[tor-talk] Email provider for privacy-minded folk
adrelanos
adrelanos at riseup.net
Thu Feb 14 10:42:40 UTC 2013
Moritz Bartl:
> On 13.02.2013 22:47, Joe Btfsplk wrote:
>> I suppose even providers offering encryption of files while on their
>> server (like Lavabit), could read the mail just before it was encrypted
>> / decrypted, since they are doing the encrypting.
>
> Even if they encrypt maildirs on their servers and unlock only while you
> are logged in, they can sniff your login/encryption password and poof.
> That's what Hushmail was forced to do on request by law enforcement.
What if Hushmail (or any other mail provider) had recommended the user
to install a browser add-on to do encryption locally?
Could they get forced to convince the user to install a malicious
browser add on, on request by law enforcement?
More information about the tor-talk
mailing list