undefined | Better HN

0 pointshollerith5y ago0 comments

Just because someone used Yandex as a hyperbolic analogy doesn't mean we're talking about Yandex.

0 comments

2 comments · 1 top-level

ardy425y ago· 1 in thread

> Just because someone used Yandex as a hyperbolic analogy doesn't mean we're talking about Yandex.

But my point is that email itself is an insecure technology, and not even Phil Zimmerman bothers with PGP [1]. If you want to avoid something like 5 Eyes eavesdropping with a Russian/Chinese/etc. email provider, at a minimum you probably won't be able to email anyone with a 5 Eyes-based email account, and even if you do that some fraction of your mails may still get hoovered up in transit somewhere else. Sticking to only emailing accounts on the same provider seems like the most "secure" implementation of this idea, but even that is suspect. The PRC hacked Gmail ten years ago, and it's not unreasonable to assume the NSA could have an APT in Yandex.

IMHO, this equipment really only helps with security concerns unique to the Russian government itself. Regular people in other countries have better options for their use-cases.

[1] https://www.vice.com/en/article/vvbw9a/even-the-inventor-of-...

[2] https://en.wikipedia.org/wiki/Operation_Aurora

tyingq5y ago

Assume you have a shady company that has to use email for some things. Having your email provider being unlikely to comply with a US subpoena could have value.

j / k navigate · click thread line to collapse