From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp0 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id wCk3G6lDpV/mZQAA0tVLHw (envelope-from ) for ; Fri, 06 Nov 2020 12:38:01 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp0 with LMTPS id PfXrFqlDpV8lLQAA1q6Kng (envelope-from ) for ; Fri, 06 Nov 2020 12:38:01 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 0FCC29403A9 for ; Fri, 6 Nov 2020 12:38:00 +0000 (UTC) Received: from localhost ([::1]:59236 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kb10B-0000Ih-Tr for larch@yhetil.org; Fri, 06 Nov 2020 07:37:59 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:58746) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kb0zr-0000Fr-Ni for guix-devel@gnu.org; Fri, 06 Nov 2020 07:37:39 -0500 Received: from mail-wr1-x441.google.com ([2a00:1450:4864:20::441]:45731) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kb0zo-00084H-Oi for guix-devel@gnu.org; Fri, 06 Nov 2020 07:37:39 -0500 Received: by mail-wr1-x441.google.com with SMTP id p1so1147736wrf.12 for ; Fri, 06 Nov 2020 04:37:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:subject:in-reply-to:references:date:message-id:mime-version :content-transfer-encoding; bh=IyWMoDKMZfZmkl83wK9I8bld6jrv+piCQca+Vjv9lhE=; b=Bk3xkeGo/0HNwGlO/HFCuchPeFZkMux9cgjIHU4EGbgS4jYRWf2NRXzjAtuAIzbst1 0Hl5iTk+9ASRdtP0SSGGE4lxIWtg0/Zq7oNlcNvY2wc3cADYkW2f68Reat/qDufqETNw grGiHfKOXigzCLW3n+o9+iU3qs2mySr0wMDc0XSADnfNBSPjfdYSiLmI95dqeXx3+3xj y/2/WHNQW7s8F09qWa15V9jLUn+QazFP5sk/Ajovsx1mYLI4SGKsQ7FAfdgEDYTiYxw4 GYan6Zq+vpwuwZ7K2IPo7QkjzzVWBxo2E+dkAUjJo+evzv9/NRWrhdPWbo9Sog9RX5Wg nb5w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:in-reply-to:references:date :message-id:mime-version:content-transfer-encoding; bh=IyWMoDKMZfZmkl83wK9I8bld6jrv+piCQca+Vjv9lhE=; b=XvxOUh2aacoMzJTCoC9DEK6HNC6lYa24QXnlDhLPtuLqPRxKtAqG2pNAslLnKCdnkh F3kFKylFi41eO1ZuRGwRy4et/Qe+4oioy/izXmGf9jHoXp6l0HrygMnzTA4FCJsJinBg B3o8/sx2dOgjIvKxCbnDfJRDLEJ4l67B0GOxFbvRtDPlpcuGgq3/RRr5w2ZMx85ihwgz 8VNZBNBuJ6Go7hlPCSrdX1zUjZ/w64CuASq6UyFXuEV3Trq53bE3tBAZTg8X4cCbO/nv 9U6gpjydwPz8/MEVS0TiLT3oxzkC1lsS5yNGCCiaIswFs/6ztZXHXsCj484Pe96Bak1b Priw== X-Gm-Message-State: AOAM5329Se9V/C0W4kb8T/YMf/PvsF2HMslq6n9lfwfkBYj3VhkQ0ALl 9NI2R2/vYkqhGkqTQ3Rx8xQ2Fc50HUDrJA== X-Google-Smtp-Source: ABdhPJzjv9MBgb6QVbxAHGYgEBjuqgUEGGTvipVPW/YdrH+mXxvFkr2gGkPTiagJO7gJCCuns+qlag== X-Received: by 2002:a5d:5604:: with SMTP id l4mr2389164wrv.140.1604666254466; Fri, 06 Nov 2020 04:37:34 -0800 (PST) Received: from lili ([88.126.110.68]) by smtp.gmail.com with ESMTPSA id e6sm2033227wrs.7.2020.11.06.04.37.33 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 06 Nov 2020 04:37:33 -0800 (PST) From: zimoun To: Aniket Patil , guix-devel@gnu.org Subject: Re: Guide! Help! Using guix, or GNU/Linux, for secrecy, privacy. In-Reply-To: References: Date: Fri, 06 Nov 2020 13:37:00 +0100 Message-ID: <86d00qfyqb.fsf@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Received-SPF: pass client-ip=2a00:1450:4864:20::441; envelope-from=zimon.toutoune@gmail.com; helo=mail-wr1-x441.google.com X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: "Guix-devel" X-Scanner: ns3122888.ip-94-23-21.eu Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=gmail.com header.s=20161025 header.b=Bk3xkeGo; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (aspmx1.migadu.com: domain of guix-devel-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-devel-bounces@gnu.org X-Spam-Score: -1.71 X-TUID: 6ZAKJidniGDc Hi, On Thu, 05 Nov 2020 at 20:14, Aniket Patil wrot= e: > reliable either. Recently, I read zimouns vlog > > " right, Google is evil, but the storage and the search features are real= ly > useful. So, I am thinking to switch to notmuch , > but not enough time to configure it, yet. " Is me that wrote this? Where? And when? > So, is notmuch is reliable? > > I get paranoid after reading RMS, or Snowden. I think a lot about my > privacy and others as well. Hence I am asking this, and participating in > GNU projects and Free Software Projects. So coming to the point. > > How to or which email client shall I use or email service? > > Recently I was browsing on TOR but I guess even TOR exposes my IP address > on internet. So shall I use it with VPN? If So which VPN? I know about > WireGuard but it has GPL2 license not GPL3. > > What else can I do to secure myself? Really opinionated reply; Friday=E2=80=99s troll! ;-) I am not sure to understand the question: against what you want to be secure. As you see, I am still using Gmail. Most of the time, I compose emails using Emacs. Sometimes, I reply using their web interface. Most of the time, I read and search emails via Notmuch (+Emacs frontend), and sometimes via the web interface. Whatever. I try to replace the web interface facilities. However my emails are still stored on the Google infrastructure. And somehow, 50% of all our emails are stored by Google. (This one is! because of your and my gmail addresses.) https://mako.cc/copyrighteous/google-has-most-of-my-email-because-it-has-al= l-of-yours And even, it is a public mailing list, therefore data are on the Google infrastructure. And even if it is not a public mailing list but an encrypted email, then it is almost sure that Google will get the metadata around=E2=80=93=E2=80=93which are clear. Snowden explains clearly= that: metadata is one of the key. Replace Google by whatever is scaring. If you use another email service, you have to trust this service. For example, I have a Proton email account but I have no proof that they are really doing what they claim to do; since all their code is not =E2=80=9Cop= en=E2=80=9C. And even the code would be =E2=80=9Copen=E2=80=9C, I have no proof that the= binary they run corresponds to the code. Well, the only way is to run your own service. But even with that, you are not protected against the 2 previous collects. About privacy, the emails are doomed. Period. And I am not speaking about how to trust the binaries we use. For example, Pandoc is not secure since the Haskell compiler GHC is not bootstrappable. Another example is the Nyxt webbrowser because of the Common Lisp SBCL reproducibility issue. Emacs is not reproducible neither. Zillions of other example are around=E2=80=A6 I am not talking ab= out how to trust the binaries running TOR or VPN or whatever service. And last, how to trust the hardware? Well, the question you have to answer first is: against what you want to protect. If you are paranoid, then you should be unplugged. Else, you have to first define what is your personal policy and what is the one of the people you interact with. Hope that helps, simon ps: As Joshua wrote, these questions are better on help-guix@gnu.org. :-)