[Users] CM "Privacy Issue" discussion - Where am I?
alb348 at gmail.com
alb348 at gmail.com
Tue Jan 31 10:23:19 CET 2012
On 2012-01-31 07:47, Christian Hesse wrote:
> Ok, here is an email, sent from Claws Mail as usual via SMTP.
> Where am I?
Ok, smarty, it's not clear what point you are trying to prove.
Your email seems to originate from a VPN whose IP is unknown:
leda.vpn.lugor.de (unknown [10.5.1.215])
so it can't be geographically pinpointed. Noted.
Now, my question is: do common computer users employ advanced security
tecniques (as you did) in order to ensure their privacy? They would not
even be aware of the threats, let alone knowing how to deal with them .
If your point was to prove that you can, in some special cases, use the
SMTP protocol without disclosing your location, then yes, you can. But
how would this benefit the low-tech masses?
If we move to the terrain of advanced IT techniques, the discussion
acquires a totally different nature. Sure, there are lots of ways to
avoid having your location identified. You can use a secure tunnel, as
has already been suggested. You can spoof your headers. You can hack
into someone else's computer and send emails from there. You can use
anonymous proxies/remailers. And so on, and on.
But how many computer users do even know about the existence of these
techniques? Only advanced computer users do.
The gist of my previous emails was simple enough, but I will restate it
more explicitly: considering that the *average* computer user, oblivious
to most privacy threats and having a limited IT expertise, will simply
copy and paste into his email client (Claws Mail or any other client)
the address of the SMTP server provided by his ISP or by his email
provider (Google, Yahoo, Hotmail, etc), it would be desirable to
implement a workaround (which happens to be webmail-based) that would
overcome that privacy violation. As already noted in previous emails,
this would only be feasible with *some* webmail services, not with all.
It would work with Google, for one. And, yes, it would require hard work
coding and maintaining the workaround (updates will be required). If the
criticism is "it's not worth the trouble, because of the difficulties
involved", then I quit advocating this solution (hey, it was just a
proposal), especially after the dismissive replies that I received so far.
I just wanted to make clear that:
1. the privacy violation is real and, for most (average) users,
unavoidable (with potentially serious consequences)
2. it would certainly be possible to implement a workaround (as
demonstrated by the fact that a Thunderbird add-on already exists)
Now I can rest my case.
More information about the Users