Re: sending debian-private postings to gmail
On Tue, Jun 27, 2006 at 09:22:45PM +0100, Aigars Mahinovs wrote: Ian Jackson [EMAIL PROTECTED] said: I'm one of the small minority of people who have a very negative opinion about gmail. I realise I'm a bit of a kook on this subject and I'd ideally I'd like to avoid having an enormous flamewar about it. However, it has come to my attention that at least one developer appears to be reading debian-private at their gmail account. I am one of those developers. I have never though that such action could be considered a violation of debian-private policy and some reasons for that have already been raised. In fact I do think that we should encrypt the postings to debian-private for both privacy and flamecontrol reasons. At this encryption stage headers of the messages should be stripped and only stored on the server. Only most important headers (like from, subject and date) would be embedded in the encrypted payload. Unless we go that far and realise such system, I see no reason to single out Google on the storage of the mail messages from debian-private. I would expect developers to exercise the same judgement with regard to any mail provider that they have reason to believe is analyzing mail for, or delivering mail to, parties other than the intended recipient. Google is singled out only in the sense that it's well-known, widely used, and has a published policy of analyzing received mail for its advertisers. If anything, it's commendable that Google has been open about the existence of this practice, but I still share Ian's concern that it makes GMail an unsuitable mail store for -private mail. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. [EMAIL PROTECTED] http://www.debian.org/ signature.asc Description: Digital signature
Re: sending debian-private postings to gmail
Ian Jackson [EMAIL PROTECTED] said: I'm one of the small minority of people who have a very negative opinion about gmail. I realise I'm a bit of a kook on this subject and I'd ideally I'd like to avoid having an enormous flamewar about it. However, it has come to my attention that at least one developer appears to be reading debian-private at their gmail account. I am one of those developers. I have never though that such action could be considered a violation of debian-private policy and some reasons for that have already been raised. In fact I do think that we should encrypt the postings to debian-private for both privacy and flamecontrol reasons. At this encryption stage headers of the messages should be stripped and only stored on the server. Only most important headers (like from, subject and date) would be embedded in the encrypted payload. Unless we go that far and realise such system, I see no reason to single out Google on the storage of the mail messages from debian-private. Currently GMail is the most trustable mail storage location that I have available. And it is also the only location I do use - all my mail from all other locations is redirected there. Even if I do redirect debian-private mail to another place, that will simply mean that I will stop reading it. P.S. Please CC me, I am not on debian-devel. -- Best regards, Aigars Mahinovsmailto:[EMAIL PROTECTED] #--# | .''`. Debian GNU/Linux LAKA | |: :' : http://www.debian.orghttp://www.laka.lv | |`. `' | | `- | #--# -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: sending debian-private postings to gmail
Domenico Andreoli wrote: it's nice to have your personal gobal searchable mailing list archive, where you can really find anything you have ever received. Even though it is nice, it's also problematic to scatter around private and hence sensitive (at least temporarily sensitive) information on a system that uses this as content for various ratings. I also have some doubts the mails are really deleted from the disks and archives when you delete them in your interface. Hence, I have to admit that Ians reasons are valid. sorry, i already switched to a safer address, sob.. Thank you. Regards, Joey -- Have you ever noticed that General Public Licence contains the word Pub? Please always Cc to me when replying to me on the lists. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: sending debian-private postings to gmail
Kevin B. McCarty wrote: Come to think of it, [pgp encrypting each message] isn't a bad idea. Is it feasible for this to be done transparently? Mailing list admins, any comments? I suspect that the end result of this would be more people keeping their GPG keys unencrypted on Internet-accessible machines. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: sending debian-private postings to gmail
