secure communications

[Case Closed]

Give all preferred clients a sweet decoder ring and send all emails in said code.

[stabn]

Use page 276 from Crime and Punishment.

[BrunoThePug]

I don't think the encryption is the problem, it's the people at the ends of the communication.

Let's say I send a super secret message to my friend. While the authorities may not be able to decode my message while in transit, they could presumably view the message once it's been decoded and read by my friend. In other words, when the authorities go knocking doors down it doesn't matter how encrypted your data was if somebody has got a printout of the data sitting on their desk.

With that said there are some web based e-mail programs that only allow a message to be read once after which it is deleted forever. This might be a good option. (Still doesn't get around the problem you have with what people do with the secret data after they view it).

[By-Tor]

[Boris]

irc

[stabn]

[ QUOTE ]
irc

[/ QUOTE ]

ytalk

[cbloom]

[ QUOTE ]
I don't think the encryption is the problem, it's the people at the ends of the communication.

Let's say I send a super secret message to my friend. While the authorities may not be able to decode my message while in transit, they could presumably view the message once it's been decoded and read by my friend. In other words, when the authorities go knocking doors down it doesn't matter how encrypted your data was if somebody has got a printout of the data sitting on their desk.

With that said there are some web based e-mail programs that only allow a message to be read once after which it is deleted forever. This might be a good option. (Still doesn't get around the problem you have with what people do with the secret data after they view it).

[/ QUOTE ]

There's no way to prevent your clients from ratting you out, but that's true in a pen & paper scenario as well.

You have to assume a trustworthy client and just make the communications secure from 3rd party snooping.

Ideally you would also not be too open to 3rd party applications running on clients' machine (like spyware).


For what OP wants some kind of PGP email would certainly work. My biggest concern with that would be that clients wouldn't be computer savvy enough to deal with that.

A simpler solution would just be some kind of secure web site on a friendly foreign server. That should be pretty easy and friendly for everyone, but you have to hire someone to build a simple web site.

[KOTLP]

Check out setting up a SILC server. It's basically like encrypted IRC, free, and works with gaim.

[icepick]

The Mixmaster sysytem of remailers, combined with PGP/GPG will do everything you want, and more.

Mixmaster

[neuroman]

[ QUOTE ]
I don't think the encryption is the problem, it's the people at the ends of the communication.

[/ QUOTE ]
This is exactly the problem. Here we have a Trusted Sender (TS, his sports aficionado friend) but multiple Probably Untrusted Readers (Punters).

If TS wants to send one-way communications to his friends the Punters, he needs to send no information that is personally traceable to him. Because if one of his untrusted Punter friends accidentally leaves his email program, that punter's wife might raise a big stink and cause him problems.


Practically speaking, there is no way to control what his friends the punters will do what the info that is sent to them. It does not matter if they have encryption on their end--they cannot be "trusted" or relied upon to keep the contents of the message secret.

The messages that TS sends to punters, therefore, need to be short, sweet, and completely unidentifiable. He needs to think very carefully about what constitutes unidentifiable information before he sends messages.