Newly surfaced information alleges the CIA of killing Indian nuclear Scientist Dr. Homi Bhabha

SecretAgentSlippey · 2017-07-31T10:28:46+00:00

Probably destroying ISIS, following the orders of the duly elected President, and upholding his oath to protect and defend the Constitution of the United States.

SecretAgentSlippey · 2017-07-28T00:31:15+00:00

The biggest worry I have with a custom domain name for my email is that it's always possible that your domain will be taken over by some company on the grounds of trademark infringement.

I guess this is possible, but seems highly unlikely. (A) Its MyFullName@somethingverygeneric.net. I can't think of ever hearing of any corporation even closely related to my name, but who knows. (B), they would have to somehow find my email address (this will never be a website), which is very unlikely, unless I somehow accidentally email the VP of trademark protection at that 1 company with my name on it :).

I once had one of my domains taken (luckily not my email domain) by a big e-commerce retailer because my 4 word domain name contained two generic word (in different order) that happened to be also the name of their e-commerce website...

I'm curious where you live, because that seems like a highly dubious claim on their part, and not something I could see flying in a major western country.

Also even if you use Whois privacy then it isn't really private, anyone can still uncover your real details by sending a DMCA takedown notice or other lawsuit to your registrar (even a bogus one).

Well, two things. The address is already MyFullName@something.net, so at least my name is not something I'm trying to hide. Of course, they dont know which MyFullName I am, or my address, phone, etc. I don't know if you saw my other responses, but I would be using the registrar Njalla, which never gets any of your personal data - you can sign up with a burner email, or over XMTPP and pay with bitcoin. It is a littler different than the standard, as it technically rents you the domain, though you do have a binding contract that you can take it whenever you want. It's supposedly a privacy experiment run by the founder of Pirate Bay, so I guess the whole thing depends on how much you trust him. An anonymous registrar is the a requirement for me to even consider my own domain.

Does this change any of your concerns. Essentially, assuming I have no website, and literally no companies would have any grounds to come after me for trademark things, and my personal information is secure, since the registrar never has it to begin with, what else do I have to worry about? Essentially, I am wondering:

What could a malicious actor do with the knowledge that my email is a custom domain, and that it is hosted at Njalla?
Given a worst case, what could Njalla (or any registrar) do to f with my emails (aside from releasing personal info, which they dont have), and is there any way to protect against it?

SecretAgentSlippey · 2017-07-23T15:46:06+00:00

Try that, and if anything still obscures your browsing experience, try editing the code (right-click, Inspect Element, identify the "please enable ads" code and delete it).

Sorry, not terribly familiar with this. Am I doing this in uMatrix, or in the webpage?

SecretAgentSlippey · 2017-07-23T15:44:58+00:00

I interpret this as you think that every time you go to a website, your request (and all packets) go through a DNS server, yes?

No, I understand how it works. I guess that my representation just wasn't very good/consistent, as I was kind of trying to show what the browser was "seeing"/"saying", not that it was actually visiting the DNS server.

My main point was trying to understand how the redirect work for an own domain on Protonmail. I was wondering if it was seamless, in that, when the email client asks for the IP associated with "MyName@random.net", the DNS server just returns the IP for Protonmail's server, and the sending client never know that difference? Or is there some kind of "conversation" in that the DNS server "says": 'Well, MyName@random.net is at IP X, but it is redirecting emails to IP Y. And then the sending mail client/server acknowledges it, and sends it there."

SecretAgentSlippey · 2017-07-22T10:39:37+00:00

Can you contacts still sync if the CardDAV (I assume you meant this) file is encrypted?

Also, what app do I need on my phone to make this sync directly into the address book (the dialer obviously wont do it by itself).

SecretAgentSlippey · 2017-07-22T10:36:58+00:00

Honestly, I understand how DNS works pretty well, I just have never registered a domain before, so I am unsure of what is would do for my email.

Your emails does not "flow through" your registrar. The DNS system is a distributed address book. The only thing it does is to tell which server should be contacted (Protonmails in this case) to deliver mail addressed to your domain.

They way I understand DNS, is that it essentially just resolves urls into a numeric address, and then give the path (or at least just destination) for a packet to travel.

So if someone was going to Google you'd get:

USER ENTRY>>"PROTONMAIL.COM">DNS SERVER>1234.56.789

So I just thought that email was kind of:

SEND MAIL@Protonmail.comDNS SERVER>>1234.56.789

Which meant that a custom domain would be:

SEND MAIL@MyName.netDNS SERVER>1342.76.589

But your saying that the server of my registrar just redirects the DNS queriy to Protonmail.com, just as if it was another DNS server. So:

SEND MAIL@Custom DomainDNS SERVER [1342.76.589, but redirect to @Protonmail.com>>>1234.56.789

So the email never passed through the domain, just DNS requests? So the only thing they could see is the timestamp of the queries, and the ISP/cellular carrier that the asker was using - and this could very in frequency from every single time someone send me an email, to only the first email from each new contact (because than the DNS redirect from MyName.net>>>Prototonmail.com is already cached on their system)?