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ian Jackson wrote: Kevin B. McCarty writes (Re: sending debian-private postings to gmail): Ian Jackson wrote: [snip] distributed to computers whose owners and operators cannot be expected to refrain from processing the content in other ways. ^ [...] If you are sufficiently paranoid, [...] [snip] However, it is _not_ silly to observe that Google are counting up how many times certain keywords appear and providing reports to their advertisers. We don't know exactly what those reports look like but it might be quite easy to find out what topics are being discussed on debian-private. It's clear that Google think they have the legal right (given to them by the developer-user) to facilitate that and it's also clear that they have no particular reason to spend effort thinking about how to make it difficult for their advertiser customers to do that kind of thing. ROT13? Such encryption would not hinder the NSA, but would bollox Google's keyword counting. Do any modern GUI MUAs do ROT13 anymore? -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.3 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFEdh/eS9HxQb37XmcRAsddAJ9S4dFCU1ljj5lEXQlQMGpQPVgxGgCgwv2/ ggHhMVQOSZ8ZVn7EvGk3Y00= =uW7C -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: sending debian-private postings to gmail
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 25 May 2006 16:21:35 -0500 Ron Johnson [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ian Jackson wrote: Kevin B. McCarty writes (Re: sending debian-private postings to gmail): Ian Jackson wrote: [snip] distributed to computers whose owners and operators cannot be expected to refrain from processing the content in other ways. ^ [...] If you are sufficiently paranoid, [...] [snip] However, it is _not_ silly to observe that Google are counting up how many times certain keywords appear and providing reports to their advertisers. We don't know exactly what those reports look like but it might be quite easy to find out what topics are being discussed on debian-private. It's clear that Google think they have the legal right (given to them by the developer-user) to facilitate that and it's also clear that they have no particular reason to spend effort thinking about how to make it difficult for their advertiser customers to do that kind of thing. ROT13? Such encryption would not hinder the NSA, but would bollox Google's keyword counting. Do any modern GUI MUAs do ROT13 anymore? It's pretty trivial to write an 'action' for Sylpheed/Sylpheed-Claws to do this for both encoding and decoding an e-mail. UNAQ, Wnpbo :-) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.3 (GNU/Linux) iD8DBQFEd1MFkpJ43hY3cTURAplnAJwOmRaSJdZkJyheGhK6XZ9E5wg8qQCfXAWa 7Mcwe3N4M3e+Z0mutwvNz58= =hdCL -END PGP SIGNATURE-
Re: sending debian-private postings to gmail
Ian Jackson wrote: [snip] But it seems clear that Gmail's processing isn't compatible with debian-private. A Debian developer should cause debian-private to be processed only as is necessary for providing developers with good and convenient access to the mailing list. They should not cause debian-private to be distributed to computers whose owners and operators cannot be expected ^^^ to refrain from processing the content in other ways. ^ I'm not one of the people you are accusing, but I have to comment. The phrase I underline above applies to *any* computer that is not under direct control of the Debian developer. If you are sufficiently paranoid, you could argue that any ISP might be subpoenaed at any time for the contents of someone's mailbox, some rogue admin of the ISP might decide to read customers' email, or even that someone might be sniffing SMTP traffic on the net. Taken to extremes, this implies that (1) DD's should only receive mail sent to boxes under their own control and (2) all mail passing through debian-private should, for each subscriber to the list, be encrypted individually to the public key on file for her/him. Come to think of it, (2) isn't a bad idea. Is it feasible for this to be done transparently? Mailing list admins, any comments? regards, -- Kevin B. McCarty [EMAIL PROTECTED] Physics Department WWW: http://www.princeton.edu/~kmccarty/Princeton University GPG: public key ID 4F83C751 Princeton, NJ 08544 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: sending debian-private postings to gmail
Scripsit Kevin B. McCarty [EMAIL PROTECTED]
Taken to extremes, this implies that (1) DD's should only receive mail
sent to boxes under their own control and (2) all mail passing through
debian-private should, for each subscriber to the list, be encrypted
individually to the public key on file for her/him.
Come to think of it, (2) isn't a bad idea. Is it feasible for this to
be done transparently?
It may or may not be feasible to do it transparently on the list
software side, but it certainly isn't feasible to do it on the reader
side. I for one certainly am not going to make a daily effort to move
mail from the internet-connected box to the one that knows my secret
key, and type in my 100+ character passphrase several times in order
just to get to know that ${INSERT_RANDOM_DD} will be on vacation.
Better to drop -private completely then, and what does that gain
anybody?
