Making your e-mail public
Why would make your e-mail public?
- Try to get public political figures to voluntarily follow to help address corruption
- Make a technical statement against e-mail today being as good as being public
When it comes to global super powers, your e-mail is as good as if it were public anyway. I can provide a few examples of this. First is project Aurora where Google and others got hacked, allegedly to gain access to gmail accounts from Chinese dissidents. At times your own country can turn on you as well, in the case of the US this obviously became possible because of all the terrorism security FUD of all the silly laws being passed that enables US to do a lot of nutty things. For an example go read EFF's account on the NSA syping on Americans. While at it go read the EFF's page on Surveillance Self Defense. We can surely continue to fight for our rights and also help increase security. For example I applaud Google for enabling users to opt in for two-step authentication. They also have developed application specific password support to let your applications get a random password for specific tasks instead of using your password. This is all good, but it still leaves open the issue of our e-mail being good as public to our own government. I obviously don't have anything to hide but its a matter of principle as to why this situation outrages me. If I want to also help fight corruption through example what if... I could open up certain aspects of my e-mail sent to a specific address? This way I give people a heads up that if they use a specific address it will be public. If I want to to receive private e-mails I could simply ask the recipient to encrypt the message with my public key. If I want to open encrypted e-mails I can give away my private key and its password after a certain amount of time.
Sold? I provided a diagram of how I did my little proof of concept. I'm lazy to create a new fancy cool domain name for this purpose but perhaps you might want to for your setup if you want to replicate. To illustrate and provide a proof of concept test case I decided to use my firstname.lastname@example.org e-mail address given that e-mail sent to that address is public anyway and any private data is encrypted by kernel.org admins. The short verbal recipe for the impatient hacker: gmail, a gmail filter for all e-mail sent to email@example.com and add a label for it, two personal boxes -- one public box and another private box, IMAP, two-step authentication, application specific password for IMAP, and a modified NoPriv for Maildir to html converter, git over ssh for transfering only public html data to the public box. NoPriv is a nice little GPLv3 python script does IMAP for you, and then converts Maildir format mailboxes to html, Kudos to Remy for this project, it was the only one I could find using a reasonable language under a reasonable license. I do intent on sending my small set of changes to Remy soon. Thanks to Salvandor Mendoza for letting me use one of his virtual private servers to test this.