[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [libreplanet-discuss] Alternatives to non-freedom-friendly webmail s

From: Andrew Hills
Subject: Re: [libreplanet-discuss] Alternatives to non-freedom-friendly webmail services?
Date: Thu, 20 Jun 2013 12:52:27 -0400

On Thu, 20 Jun 2013 18:25:13 +0200 al3xu5 / dotcommon
<address@hidden> wrote:
> The *ONLY* webmail services (or any web services in general) which
> you can trust they are really implemented with free software (this
> means *only* the AGPLv3) and really respect your privacy, are those
> you run by your own or by people you *personally* know and trust.
> > so far I've only found these functional and apparently reliable
> > alternatives:
> Yes... just "apparently".
> Look at Lavabit, for istance:
> So, my opinion is that there are NO reliable alternatives: we should
> run web services ourselves, better if sharing resources and efforsts
> with people we can really trust.

In principle, yes; but I think it's most important to first migrate
away from services that deliberately violate privacy all the time and
believe that it is acceptable to those who at least nominally do not
endorse that sort of behavior. I treat trust as a scale; I trust Google
zero; I trust myself ten; I trust Lavabit somewhere in between. So,
since getting a working mail setup is ungodly complex, it's a good
enough compromise for me to use their service for personal
correspondence in the interim, while I'm using my personally run
services for less sensitive mail like mailing lists. (Less sensitive
both for privacy reasons and reliability reasons; I don't care that I
miss mail from you as much as I care that I miss mail from my family.)

It is also of note that the vast majority of my friends who are just
becoming aware of privacy issues with Google and other such services
(thanks to this wonderful NSA scandal) have nowhere near the technical
capabilities to run their own mail servers, and their brain power is
much better spent improving society in ways that they are capable. I
cannot yet promise them sufficient reliability with my own service, so
to them, I recommend Lavabit. Yes, it requires me to trust them, and my
friends will trust them through my endorsement, so if I am wrong, a
huge error has occurred. But, as it stands right now, evidence convicts
Google of wrongdoing, and has not yet convicted Lavabit of the same.

My trust in Lavabit may be flawed; I do not have evidence that suggest
they tell the truth on their website. I am willing to take the risk,
though, on their promise of asymmetric encryption for users who are
willing to pay. Perhaps I am just too susceptible to the propaganda on
their website, and my foolishness will be revealed, and my reputation
stained forever.

Attachment: signature.asc
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]