Singapore Expats Forum

Safe, secure, PRISM free webmail (encrypted on server)

Discuss about the latest news & interesting topics, real life experience or other out of topic discussions with locals & expatriates in Singapore.

PNGMK
Director
Director
Posts: 4849
Joined: Thu, 21 Mar 2013

Safe, secure, PRISM free webmail (encrypted on server)

Postby PNGMK » Wed, 03 Jul 2013 10:43 pm

Does anyone use a PRISM free email server that allows easy encryption including termination end (ie. server) encryption?

User avatar
sundaymorningstaple
Moderator
Moderator
Posts: 34258
Joined: Thu, 11 Nov 2004
Location: Still Fishing!
Contact:

Postby sundaymorningstaple » Wed, 03 Jul 2013 10:46 pm

Is that a direct link to NSA? :o

User avatar
durain
Director
Director
Posts: 3666
Joined: Thu, 23 Aug 2007
Location: Location: Location: Location:

Postby durain » Wed, 03 Jul 2013 11:03 pm

why would you need it? you cheating on your wife? :D

User avatar
x9200
Moderator
Moderator
Posts: 9160
Joined: Mon, 07 Sep 2009
Location: Singapore

Postby x9200 » Thu, 04 Jul 2013 7:59 am

Why do you need a server side encryption? If you can not trust your own side (client side) you should never trust what some strangers put on their side.
E-mail servers provides mere means of transportation and the rest is in your hands. Use PGP within your client with good key length and no server side encryption will do a better job.

PS. I bet your e-mails will surely attract attention and given time and computational power you can break pretty much everything. THEY have both of them ... so maybe better not to encrypt?

User avatar
zzm9980
Governor
Governor
Posts: 6837
Joined: Wed, 06 Jul 2011
Location: Once more unto the breach

Re: Safe, secure, PRISM free webmail (encrypted on server)

Postby zzm9980 » Thu, 04 Jul 2013 9:37 am

PNGMK wrote:Does anyone use a PRISM free email server that allows easy encryption including termination end (ie. server) encryption?


They don't exist.

The only way to have a reasonable expectation of secure email is to use PGP/GPG and encrypt it locally on your end. Server-side encryption should not be trusted.

For a perfect example, Hushmail.com used to advertise server side encryption. They made a huge deal about it, and it was their claim to fame. They were even hosted in Canada. Then it came out a US court compelled them to decrypt and provide large amounts of email on suspected drug dealers using the service.


  • Similar Topics
    Replies
    Views
    Last post

Return to “General Discussions”

Who is online

Users browsing this forum: No registered users and 4 guests