[Privsec] Re: How safe are Plaxo and other online address books as protections against tracking?

Robert Guerra rguerra at lists.privaterra.org
Mon Oct 10 20:13:22 BST 2005 

If one wants to send secure messages to someone - Plaxo would not be  
my first choice. In fact, it would not be my choice at all. Why trust  
a third party based in the US with your personal information. sigh..

If it's secure communications and/or storage that's needed, then i  
would recommend the following tools:

( List is a basic one)

Secure email / file sharing
Hushmail - http://www.hushmail.com

Secure email - secure email client for mac, windows & linux
Ciphire - www.ciphire.com/

Secure chatting -
Combination of Gaim with Off-the-record plug in  . this allows you to  
send secure messages through most, if not all instant messaging systems)

--
Robert Guerra <rguerra at privaterra.org>
Director, Computer Professionals for Social Responsibility (CPSR)
WSIS Civil Society Bureau, Focal Point for North America & Europe
Tel +1 416 893 0377 Fax +1 416 893 0374



On 10-Oct-05, at 2:59 PM, Ralf Bendrath wrote:

> Claude Almansi wrote:
>
>
>> Yesterday I received an e-mail from a human rights militant in a  
>> country where the internet and e-mail are heavily monitored and  
>> censored by the government: she sent it through her Plaxo address  
>> book as a security measure.
>> I don't know much about tech, but if this is a safe way of  
>> avoiding e-mail monitoring, then this could be a legitimate use of  
>> online address books, maybe?
>>
> I don't know Plaxo well, have never used it. I would generally say
> that if you store personal information on a server that is beyond your
> control, it is more of a risk than if you send from your own local  
> machine. If you really want to be safe, you should be using  
> encryption tools like PGP and an onion routing system or something  
> similar.
>
> But in the end, it all depends on the risk analysis. If country X  
> is surveilling Internet traffic within and across its borders, than  
> it might make sense to use a heavy-traffic service like plaxo.com  
> or even yahoo.com which is based in country Y to sneak through  
> unnoticed. Sometimes using encryption is even more of a risk, as  
> you might pop up as somebody who seems to have something to hide.
>
> I think our member Robert Guerra should be able to answer in a more  
> qualified way, as he is doing consultancy in exactly this field.
>
> Best, Ralf
>

More information about the Privsec mailing list