Nokia
- Thread starter Sushubh
- Start date
- Replies 335
- Views 172,505
What if one has encryption at the email server hosted outside India and the email client on his computer.
From a legal point of view, if the company hosting your email has no legal presence in India, it is not obligated to help the Indian government read your email.
From a technical point of view, there is nothing the government can do in this case. The worst the govt. can hope to do is block the IP address of your mail server, which you can get around by using a VPN or proxy.
Bottom line: "terrorists" can, and will, still communicate securely. All that's happening here, is our govt. exploiting the fear of terrorism to violate our privacy.
I wonder if they have a department of babus to read people's mail and chats a la Big Brother. I feel sorry for the poor bloke who's reading all the fwds that my sis and mom send me
From a legal point of view, if the company hosting your email has no legal presence in India, it is not obligated to help the Indian government read your email.
From a technical point of view, there is nothing the government can do in this case. The worst the govt. can hope to do is block the IP address of your mail server, which you can get around by using a VPN or proxy.
Bottom line: "terrorists" can, and will, still communicate securely. All that's happening here, is our govt. exploiting the fear of terrorism to violate our privacy.
I wonder if they have a department of babus to read people's mail and chats a la Big Brother. I feel sorry for the poor bloke who's reading all the fwds that my sis and mom send me
if the data passing through your system and the server is not encrypted, it can probably be bypassed.
i am not sure what happens if you use stuff like PGP in your email client.
It is best to assume that all unencrypted communication going out of your computer is being monitored or intercepted and stored somewhere (maybe forever).
If you use PGP with best practices (e.g. don't let the private keys get compromised, good passphrases, etc), then nobody except the sender and receiver can read the message. If the computer of the sender or the receiver has a backdoor or is compromised, that's another thing. I wish PGP or S/MIME would catch on.
i am not sure what happens if you use stuff like PGP in your email client.
It is best to assume that all unencrypted communication going out of your computer is being monitored or intercepted and stored somewhere (maybe forever).
If you use PGP with best practices (e.g. don't let the private keys get compromised, good passphrases, etc), then nobody except the sender and receiver can read the message. If the computer of the sender or the receiver has a backdoor or is compromised, that's another thing. I wish PGP or S/MIME would catch on.
well, u can always use email client which supports PGP and use gmail via pop/imap/smtp. or as i already mentioned somewhere else, write everything in word file and then encrypt it and send it!
2nd method is little lengthy, but first method is easy.
may be sometime in future gmail might start webbased PGP support.
---------- Post added at 09:30 AM ---------- Previous post was at 09:27 AM ----------
FireGPG - Welcome to the official website of FireGPG!
Here is extension, which had implemented PGP support in gmail, but looks like something changed and currently not working.
2nd method is little lengthy, but first method is easy.
may be sometime in future gmail might start webbased PGP support.
---------- Post added at 09:30 AM ---------- Previous post was at 09:27 AM ----------
FireGPG - Welcome to the official website of FireGPG!
Here is extension, which had implemented PGP support in gmail, but looks like something changed and currently not working.
I have tried the first method but I was unable to encrypt any emails because none of the receivers I sent emails to had public keys (last time I checked).The second method requires a proprietary software for something as basic as email; it works only on Windows and maybe macs; it cannot be automated, etc. Also, MS Word is crappy when it comes to interoperability.Addons for PGP in Gmail won't work because there isn't much demand for this; if Gmail were to set up and make every user have a key pair then it would be great.Unfortunately PGP in Gmail seems self-contradictory; if Gmail itself is going to decode messages then it's no longer end-to-end encryption. There is a middleman (Gmail) which can be compromised/whatever. If Gmail doesn't decode messages itself then it won't be able to display ads which is it's main revenue stream. So I guess it is not in Gmail's best interest to have email encryption/decryption in the user's device rather than in Gmail's servers.
i would say that google can encrypt and decrypt the messages on page load if you can put in the relevant information in settings. i am amused that no one at google has made a labs out of it.ok server based processing would mean that the data would still be insecure. grrr. not sure if it can be done locally. personalized ads are also important so local processing would hamper that.
