[tor-talk] "Confidant Mail"

Mike Ingle mike at confidantmail.org
Wed Feb 4 02:27:58 UTC 2015

Non-www A record is added, and should show up soon.

As far as HTTPS:
The NSA has the ability to get into Amazon EC2 and mess with files too, 
no doubt.
And they have a variety of compromised HTTPS CA certs they could use to 
If they wanted to do that they could, HTTPS or no. If they did it on a 
large scale,
they would likely get caught, so they would only do such things if they 
were after a
specific high value target. Hopefully you are not on their short list.

I think it's silly that a self-signed HTTPS is treated as less secure 
than an HTTP by
the browsers. "Secure against a passive adversary" is better than "wide 
Did the cert authorities have a hand in that?

Please check the GPG signatures on the executables and source code 
before installing.
The GPG private key is not kept on the server (unlike a SSL private key).

pub   2048R/038D4412 2015-01-23
      Key fingerprint = 3C9A 0C66 1050 1265 D2AD  9D23 5903 FD94 038D 4412
uid                  Confidant Mail code signing key 
<code at confidantmail.org>
sub   2048R/55D88C4E 2015-01-23

pub   2048R/ECFCD0C2 2015-01-23
      Key fingerprint = D2B8 9E6F 95E7 2E26 E0C9  17D0 2D18 47DF ECFC D0C2
uid                  Mike Ingle <mike at confidantmail.org>

People who are interested in testing, please set up an account and email 
me. The test servers
have Tor hidden service entries, so you can try out anonymous mode.


On 2/3/2015 5:51 PM, michael ball wrote:
> On *Tue Feb 3, Mike Ingle wrote:*
>> I don't have HTTPS because there is nothing secret on the site, and
>> because I don't place much trust in it
> i may be mistaken that it is kinda stupid not to use HTTPS on a
> website with downloads, as documents released by Ed Snowden show that
> the NSA has the capability of injecting malicious software into active
> EXE file downloads in realtime.
> by the way, i cannot access your website without a preluding "www." to
> the domain. this needs to be fixed.
> thanks

More information about the tor-talk mailing list