herzmeister
Legendary
Offline
Activity: 1764
Merit: 1007
|
|
August 18, 2013, 08:46:54 PM |
|
The fact that Mailpile consists of a google developer already makes me nervous to use Mailpile. The fact that Bitcoin consists of a google developer already makes me nervous to use Bitcoin.
|
|
|
|
Lauda
Legendary
Offline
Activity: 2674
Merit: 2965
Terminated.
|
|
August 18, 2013, 09:29:24 PM |
|
The fact that Mailpile consists of a google developer already makes me nervous to use Mailpile. The fact that Bitcoin consists of a google developer already makes me nervous to use Bitcoin. I feel you bro
|
"The Times 03/Jan/2009 Chancellor on brink of second bailout for banks" 😼 Bitcoin Core ( onion)
|
|
|
smscotten
|
|
August 18, 2013, 09:47:52 PM |
|
One more thing: why isn't there (or is there that I don't know about?) a web-of-trust model system for SSL certificates? At this point, it seems like the only secure solution is self-signed certificates, and that is only "secure" if you know the person who runs the server.
At this point I would say anyone who wants web-based secure email had better be running their own web and mail servers. Or else they are more trusting than I am that every Certificate Authority in the world isn't CCing everyone's private webserver keys (which the CA's generate) to every three-letter-agency on Earth.
|
|
|
|
marcus_of_augustus
Legendary
Offline
Activity: 3920
Merit: 2349
Eadem mutata resurgo
|
|
August 18, 2013, 10:22:29 PM |
|
One more thing: why isn't there (or is there that I don't know about?) a web-of-trust model system for SSL certificates? At this point, it seems like the only secure solution is self-signed certificates, and that is only "secure" if you know the person who runs the server.
At this point I would say anyone who wants web-based secure email had better be running their own web and mail servers. Or else they are more trusting than I am that every Certificate Authority in the world isn't CCing everyone's private webserver keys (which the CA's generate) to every three-letter-agency on Earth.
I agree the CA system is flawed and proven to be broken/compromised in some important cases. Namecoin TLS is now at functional state and the concept has been proven. Now it needs some more work (and devs) to bring it to a level where widespread usage is simple. http://dot-bit.org/forum/viewtopic.php?f=2&t=552
|
|
|
|
smscotten
|
|
August 18, 2013, 11:08:18 PM |
|
One more thing: why isn't there (or is there that I don't know about?) a web-of-trust model system for SSL certificates? At this point, it seems like the only secure solution is self-signed certificates, and that is only "secure" if you know the person who runs the server.
At this point I would say anyone who wants web-based secure email had better be running their own web and mail servers. Or else they are more trusting than I am that every Certificate Authority in the world isn't CCing everyone's private webserver keys (which the CA's generate) to every three-letter-agency on Earth.
I agree the CA system is flawed and proven to be broken/compromised in some important cases. Namecoin TLS is now at functional state and the concept has been proven. Now it needs some more work (and devs) to bring it to a level where widespread usage is simple. http://dot-bit.org/forum/viewtopic.php?f=2&t=552Thank you for pointing that out. I was of course aware of Namecoin but not Namecoin TLS. I'm setting up a forum (and probably web-based email) with encrypted storage and SSL-only access, and physical hosting at a location I have control over. I don't have a lot of bandwidth so I'm not making it available to to the public (sorry) but I am concerned about making it work. What I've done is put the root domain and a subdomain on two different physical servers: one has a Comodo SSL certificate and the other has a certificate generated by my own local Certificate Authority. The root certificate hasn't left the machine with the webserver. The domain with the Comodo cert has one thing on it: a download link to my own CA public cert which can be installed into people's browsers or OSes. This gets me third-party authentication so you know that the cert came from the controller of the domain, and then encryption where the private keys for the server and CA are only on the server and have only ever been on the server. And it's *really* kind of convoluted. AND if I were offering it publicly, it still wouldn't be an alternative because all it would take is someone physically stealing the server or arresting me and cutting the lock off the case. Anyhow, I'd been thinking about registering a dot-bit domain as an alternate means of accessing the site. Now I'm considering that much more seriously. Thank you.
|
|
|
|
jedunnigan
|
|
August 18, 2013, 11:36:18 PM |
|
The fact that Mailpile consists of a google developer already makes me nervous to use Mailpile. The fact that Bitcoin consists of a google developer already makes me nervous to use Bitcoin. you've got to be kidding. If any changes are made the community disapproves of we won't update our clients, simple as that. Mike Hearn is a legend mate don't be a dick.
|
|
|
|
marcus_of_augustus
Legendary
Offline
Activity: 3920
Merit: 2349
Eadem mutata resurgo
|
|
August 18, 2013, 11:55:50 PM |
|
The fact that Mailpile consists of a google developer already makes me nervous to use Mailpile. The fact that Bitcoin consists of a google developer already makes me nervous to use Bitcoin. you've got to be kidding. If any changes are made the community disapproves of we won't update our clients, simple as that. Mike Hearn is a legend mate don't be a dick. ... he's not a legend ... bitcoin is the trust no-one currency, you'd do well to remember that.
|
|
|
|
jedunnigan
|
|
August 19, 2013, 12:02:48 AM |
|
The fact that Mailpile consists of a google developer already makes me nervous to use Mailpile. The fact that Bitcoin consists of a google developer already makes me nervous to use Bitcoin. you've got to be kidding. If any changes are made the community disapproves of we won't update our clients, simple as that. Mike Hearn is a legend mate don't be a dick. ... he's not a legend ... bitcoin is the trust no-one currency, you'd do well to remember that. If you read my post, it's not about trust in Mike. He has done a TON for this community. Trust comes in when you update the client, so you peruse the changes and see if they are up to standard. You trust the code, not the people. Here i am speaking to the hard work mike has put in making bitcoinj possible. You'd do well to remember that.
