Talk:TTFA2: Email & Email Lists

From HacktionLab: A UK-wide network tech-activists providing meet-ups, events, workshops, national skillshare gatherings and hacklabs
Jump to navigation Jump to search

Securing your Email

First Thought

I'm not too chuffed with booki - see discussion tab for this page.

I will now review this chapter in its current form, then proceed to make suggestions about how it might be changed to fit with the new style as discussed at IRC_logs_for_TTFA2_meeting


Content review

Para 1

The user story is grand but the use of bold face seems a bit random.


Paras 2-6

We jump into addressing the specific example raised in the user story, in the way that I would probably talk about it to someone in the pub. That's OK for chatting in the pub, but maybe in this setting we could be more systematic about how we broach these matters? The advantage of doing so would be that the reader would then have a conceptual framework on which to hang all the many different issues that arise, so facilitating their learning.

So in this case, instead of diving in to the example, we could start by explaining the informatic nature of an email transaction, then expand. For example:

  • What is the structure of a transaction, and who are the parties to it?
  • What information is available to each party?
    • What is stored on your machine, should anyone care to look (link to chapter on safe data storage)
    • What your ISP and 'public networks' can see
    • What your email provider can see
    • What your (CC'ed) recipients can see
  • How can the mail user control what information is available to whom?
    • Hard drive hygiene
    • Choice of MUA (or browser for webmail)
    • Use of secure tunnels to protect against ISP snooping
      • link to chapters on personal VPNs and ad-hoc ssh tunneling
    • Use of trusted email providers [current paras. 7-8 goes here]
    • Use of encrypted email [current paras. 9-end here]
      • Certification
      • PGP
  • Why would the user wish to do all this?
    • General desire for privacy
    • Avoiding targetted advertising
    • Protecting campaigns against specific threats
      • Corporate surveillance - e.g. EDF snooping on GreenPeace
      • Government surveillance - network profiling, keeping yourself out of their sights
      • Pigs that want to nick you for doing what needs to be done - minimising exposure of your most sensitive information
  • etc...


Paras 7-end

This is clearly written and accessible. I don't think the current text needs any changes, but would benefit from contextualisation as above.


New Format

Having said all that, we're now looking at writing "Noddy and Big-Ears Send Rad Emails and Plod Doesn't Know", so most of the above detail will have to be lodged somewhere on-line (this wiki?) and referred to in a shortened footnote. So what can we do in the new form, on paper, for TTfA2?

I'd suggest keeping the same user story, followed by a paragraph that introduces the idea that what one types as an email might reach many different eyes, then list who those eyes might belong to. Then the 'action' section would link to a page on this wiki, structure something like I suggest above, and actions the reader can take:

  • Control on-line identity (needs a seperate chapter) and limit exposure
  • Use trusted email providers
  • Use SSL and VPN if available
  • Use PGP and control local storage

Anyhow, thanks to everyone who wrote the current page - I couldn't have thought of all this without reading what was there already MaRk 09:28, 3 December 2011 (UTC)

Retrieved from ‘https://hacktionlab.org/index.php?title=Talk:TTFA2:_Email_%26_Email_Lists&oldid=4150