Peterborough Linux user Group Forums

General (non-Linux) => General Discussion => Topic started by: buster on February 12, 2018, 03:42:53 pm

Title: Security as good as encryption?
Post by: buster on February 12, 2018, 03:42:53 pm
Got this from a detective series I'm reading. Sounds as if it would be pretty secure and simple. Want to know if it  has an massive holes in it.

Two people move around the world, but they need to keep in contact with each other. They do not wish to send emails to each other in case they are intercepted bu machines that look for specific words etc going over the wires. So they use 'draft mail'.

There is one email account on the web that can be accessed by either of them from a library or an available computer in a Welcome station or cafe. They write a draft email but leave it on the server and sign out. The other signs in and answers but leaves it as a draft. And signs out.

Seems that gov't agencies might have a tough time seeing these messages with the usual equipment that scans the web. Unless the machines regularly scan our drafts as well.

Any thoughts???
Title: Re: Security as good as encryption?
Post by: Jason Wallwork on February 12, 2018, 04:19:55 pm
Hmm.

Assuming that the email server they're accessing uses SSL  (i.e. it's a URL beginning with https:// ), the server isn't compromised and the machines they're using don't have keyloggers on them, this would work. The last part would be the most difficult to ascertain as there would be no obvious way to know the machine you're using is recording your keystrokes (or doing screen shots). But unless your enemy knows what cafes or library machines you use, this would be complicated to do. If he does, he probably already knows where you are.

That's a huge amount of trust though unless you want to have a separate email box you share with everyone you communicate with but I think it would work.