA!
Leaked TOP SECRET presentation from the SIGDEV Conference 2012 explaining which encryption protocols and techniques can be attacked and which not (http://www.spiegel.de/international/...a-1010361.html) links to
http://www.spiegel.de/media/media-35535.pdf and on page 38/40 it lists Fastmail as an encrypted webmail service (along with Atabmail, ZOHO, safe-mail, and HMA Mail) that is an issue for the NSA's Big Brother efforts. Kudos to Fastmail for earning this recognition. Well done! |
27 Mar 2016, 11:04 PM | #2 | |
The "e" in e-mail
Join Date: Dec 2004
Location: a virtually impossible but finitely improbable position
Posts: 2,320
|
Quote:
Did I just break a law by downloading and reading that document??? - I mean, if I had downloaded it and read it would I have broken a law? /cl |
|
28 Mar 2016, 01:22 AM | #3 |
The "e" in e-mail
Join Date: May 2003
Location: mostly in Thailand
Posts: 3,095
|
In the purely hypothetical case that any of us had downloaded the file, seen the security classification, and read it (and other linked documents) I do not think we would be liable for prosecution. Whatever the security classification, it is clearly now in the public domain. We might get ourselves on some list of undesirables, however.
Fortunately I, of course recognizing the subversive nature of this material, studiously avoided it, and avoided educating myself on its contents. |
28 Mar 2016, 01:37 AM | #4 | |
The "e" in e-mail
Join Date: Apr 2011
Location: Manchester UK
Posts: 2,616
|
Quote:
I suggest it's left to the powers-that-be to pursue the OP for starting the thread here, and also provide censure for the overuse of smilies. |
|
28 Mar 2016, 04:47 AM | #5 |
The "e" in e-mail
Join Date: Feb 2006
Location: EU
Posts: 4,945
|
The document is dated June 2012.
Added later:Fastmail is an encrypted webmail service ? I've never seen Fastmail making such a claim. Last edited by janusz : 28 Mar 2016 at 04:52 AM. |
28 Mar 2016, 04:53 AM | #6 |
Junior Member
Join Date: Dec 2014
Posts: 15
|
There's a mention on the page 21 also.
Anyway, the mails stored at FastMail aren't encrypted. I'm suprised to see them saying it's encrypted, the only encryption which is being used on FastMail is the encryption in the connection (TLS) between your device and FastMail servers. Server-to-server connection can be encrypted if the server on the other side supports it. |
28 Mar 2016, 05:27 AM | #7 | |
The "e" in e-mail
Join Date: Feb 2006
Location: EU
Posts: 4,945
|
Quote:
This encryption was made compulsory only at the end of June 2012, the same month when the super-secret paper mentioned by the OP was published |
|
28 Mar 2016, 08:06 AM | #8 |
The "e" in e-mail
Join Date: May 2003
Location: mostly in Thailand
Posts: 3,095
|
Well, actually it was not made completely compulsory even then. The access to insecure.messagingengine.com still existed. However, as a practical matter, most Fastmail messages were encrypted during transmission long before 2012. The NSA seems to be suggesting that they do not have access to Fastmail's disks at NYI, and it is not easy to break the encryption on Fastmail messages during transmission. Whether this remains true in 2016, who knows.
|
28 Mar 2016, 09:41 AM | #9 |
The "e" in e-mail
Join Date: Dec 2004
Location: a virtually impossible but finitely improbable position
Posts: 2,320
|
I heard an interview from someone in the intelligence industry, saying that anything Snowden made public is now obsolete. Everything changes so quickly these days. There's a whole lot more standatd encryption these days.
|
28 Mar 2016, 07:16 PM | #10 | |
Essential Contributor
Join Date: Mar 2014
Posts: 212
|
Quote:
https://www.fastmail.com/about/privacy.html |
|
29 Mar 2016, 10:09 AM | #11 | |
Cornerstone of the Community
Join Date: Mar 2011
Location: ~$
Posts: 652
|
Quote:
|
|
1 May 2016, 09:39 AM | #12 |
The "e" in e-mail
Join Date: Jan 2002
Location: San Francisco
Posts: 2,458
|
The state of the art has advanced.
The state of the art has advanced: https://tools.ietf.org/html/draft-margolis-smtp-sts-00
I don't recall hearing that fastmail supports DANE, but would like to hear if there are any plans to support DANE and/or SMTP STS or not. Hope so. These enhanced protocols are an organized response triggered by Snowden's disclosures. See here. FYI, as work of the US, the leaked material was 'public domain' from the moment it was created. 'Public domain' is a legal term that indicates copyright status, not secrecy or confidentiality. See here. In case you were being serious. The powers that be visited and I invited them to sit and they enjoyed delightfully energizing cups of Po-210-infused tea. Haven't heard from them since. Fred, say hello to my little friends: |
1 May 2016, 11:37 AM | #13 | |
Intergalactic Postmaster
Join Date: May 2004
Location: Irving, Texas
Posts: 8,930
|
Quote:
http://www.emaildiscussions.com/show...850#post591850 http://www.internetsociety.org/artic...l-using-dnssec Bill |
|