From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp0 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id eMWoGftGpV8fCAAA0tVLHw (envelope-from ) for ; Fri, 06 Nov 2020 12:52:11 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp0 with LMTPS id aNuhFftGpV9JMwAA1q6Kng (envelope-from ) for ; Fri, 06 Nov 2020 12:52:11 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 1A65B9402A2 for ; Fri, 6 Nov 2020 12:52:11 +0000 (UTC) Received: from localhost ([::1]:35044 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kb1Du-00060b-1c for larch@yhetil.org; Fri, 06 Nov 2020 07:52:10 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:32916) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kb1Dc-0005xl-Tq for guix-devel@gnu.org; Fri, 06 Nov 2020 07:51:52 -0500 Received: from mail-ot1-x344.google.com ([2607:f8b0:4864:20::344]:41895) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kb1Da-0004I7-8v for guix-devel@gnu.org; Fri, 06 Nov 2020 07:51:52 -0500 Received: by mail-ot1-x344.google.com with SMTP id n15so1113310otl.8 for ; Fri, 06 Nov 2020 04:51:44 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=8IJF75o+8rPW3XBJovDvF4gIux+8ncvttSTWnHlqKF0=; b=E9+sOJGX1uIKbWp355kokBqQbatiptN+70lHKSBupPDHeqKk4MNcEQ/jmiTLRmCDP7 VRR11ymjFtZN/kgDxj1TfTPT2oVGSsLgKOWVdmySfl7KjM3tgJw5YgJyXeopmv/I1/YA xWGjTRINTE76ylWkmdGhZPtwgcILpmMt5F6RkasewSiucQbAb8iiuUSbNyPBwlz+TD5o +vln8KYbwQW+3XVLOPHZWJykuMS31XHyKRv7wxXgkkwO41S0ry0VdFAkyM+bAFndhik/ kvs0ndaoDoVSoNh/9j5+92KDY0IH3Pxaieyq+whO15z5IeD3S+BGPj76JuCE+f8HZCB5 gIQA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=8IJF75o+8rPW3XBJovDvF4gIux+8ncvttSTWnHlqKF0=; b=M0mpTyHM4FC5ceDKJdAsMfMB87upocQJ5hwnFDbzJUzVVQqOq8hUbTfjASnUOe2Tj5 H5pAoSFkLAXObvQEX6yiyHNaY60l32BzW2WPucYvqhHO8DyPQQjUlPNJpxGd9+cKLjeE skS+kScGQS3hmrHO3LDWrKof9pS6NXo0r0ORparg/dwRhnmZwzNpY/qA+ZXCA6oMdMoh +qQtSz1+xwSHJup0VttBsxoyp0g4tVNOXWhF0WItXU+J5cCgLP+AROJOZRopExjFDwTc u8tqZWhzia4qvI0AJszxP7xH+YnF3ppg1++4+c0NLuR0aZ4Bc5/nqFI9HNwkkKYrQ53A Y/EA== X-Gm-Message-State: AOAM533N447PP8SoaEpi/lgqbb8m86irjlAqsjm5DmNnNb6s0Mg0o4aa l1UpMWlkpRhi8u1h19u3BRDY3UEMSCt5aCd417g= X-Google-Smtp-Source: ABdhPJyTTOuYduKWzJUP7A07pSNHeNiydnncgb3nvPXIy1oZ+jkM9RrLd8sMM2Rj4+pPk9DFa9PuT5XECS4EpOoXM+A= X-Received: by 2002:a9d:58c6:: with SMTP id s6mr1039984oth.67.1604667103748; Fri, 06 Nov 2020 04:51:43 -0800 (PST) MIME-Version: 1.0 References: <86d00qfyqb.fsf@gmail.com> In-Reply-To: <86d00qfyqb.fsf@gmail.com> From: Aniket Patil Date: Fri, 6 Nov 2020 18:21:32 +0530 Message-ID: Subject: Re: Guide! Help! Using guix, or GNU/Linux, for secrecy, privacy. To: zimoun Content-Type: multipart/alternative; boundary="000000000000b3a73b05b36fac12" Received-SPF: pass client-ip=2607:f8b0:4864:20::344; envelope-from=aniket112.patil@gmail.com; helo=mail-ot1-x344.google.com X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: guix-devel@gnu.org Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: "Guix-devel" X-Scanner: ns3122888.ip-94-23-21.eu Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=gmail.com header.s=20161025 header.b=E9+sOJGX; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (aspmx1.migadu.com: domain of guix-devel-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-devel-bounces@gnu.org X-Spam-Score: -1.71 X-TUID: 5vLbAQ3OKJ4H --000000000000b3a73b05b36fac12 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hi zimoun, Yes, you wrote it on your blog. http://zimoun.github.io/about/ Read first reference. Also, unplugging from everything is not an option. I feel so. I will think about it. For hardware isn=E2=80=99t running X200 with libreboot as BIOS enough, with trisquel on