blacklisting by SORBS
James Wilkinson
fedora at westexe.demon.co.uk
Wed Aug 17 16:31:10 UTC 2005
Thomas Zehetbauer wrote:
> The only ones gaining advantage from us using our ISP's SMTP relay host
> are the famous three letter agencies making it easier or even possible
> for them to monitor out outgoing e-mail.
I don't know about the legal side, but from a technical side:
It is simple to monitor all traffic going through a router. It is quite
possible to pick out all traffic that goes to port 25, or has an initial
response that looks like an SMTP banner.
The only way be certain that no-one is reading your e-mail (apart from
the intended recipients) is to use known-to-be-secure cryptography.
At the moment, all we have is thought-to-be-secure cryptography (notably
GPG)[1]. But we don't know what the NSA, GCHQ and other government
cryptanalysts can do.
Even with GPG, it is possible to work out who is communicating with
whom. And this can be worth a lot.
Not using an ISP's relay host might make it harder for bored ISP
employees to flick through outgoing mail. But it won't stop anyone
determined with access to the router.
You should, however, read http://downlode.org/etext/alicebob.html to
keep a sense of proportion.
I should also point out that NSA employees *are* known to read this list
from time to time, and have responded to posts (mainly those about
SELinux, since the technology comes from there).
James.
[1] I hear quantum cryptography is getting better for stuff that
*really* needs to be secure..
--
E-mail address: james | "This was, apparently, beyond her ken. So far beyond
@westexe.demon.co.uk | her ken that she was well into barbie territory."
| -- J. D. Baldwin
More information about the fedora-list
mailing list