| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 14 Nov 2007 22:34:33 +0100 From: Frank Guthausen <fg-bugtraq@...-server.de> To: bugtraq@...urityfocus.com Subject: Re: Standing Up Against German Laws - Project HayNeedle Hello. On Tue, Nov 13, 2007 at 04:38:39PM -0500, Valdis.Kletnieks@...edu wrote: > On Tue, 13 Nov 2007 13:07:02 PST, johan beisser said: > > The logs don't contain context, just who/where/when. While > > encryption will prevent (one hopes) the capability of recovering > > context, who you talked to is not kept private or otherwise secret. > > It's probably a good idea to deploy encryption *now*, and use it for > *everything*, and be ready for when (not if) they decide to be more > draconian in their logging requirements. AFAIR the German situation is as follows: Any German email provider having more than 1000 customers has to provide a method for giving government access to the mailbox including the ability to read the content. Access should be controlled by judges. If there are more than 10000 customers it has to be done with hardware, so called sina boxes. Even if there is not a precise definition of customer (person, company, contract) it is quite clear that the law has got an impact on users of t-online, web.de, GMX, Freenet and others. This law started Jan 1st, 2005. The data retention law is a possibility to analyze social networks even if email is encrypted. There are other purposes, too. regards Frank
Powered by blists - more mailing lists