top of that or any other free distro? Thanks for help. Aniket. On Fri, 6 Nov 2020 at 6:07 PM, zimoun wrote: > Hi, > > On Thu, 05 Nov 2020 at 20:14, Aniket Patil > wrote: > > > reliable either. Recently, I read zimouns vlog > > > > " right, Google is evil, but the storage and the search features are > really > > useful. So, I am thinking to switch to notmuch >, > > but not enough time to configure it, yet. " > > Is me that wrote this? Where? And when? > > > > So, is notmuch is reliable? > > > > I get paranoid after reading RMS, or Snowden. I think a lot about my > > privacy and others as well. Hence I am asking this, and participating i= n > > GNU projects and Free Software Projects. So coming to the point. > > > > How to or which email client shall I use or email service? > > > > Recently I was browsing on TOR but I guess even TOR exposes my IP addre= ss > > on internet. So shall I use it with VPN? If So which VPN? I know about > > WireGuard but it has GPL2 license not GPL3. > > > > What else can I do to secure myself? > > Really opinionated reply; Friday=E2=80=99s troll! ;-) > > > I am not sure to understand the question: against what you want to be > secure. > > As you see, I am still using Gmail. Most of the time, I compose emails > using Emacs. Sometimes, I reply using their web interface. Most of the > time, I read and search emails via Notmuch (+Emacs frontend), and > sometimes via the web interface. Whatever. > > I try to replace the web interface facilities. However my emails are > still stored on the Google infrastructure. And somehow, 50% of all our > emails are stored by Google. (This one is! because of your and my gmail > addresses.) > > > https://mako.cc/copyrighteous/google-has-most-of-my-email-because-it-has-= all-of-yours > > And even, it is a public mailing list, therefore data are on the Google > infrastructure. And even if it is not a public mailing list but an > encrypted email, then it is almost sure that Google will get the > metadata around=E2=80=93=E2=80=93which are clear. Snowden explains clear= ly that: > metadata is one of the key. > > Replace Google by whatever is scaring. > > If you use another email service, you have to trust this service. For > example, I have a Proton email account but I have no proof that they are > really doing what they claim to do; since all their code is not =E2=80=9C= open=E2=80=9C. > And even the code would be =E2=80=9Copen=E2=80=9C, I have no proof that t= he binary they > run corresponds to the code. Well, the only way is to run your own > service. But even with that, you are not protected against the 2 > previous collects. > > About privacy, the emails are doomed. Period. > > And I am not speaking about how to trust the binaries we use. For > example, Pandoc is not secure since the Haskell compiler GHC is not > bootstrappable. Another example is the Nyxt webbrowser because of the > Common Lisp SBCL reproducibility issue. Emacs is not reproducible > neither. Zillions of other example are around=E2=80=A6 I am not talking = about > how to trust the binaries running TOR or VPN or whatever service. And > last, how to trust the hardware? > > Well, the question you have to answer first is: against what you want to > protect. > > If you are paranoid, then you should be unplugged. Else, you have to > first define what is your personal policy and what is the one of the > people you interact with. > > > Hope that helps, > simon > > ps: > As Joshua wrote, these questions are better on help-guix@gnu.org. :-) > --000000000000b3a73b05b36fac12 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hi zimoun,