|
|
|
|
MysteryMiner
Legendary
Offline
Activity: 1512
Merit: 1049
Death to enemies!
|
|
August 19, 2013, 12:09:39 AM |
|
Self-hosting your own mail server is a short term solution for long term problem. e-mail must be retired because of usability and security problems. Just like BBS or Gopher is no longer used by mainstream.
|
bc1q59y5jp2rrwgxuekc8kjk6s8k2es73uawprre4j
|
|
|
marcus_of_augustus
Legendary
Offline
Activity: 3920
Merit: 2349
Eadem mutata resurgo
|
|
August 19, 2013, 01:43:31 AM |
|
Here i am speaking to the hard work mike has put in making bitcoinj possible. You'd do well to remember that. Thanks .. maybe I will. Deifying devs and calling people dicks is probably not going to make me listen to you much though ... I wonder how he missed that random number generator Android bug for soooo long? Maybe concentrating on the law enforcement possibilities for bitcoinJ was occupying too much of his dev mind share?
|
|
|
|
jedunnigan
|
|
August 19, 2013, 02:07:53 AM |
|
Here i am speaking to the hard work mike has put in making bitcoinj possible. You'd do well to remember that. Thanks .. maybe I will. Deifying devs and calling people dicks is probably not going to make me listen to you much though ... I wonder how he missed that random number generator Android bug for soooo long? Maybe concentrating on the law enforcement possibilities for bitcoinJ was occupying too much of his dev mind share? lol deify? boy oh boy i love leaps in logic. But sure thing mate, you're the boss. I'll stop defending someone who has dedicated their time to meaningful development in the bitcoin space and start throwing baseless accusations around that even if they were true, wouldn't fly in practice. Happy now? What I can tell you is I'm definitely over this OT convo tho, thanks for the insights. To make this post worthwhile: Self-hosting your own mail server is a short term solution for long term problem. e-mail must be retired because of usability and security problems. Just like BBS or Gopher is no longer used by mainstream.
I agree to an extent, although it will be ages before email is phased out. An easy-to-use alternative will have to be made accessible first.
|
|
|
|
smscotten
|
|
August 19, 2013, 02:30:29 AM |
|
Self-hosting your own mail server is a short term solution for long term problem. e-mail must be retired because of usability and security problems. Just like BBS or Gopher is no longer used by mainstream.
BBS? Isn't that what we're having this conversation on? I'm interested to know what you suggest to replace SMTP. I have little doubt that whatever comes next will still end up being called email.
|
|
|
|
favdesu
Legendary
Offline
Activity: 1764
Merit: 1000
|
|
August 19, 2013, 07:29:08 AM |
|
i havent done much research into hosting my own server. i use a combination of gmail and bitmessage depending on who im talking to. im really excited about MailPile though. The project is run by 3 developers, 1 from google, 1 a member of the Icelandic Pirate Party, and 1 open source user interface developer. Its still in the works, but should be useable in 6-12 months. You can follow their progress and look up details here. http://www.mailpile.is/this looks really promising. I will "contribute" the $23 thing
|
|
|
|
stevegee58
Legendary
Offline
Activity: 916
Merit: 1003
|
|
August 19, 2013, 11:06:14 AM |
|
This should be good ... he may come across sometimes like a big, funny guy (clownish) but you know what? ... He just goes ahead and does shit, he doesn't just talk about it. Yea there is no doubt he is a doer more than a talker, but don't walk into his playpen willy nilly. If you are looking for secure encrypted mail storage the only person you can trust is yourself. Using open source software or at least auditable services is key. I agree. But still I like KDC because he's bold, disruptive and a PITA to the government. We need more like him who refuse to be sheep.
|
You are in a maze of twisty little passages, all alike.
|
|
|
wolverine.ks
|
|
August 19, 2013, 04:34:27 PM |
|
I'm interested to know what you suggest to replace SMTP. I have little doubt that whatever comes next will still end up being called email.
what about bitmessage?
|
|
|
|
Sage (OP)
|
|
August 21, 2013, 06:08:24 AM |
|
I'm interested to know what you suggest to replace SMTP. I have little doubt that whatever comes next will still end up being called email.
what about bitmessage? Systems like Bitmessage are the ultimate solution, but in the interim we need something to bridge the gap. So far its looking like enigma mail + openPGP is the best option. But getting contacts to actually setup encryption has been a challenge. What's it gonna take for the lemmings to wake up?
|
|
|
|
LightRider
Legendary
Offline
Activity: 1500
Merit: 1022
I advocate the Zeitgeist Movement & Venus Project.
|
|
August 21, 2013, 08:32:01 AM |
|
The owner of groklaw (which she just shut down, btw), suggests https://mykolab.com/.
|
|
|
|
ANX_Service
Newbie
Offline
Activity: 36
Merit: 0
|
|
August 21, 2013, 02:49:04 PM |
|
I'm interested to know what you suggest to replace SMTP. I have little doubt that whatever comes next will still end up being called email. +1 ANX.HK
|
|
|
|
virtualmaster
|
|
August 21, 2013, 07:19:51 PM |
|
What is this ? The Bitcoin price seems to be 800 $ there.
|
|
|
|
Winterfrost
|
|
August 21, 2013, 07:22:58 PM |
|
What is this ? The Bitcoin price seems to be 800 $ there.
A bitcoin exchange for Asia it looks like. It defaults to HKD (Hong Kong Dollars), so that's why it shows up as 800.
|
|
|
|
|