Silk Road forums

Discussion => Security => Topic started by: WinterMoon on September 30, 2012, 03:51 pm

Title: PGP vs Tor Mail
Post by: WinterMoon on September 30, 2012, 03:51 pm
Hello everyone - as you can see, I am a newbie - love this Silk Road!  I have an encrypted ThunderBird email account, but today I discovered Tor Email and I have a question:

Is communication between two @TorEmail.com users as safe as encrypted email? (i.e. We're both on Tor and we are both using Tor email ...

Thank you -  8)

Title: Re: PGP vs Tor Mail
Post by: gromble on September 30, 2012, 04:21 pm
Encrypting is fast, free, and easy. I don't understand why anyone would choose to not do it.
Title: Re: PGP vs Tor Mail
Post by: Wadozo on September 30, 2012, 04:35 pm
Hello everyone - as you can see, I am a newbie - love this Silk Road!  I have an encrypted ThunderBird email account, but today I discovered Tor Email and I have a question:

Is communication between two @TorEmail.com users as safe as encrypted email? (i.e. We're both on Tor and we are both using Tor email ...

Thank you -  8)

To be safe, why not send your encrypted messages using PGP via Tormail.  :)
Title: Re: PGP vs Tor Mail
Post by: WinterMoon on September 30, 2012, 06:00 pm
Thanks very much, everyone.  I can’t figure out how to encrypt TorMail but I did find a Tor add-on for Thunderbird called “TorBirdy” which should do the trick.

Found this posted on a board somewhere while researching my email dilemma:
 
“So if you use SSL without TOR it's like making a traceable phone call speaking gibberish, whereas if you use TOR without SSL it's like making an easy to understand phone call that can't be traced. If you use both no one can tell what you said or where you were when you said it.”

This stuff is making my head spin but I'm catching on ...

Cheers!
Title: Re: PGP vs Tor Mail
Post by: WinterMoon on September 30, 2012, 11:57 pm
Quote
No, it won't.  Your email will still be in plaintext.  You need to use GPG and use the Enigmail Thunderbird plugin.

GURU:  Thanks for looking out for me.  I already have the Enigma plug-in (always have).  The TorBirdy's role seems to be to restrict access to ThunderBird to when Tor is running - that's what I've seen the plug-in do.  In other words, if Tor is not running I cannot open ThunderBird

Thanks again for your help, mate!
Title: Re: PGP vs Tor Mail
Post by: BigEasy on October 01, 2012, 01:22 am
TorBirdy is allegedly written by Jacob Appelbaum.   However, there is no mention of his authorship of this plugin on the Tor website. Furthermore, the TorBirdy plugin does not have a PGP detached-signature created using one of Jacob Appelbaum's PGP keys. Jacob Appelbaum's site is currently down, or unreachable.  Accordingly, there is no way to verify that the plugin was, in fact, authored by Jacob Appelbaum, or whether it was created by someone merely claiming to be him.




Hey Guru & Wintermoon

Jacob's tor-birdy announcement signed with his PGP Key:
https://lists.torproject.org/pipermail/tor-talk/2012-August/025066.html

and the torbirdy github repo is housed at Jacob's github account (ioerror):
https://github.com/ioerror/torbirdy


that said, JFUP!!!
Title: Re: PGP vs Tor Mail
Post by: WinterMoon on October 01, 2012, 11:40 pm
I like this place 8)