--
Henning Makholm I Guds Faders namn, och Sonens, och den Helige
Andes! Bevara oss från djävulens verk och från Muhammeds,
den förbannades, illfundigheter! Med dig är det värre än med
någon annan, ty att lyssna till Muhammed är det värsta av allt.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: sending debian-private postings to gmail
Kevin B. McCarty wrote: Taken to extremes, this implies that (1) DD's should only receive mail sent to boxes under their own control and (2) all mail passing through debian-private should, for each subscriber to the list, be encrypted individually to the public key on file for her/him. Come to think of it, (2) isn't a bad idea. Is it feasible for this to be done transparently? Mailing list admins, any comments? I think that Nick Moffitt ran a mailing list with mailman for a while that operated like this. Should be even easier for -private since we have all potential subscribers' gpg keys on file already. It would, however, probably be difficult to read such a mailing list in gmail. ;-) -- see shy jo signature.asc Description: Digital signature
Re: sending debian-private postings to gmail
Kevin B. McCarty writes (Re: sending debian-private postings to gmail): Ian Jackson wrote: [snip] distributed to computers whose owners and operators cannot be expected to refrain from processing the content in other ways. ^ [...] If you are sufficiently paranoid, [...] You might well, but only if you were, as you say, paranoid. Taken to extremes, this implies [absurd conclusions] So don't take it extremes then. Each developer has to decide, obviously, who is trustworthy. But a developer who decides that Gmail is `trustworthy' isn't taking that question seriously and I'm writing here to point that out. With 1000 developers the secrecy of debian-private is always going to be imperfect and worrying about the kind of threats you describe is silly. However, it is _not_ silly to observe that Google are counting up how many times certain keywords appear and providing reports to their advertisers. We don't know exactly what those reports look like but it might be quite easy to find out what topics are being discussed on debian-private. It's clear that Google think they have the legal right (given to them by the developer-user) to facilitate that and it's also clear that they have no particular reason to spend effort thinking about how to make it difficult for their advertiser customers to do that kind of thing. Ian. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: sending debian-private postings to gmail
On Thu, May 25, 2006 at 02:13:38AM +0200, Henning Makholm wrote:
Scripsit Kevin B. McCarty [EMAIL PROTECTED]
Taken to extremes, this implies that (1) DD's should only receive mail
sent to boxes under their own control and (2) all mail passing through
debian-private should, for each subscriber to the list, be encrypted
individually to the public key on file for her/him.
Come to think of it, (2) isn't a bad idea. Is it feasible for this to
be done transparently?
It may or may not be feasible to do it transparently on the list
software side, but it certainly isn't feasible to do it on the reader
side. I for one certainly am not going to make a daily effort to move
mail from the internet-connected box to the one that knows my secret
key, and type in my 100+ character passphrase several times in order
just to get to know that ${INSERT_RANDOM_DD} will be on vacation.
Better to drop -private completely then, and what does that gain
anybody?
If we are to be paranoid, another possibility is that a POP server
is made available in a Debian controlled box just for debian-private
use by DD, so debian-private mail is sent there, and nowhere else, and
retrieved from there by DD. Some security adjustments might be needed.
--
Agustin
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: sending debian-private postings to gmail
On Wed, 24 May 2006, Kevin B. McCarty wrote: (2) all mail passing through debian-private should, for each subscriber to the list, be encrypted individually to the public key on file for her/him. Come to think of it, (2) isn't a bad idea. Is it feasible for this to be done transparently? Mailing list admins, any comments? This would also have the utility of making following threads in -private sufficiently difficult that only the most necessarily private threads will happen there. [Try following a flamewar when you have to decrypt every message...] Of course, there is an argument that VAC messages will still have headers unencrypted which could leak information... but it's not like it'll be any worse than it is now, and people who care can always shove them into the body. Don Armstrong -- You have many years to live--do things you will be proud to remember when you are old. -- Shinka proverb. (John Brunner _Stand On Zanzibar p413) http://www.donarmstrong.com http://rzlab.ucr.edu -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: sending debian-private postings to gmail
On Wed, May 24, 2006 at 04:09:07PM -0400, Kevin B. McCarty wrote: (2) all mail passing through debian-private should, for each subscriber to the list, be encrypted individually to the public key on file for her/him. Come to think of it, (2) isn't a bad idea. Is it feasible for this to be done transparently? Mailing list admins, any comments? There is a barely maintained patch for Mailman to implement this. Whether we want to suffer all the pain of using Mailman only in exchange for this is another matter completely. -- Lionel -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: sending debian-private postings to gmail
On 5/24/06, Ian Jackson [EMAIL PROTECTED] wrote: However, it has come to my attention that at least one developer appears to be reading debian-private at their gmail account. doh! i have been caught :) it's nice to have your personal gobal searchable mailing list archive, where you can really find anything you have ever received. sorry, i already switched to a safer address, sob.. ciao dom -[ Domenico Andreoli, aka cavok --[ http://people.debian.org/~cavok/gpgkey.asc ---[ 3A0F 2F80 F79C 678A 8936 4FEE 0677 9033 A20E BC50
Re: sending debian-private postings to gmail
On Wed, May 24, 2006 at 04:09:07PM -0400, Kevin B. McCarty wrote: Come to think of it, (2) isn't a bad idea. Is it feasible for this to be done transparently? Mailing list admins, any comments? this has been discussed before a few times. iirc each time the final result was the mail admins saying the mail server is busy enough right now, thanks. sean signature.asc Description: Digital signature