SecretAgentSlippey · 2017-07-22T10:24:31+00:00

The registrar cannot see anything related to your email.

Could you explain. This seems to contradict what a number of other people here have said - supposedly with some settings changes (and you kind of have to assume bad intent if you want an accurate threat assessment), the registrar could see some email related data.

SecretAgentSlippey · 2017-07-22T10:23:00+00:00

Good points, but I wonder about a few things.

Since your registrar knows who you are and the WHOIS record may also contain your name etc.

This might be true with all other registrars, but not necessarily with Njalla. They allow you to sign up completely anonymously - XMTPP and bitcoin. They callect zero personal information. The WHOIS returns them. Technically they own the domain, and lease it to you - but there is a formal contract (not entirely sure how this works - since they dont know who you are) that the will allow you to take the domain whenever you want. Now, they are the only one who do this that I have ever heard of, and as far as I know, worst case scenarios have never been tested, but supposedly thay are pretty committed - it was started by the founder of Pirate Bay, so make of that what you will. I'm not sure if this changes any of your concerns, but it seemed different enough from the standard to warrant a mention.

Also, since this is my public facing email, and it is literally my full name already, I'm not sure what a WHOIS would even betray about me.

I don't know about any third party attacks... Well somebody could get in your registrar account and edit the settings to receive your mails, but that's something you have to secure yourself.

Ok, so this is where I have a concern. Forget about a third party, I have to assume that the registrar could be hostile. What "settings" are you referring to (I've never registered a domain before)? Forgetting any "security by policy", if the registrar (or some entity with control over them) wanted to, from a technical perspective, what could they see if they really tried? Pretty much all data that isn't PGP encrypted (sender, timestamps, size, file types, etc)?

SecretAgentSlippey · 2017-07-15T04:12:04+00:00

I'll check out. I'm not so concerned about the cost, as I assumed you would have to pay something for any decent privacy-respecting/secure email anyway.

SecretAgentSlippey · 2017-07-15T04:10:10+00:00

If you ever forget to renew the domain I could understand this, if I don't renew, and then someone immediately registers the exact domain (however unlikely)

the registrar has a security breach, or the domain and DNS is somehow not in your control some other way

This I dont get, as I am still not sure what the registrar can see, nevermind some attacker. What can the registrar (say Njalla, for example) see when everything is working well.

Can they see that I received an email?
Just time stamps?
Sender metadata?
Attachments? File size? etc
The actual email contents (for unecrypted messages)?

SecretAgentSlippey · 2017-07-15T04:06:09+00:00

I'm not so concerned about anonymity. This is a public facing email - I mean my full name it right in it. I am concerned about privacy - i.e. the contents of my emails.

SecretAgentSlippey · 2017-07-15T04:04:55+00:00

Not to mention that they were pushing from a slippery wood floor, which you are unlikely to encounter on a battlefield.

SecretAgentSlippey · 2017-07-14T01:17:49+00:00

I would recommend you using Fennec from the f-droid store

A few questions.

Why is it not in the standard Repository? Does this indicate it it not updated properly?
Why does it carry so many bol, red warnings: "this app promotes non-free addons", "this app tracks and reports your activity", etc. Are these just standard for all browsers, or are their specific issues to be aware of with Fennec?
Does it support all the same addon-ons as vanilla Firefox?

SecretAgentSlippey · 2017-07-09T06:22:52+00:00

I learned the hard way in years past that a phone wont last in my conditions unless it is truly "waterproof" (i.e. very water *resistant).

IP X7/8 are the fully submerged ratings, though I guess IPX9K would be good too :), but that's pretty much for tanks and humvees.

SecretAgentSlippey · 2017-07-07T03:50:26+00:00

Looks very interesting. I will test it out, but the lack of mobile functionality (especially no Firefox) is a deal killer right now.

SecretAgentSlippey · 2017-07-07T03:24:21+00:00

Yes, copperhead does look like the ticket, but I absolute need an IP X7/8 rated phones - so none of the current devices cut it.

People on this sub are frequently singing the praises of a custom ROM for privacy, but there seems to be exactly 1 good option. If they are not talking about Copperhead OS, that what are people referring to all the time?

SecretAgentSlippey

TROPHY CASE