Yes, you wrote it on your blog.=C2=A0
http://zimoun.github.io/about/
Read first reference.=C2=A0
Also, unplugging from everything is not an option. I feel so. I wil= l think about it.

For ha= rdware isn=E2=80=99t running X200 with libreboot as BIOS enough, with trisq= uel on top of that or any other free distro?=C2=A0
<= br>

Thanks for help.

Aniket.

On Fri, 6 Nov 2= 020 at 6:07 PM, zimoun <zimo= n.toutoune@gmail.com> wrote:
Hi,

On Thu, 05 Nov 2020 at 20:14, Aniket Patil <aniket112.patil@gmail.com> wrote:=

> reliable either. Recently, I read zimouns vlog
>
> " right, Google is evil, but the storage and the search features = are really
> useful. So, I am thinking to switch to notmuch <https://notmuchmail.= org/>,
> but not enough time to configure it, yet. "

Is me that wrote this?=C2=A0 Where?=C2=A0 And when?


> So, is notmuch is reliable?
>
> I get paranoid after reading RMS, or Snowden. I think a lot about my > privacy and others as well. Hence I am asking this, and participating = in
> GNU projects and Free Software Projects. So coming to the point.
>
> How to or which email client shall I use or email service?
>
> Recently I was browsing on TOR but I guess even TOR exposes my IP addr= ess
> on internet. So shall I use it with VPN? If So which VPN? I know about=
> WireGuard but it has GPL2 license not GPL3.
>
> What else can I do to secure myself?

Really opinionated reply; Friday=E2=80=99s troll! ;-)


I am not sure to understand the question: against what you want to be
secure.

As you see, I am still using Gmail.=C2=A0 Most of the time, I compose email= s
using Emacs.=C2=A0 Sometimes, I reply using their web interface.=C2=A0 Most= of the
time, I read and search emails via Notmuch (+Emacs frontend), and
sometimes via the web interface.=C2=A0 Whatever.

I try to replace the web interface facilities.=C2=A0 However my emails are<= br> still stored on the Google infrastructure.=C2=A0 And somehow, 50% of all ou= r
emails are stored by Google.=C2=A0 (This one is! because of your and my gma= il
addresses.)

https://mako.cc= /copyrighteous/google-has-most-of-my-email-because-it-has-all-of-yours<= br>
And even, it is a public mailing list, therefore data are on the Google
infrastructure.=C2=A0 And even if it is not a public mailing list but an encrypted email, then it is almost sure that Google will get the
metadata around=E2=80=93=E2=80=93which are clear.=C2=A0 Snowden explains cl= early that:
metadata is one of the key.

Replace Google by whatever is scaring.

If you use another email service, you have to trust this service.=C2=A0 For=
example, I have a Proton email account but I have no proof that they are really doing what they claim to do; since all their code is not =E2=80=9Cop= en=E2=80=9C.
And even the code would be =E2=80=9Copen=E2=80=9C, I have no proof that the= binary they
run corresponds to the code.=C2=A0 Well, the only way is to run your own service.=C2=A0 But even with that, you are not protected against the 2
previous collects.

About privacy, the emails are doomed.=C2=A0 Period.

And I am not speaking about how to trust the binaries we use.=C2=A0 For
example, Pandoc is not secure since the Haskell compiler GHC is not
bootstrappable.=C2=A0 Another example is the Nyxt webbrowser because of the=
Common Lisp SBCL reproducibility issue.=C2=A0 Emacs is not reproducible
neither.=C2=A0 Zillions of other example are around=E2=80=A6 I am not talki= ng about
how to trust the binaries running TOR or VPN or whatever service.=C2=A0 And=
last, how to trust the hardware?

Well, the question you have to answer first is: against what you want to protect.

If you are paranoid, then you should be unplugged.=C2=A0 Else, you have to<= br> first define what is your personal policy and what is the one of the
people you interact with.


Hope that helps,
simon

ps:
As Joshua wrote, these questions are better on help-guix@gnu.org. :-)
--000000000000b3a73b05b36fac12--