Verizon (FiOS) (Off Topic?) I have it!

[Fred]

On Tuesday 24 January 2006 11:45, Ben Scott wrote:
...
>   In this case, we're talking about creating an encrypted tunnel to a
> machine that's owned by a third party ISP, under their physical
> control.  Then we use that tunnel to relay email which immediately
> goes cleartext over the wire, on said third party's network.  Keep in
> mind that the objection in the first place was that ISPs can read the
> email.  So we're tunneling email to another server where a different
> ISP can then read the email there!  Further, In at least one case in
> point, the email is not only cleartext, but sent to a public mailing
> list, which is repeated to hundreds of subscribers and several public,
> indexed, searchable mail archives.

What I am really concerned about is some "ganster agency" using a blanket 
sniffing technology like "Carn1v0re", for instance, to do a broad sweep of 
packet gathering so they can sift through it later.

If I am targeted in particular, all bets are off anyway. 

>   If securing email is the goal, then the email message should be
> encrypted at the start, and decrypted by a trusted recipient at the
> end.

Yes, and the big problem with that is the technical knowledge currently 
required to handle to encryption technology like, say GPG. Outside of us 
geeks, it's simply beyond the average person. Watch them eyes glaze over 
when you try to explain the difference between "public key" and "private 
key", "plain text" and "encrypted text", "passphrases" and why they need to 
be so long, "key rings", and the like.

I basically would have to go around to each of my non-tech buddies and set 
their encryption system up for them. That's not really an option for me, 
much as I would love to have it all in place.

>   If creating the secure tunnel were actually a first step in a
> comprehensive security plan to secure the email message end-to-end,
> your argument would have some weight.  But there is absolutely no
> indication that is ever going to happen.

I have certain things in mind I want to protect against, to reduce the 
probably of, to make more difficult than just running ethereal at the local 
ISP. If it clears out 90% of the threat, I'm happy for now.

>   Once an end-to-end encrypted transport is established, then one can
> start to consider things like "Can the guy at the other end be trusted
> to keep what I say confidential?" or even "Can the guy at the other
> end be trusted to use GPG correctly?".  But we're nowhere near that.

In all things there is a cost. The real equation is the 
cost-benefit-value-risk analysis. How valuable is what I am going going to 
say to me is, what is the risk if the wrong eyes were to see it, what is the 
cost to reduce the chance of the wrong eyes seeing it, and is it worth the 
cost to avoid the risk? If by doing something as easy and simple and "free" 
as using IMAPS will increase the costs and efforts of someone who wishes to 
easedrop on the local packets and the like, then that added measure is worth 
it. Setting up an encrypted VPN channel, say, to all of my contacts machines 
would be much more secure, but would be costly to do, especially since many 
of them don't even have a clue as to what a VPN is.

>   As an aside: Phrases like "100% secure" are inherently bogus.  As
> Schneier says, security is process.  It is not a scalar quantity.

Agreed. But the costs of getting even near 100% may not be worth it in the 
long run.

-Fred