[Cryptography] Hillery's Email
Tom Mitchell
mitch at niftyegg.com
Thu Apr 7 16:41:02 EDT 2016
On Wed, Apr 6, 2016 at 10:42 PM, Bill Frantz <frantz at pwpconsult.com> wrote:
> In another thread, Tom Mitchell wrote:
>
> In the common use and common purpose case it seems OK to me.
>> In all, it is a step up from the management of Hillary's email.
>>
>
> What do we know about the management of Hillery's email? I do know that
> the government systems have had enough breaks that a private system may
> well have been better protected. Also that while Obama managed to get a
> more-or-less secure Blackberry, Hillery couldn't get one when she was
> Secretary of State. Otherwise, I'm woefully ignorant.
>
>
Good catch...
SMTP.
We know that sendmail (SMTP) is a store and forward protocol.
We know that transport is commonly plain text.
We know that metadata is visible even when the contents are encrypted.
We know that the retention policy of Hillary's email allowed long term
storage
on the mail server in contrast to a secure data storage resource.
We know state department mail storage and transport was insecure.
WhatsApp
We know that WhatsApp can optionally backup its data to Google Drive..
never would be a good choice.
We know the end to end encryption is an improvement over SMTP.
It does not honestly replace email, it does seem to improve on
basic text messaging which is in the clear.
The reality is that communication tools for federal officials and
normal citizens have lots of room for improvement.
--
T o m M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160407/217035f3/attachment.html>
More information about the cryptography
mailing list