Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 8 Feb 2008 18:12:09 -0700
From:      Modulok <modulok@gmail.com>
To:        "Jeremy Gransden" <jeremy.gransden@gmail.com>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: OT: Whats wrong with gmail?
Message-ID:  <64c038660802081712i430199f4y5808288bdfd60325@mail.gmail.com>
In-Reply-To: <87f7f4170802061326t217ebeaao600f14b9d01412e6@mail.gmail.com>
References:  <87f7f4170802061326t217ebeaao600f14b9d01412e6@mail.gmail.com>

next in thread | previous in thread | raw e-mail | index | archive | help
> what is wrong with gmail?

A few interface annoyances, but perhaps nothing. It depends on what
you plan on doing with it. For me it's convenient. It's one less thing
I have to worry about.

> I just cannot bring myself to trust anyone else for email.  Running your
> own server on BSD or Linux is so bloody easy, if you're paranoid about
> email for archival, privacy, or other reasons, just run your own server.

You have already instilled trust in countless thousands. Is it a
problem? Maybe. It depends on how important one feels the
confidentiality of the information is. For Top Secret classified
documents, I would not use plain text gmail or any other plain-text
service. For online shopping accounts and participating in mailing
lists, I do.

If one really wants to get paranoid, they had best throw in the towel
and crawl under a rock now. "Do not use commercial operating systems,
they spy on you." Probably. Is open-source software any different?
Maybe, maybe not. There is no reason why it should be trusted any more
than its closed-source counterpart. "We can audit the source code."
Not really. Most people would be incapable of this feat, for even the
simplest of programs. Even for those who possess the technical prowess
to accomplish such a feat, do they really have the funding, manpower
and time to audit every piece of code they come in contact with?
Obviously not, for if they did, programs would not have bugs.

Even if one could audit every program they use, what about the
libraries on which those programs depend? How about the system calls?
What about the compiler? If it has been tainted it would be quite
difficult to detect. What about the assemblers? How about the
low-level firmware? Once you get all of those bits audited, over the
course of the remainder of your natural born lifespan, you'll be faced
with the feat of trying to examining the hardware on which the code
runs. After all, if the hardware cannot be trusted, all the rest is
moot.

Security is a very serious business that should not be ignored, but
too many people get too concerned over all the wrong aspects and miss
the big picture. Trust is relative and required, despite your tools of
choice. Even using Linux or BSD, you instill significant trust in a
great many people, most of whom you do not even know.

What's wrong with gmail? It depends on who you ask.
-Modulok-



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?64c038660802081712i430199f4y5808288bdfd60325>