On 2/13/2013 3:58 AM, bvvq wrote:
On 12/02/2013 3:15 PM, Joe Btfsplk wrote:
Here's an article someone pointed out on email providers & privacy; if
allow signing up w/ Tor, etc.: the_simple_computer
<http://www.thesimplecomputer.info/articles/email-for-privacy.html>
They all have + & -, depending on needs. For many, if read TOS &
Privacy Policy closely, they may be better than gmail, but not as
private as their hype says.
Great link. Interesting site.
(It's amazing that the web is so vast that after 15 years online,
there are still websites tucked away that I haven't seen.)
I took the info from The Simple Computer article & made a chart, plus
current data (some not in the article) from several providers' sites. If
anyone was interested & if I knew how to (easily) get it uploaded -
somewhere - I could do that. It's not the be all & end all, but has
current info on several providers, including how long they retain data.
It's now in pdf and / or .ODT format. I don't know if it's possible to
attach small files to tor-talk emails.
I would be interested in your data. Do you have any problems uploading
it to mainstream file sharing sites? You could encrypt it and send
tor-talk the passphrase. Or perhaps upload it to a .onion (I don't
know any off-hand).
_______________________________________________
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Sure - there's nothing private about it. Most data I took right off the
provider's TOS & Privacy Policy (or verified The Simple Computer site's
data). I didn't fill in all "items" on all the providers. Some policy
specs weren't mentioned by some providers. You can ask CS if they don't
have some "privacy" issue in writing, but a verbal / email reply
probably doesn't mean much (legally, at least), if it's not in their
official TOS / Privacy Policy.
One item is how long providers retain mail, after you delete it. Some
don't store at all; - to hrs / days / months / indefinitely. VFEmail's
storage falls into indefinitely category (though not on my chart).
I've never had a need to u/l a file to a free server, so if someone
could give suggestion of a simple, free one (file's only 100 KB). I see
no need to encrypt it - unless I'm overlooking a reason. Nothing
private, sensitive.
Had an interesting response from VFEmail CS. Though I've researched
"more privacy conscious" email providers a while, I'd over looked one thing.
Unless you encrypt the email - yourself - BEFORE it hits their server,
ANY provider can & does read (scan) the email, *at least for spam
checking* - at minimum. Many of you know this & probably many don't.
What else they say they do / don't do with scanning results (or anything
to do w/ privacy), like any other agreement / contract, is only as good
as the company that wrote it. And if they violate an agreement, only
recourse is to ask them to stop or sue them.
I asked about this one sentence, out of VFEmail's - ONE - paragraph
privacy policy:
7. VFEmail.net PRIVACY POLICY VFEmail.net will not monitor, edit or
disclose the contents of a User's email or any other communication
based on VFEmail.net, except that User agrees VFEmail.net may do so:
(a) as part of the TECHNICAL PROCESSING of the VFEmail.net
communication;
Joe: That's fairly vague. Monitor could mean anything or nothing.
Do you scan or look at email contents - ESPECIALLY the message body or
attachment contents, in any manner, except for data in the header
needed to send & receive mail, to scan for viruses or when legally
compelled to monitor email? I suggest that vfemail clarify & expand
this part of the privacy policy.
VFEmail responded:
Of course the message body is viewed. If you send out 200 emails and
cause the free outgoing queue to stop with your 'flood', would you
prefer if we verified you were just sending an address change, or
should we just block your account for spamming?
You're welcome, and encouraged, to use PGP from your local PC to
ensure no middle man can read your emails. Any provider who claims
they can not and will not read your mail are full of it.
As I said, wrote that before thinking, all providers scan unencrypted
mail for spam, at minimum. That may not violate privacy, if that's ALL
they do. If you really want privacy, use encryption. BUT... you have
to convince a lot of people to do the same. Not easy, in my experience
- outside of a crowd like this list.
I suppose even providers offering encryption of files while on their
server (like Lavabit), could read the mail just before it was encrypted
/ decrypted, since they are doing the encrypting. I believe one or 2
offer "end to end" encryption.
_______________________________________________
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk