NSA-proof your e-mail in 2 hours by Drew Crawford.
From the post:
You may be concerned that the NSA is reading your e-mail. Is there really anything you can do about it though? After all, you don’t really want to move off of GMail / Google Apps. And no place you would host is any better.
Except, you know, hosting it yourself. The way that e-mail was originally designed to work. We’ve all just forgotten because, you know, webapps-n-stuff. It’s a lot of work, mkay, and I’m a lazy software developer.
(…)
So bookmark this blog post, block off a Saturday next month, and get it done. Seriously. If you are still using GMail (or Yahoo, or arbitrary US-based email company) in August, your right to complain about the NSA spying on you is revoked. If you’re complaining about government spying on the Internet, or in a gathering of programmers, and you won’t take basic steps to do anything about it, then you’re a hypocrite, full-stop. I will personally come to your terminal and demand the return of your complain license. Pick a weekend, get it done. Or just admit that you’re okay with it. Either way, just be consistent.
If you don’t already encrypt your email at your client, these instructions may prove to be a bit much for you. 😉
You do know Email Rule #1?
Never put anything in email that you would not want read to a federal grand jury or published on the front page of the New York Times.
The NSA cannot intercept what you do not send.
I keep thinking there must be ways to use topic maps for very secure communications. The message assembles by a process of merging.
But if you lack the appropriate merging rules, its just a jumble of words.
Interesting point about Topic Maps helping to secure communications. I have been contemplating over this in the past. It is funny: some researches are trying to ease understanding through the use of integration technologies, others are trying to make it harder (cryptography). There must be synergies!
A practical idea of mine was involving my concept of a glue topic map (= one that *only* holds topics with at least two subject identity statements). You would have to add names to the glue and pre-share it over a secure channel. Communicating parties may only use one set of identifiers. Then you can send a topic map over an insecure channel which has a large part of its semantics encoded. You still have occurrence values and associations which give some parts of the message away.
Comment by Robert Cerny — November 18, 2013 @ 5:04 am
Robert,
Excellent idea! I take it the identifiers used by the parties don’t lead to merging whereas the second set, the secure set, does?
If you “reified” the occurrences and associations, as per your two identifier scheme, at least the values would not group together in any obvious way. Thinking coordinates and another number based data are just numbers without context.
I think your method would work because the semantics are missing, not simply obscured by computational means. The latter can be broken with enough interest and cycles. I’m not so sure about the former.
Comment by Patrick Durusau — November 19, 2013 @ 10:32 am
Patrick,
Yes, a message map needs to be stripped down as much as possible. Only when it is merged with the glue map the complete meaning is revealed.
On second thought it is beneficial to grow the number of subject identity statements in the glue map and randomly choose one when sending a message. It also would make sense to simply avoid occurrences and just use associations.
There is other neat things you can do with the glue. If you fragment it, you can ensure that only if a certain number of people agree (provide their fragment), the whole message can be decoded.
Comment by Robert Cerny — November 19, 2013 @ 5:39 pm
Robert,
In some ways your proposal reminds me of a dictionary. That is like your message map, a dictionary is just a list of identifiers. In order to “decode” the message, you have to know the meaning and order of the identifiers.
Especially since some of the identifiers may be noise or deliberately intended to mislead.
So the message map, as opposed to being “delivered” to a recipient, could be posted to a public website.
Only if you have the “glue” map would the message map be meaningful.
Assuming the “glue” map consists of a dictionary of words with several hundred identifiers for each word. Responsibility of the sender to never use the same identifier twice. With 128-bit identifiers that should not be too difficult. 😉
The selling slogan could be: “Can you decipher a message without semantics?”
And if the “glue” map is lost or destroyed, there is no recovery of the message, ever. (I am assuming padding of the message map with meaningless identifiers that are indistinguishable from others, by form and frequency.)
Comment by Patrick Durusau — November 20, 2013 @ 11:59 am