Posts: 4,229
Threads: 97
Joined: Sep 2016
I have gotten into reading Greg Hurwitz's books. One of these series is the Orphan X series. In it they have this security protocol. Two people have access to the same web email account. But rather than send emails, they both edit the same draft email. The idea is that no information gets transmitted over the Internet. Clearly information is being transmitted over the internet, or they couldn't modify the draft email.
But I was thinking about it, and I wondered if maybe that was still more secure than sending an email. But I don't know enough about internet protocols to know if it is or isn't. Anyone more knowledgable than me care to shed some light on the issue?
Posts: 7,080
Threads: 122
Joined: Sep 2016
This post talk about it.
Petraeus and lover used al-Qaeda email tricks to keep affair secret
I guess it can be somewhat safer as the draft info is kept in database.
Quote:There is no way of knowing if deleted drafts are preserved, so better assume they are kept.
Also, getting behind this trick might be as easy as searching the provider's database
for email accounts that produce high amounts of drafts but rarely actually send emails.
Instead, encrypt your emails.
Posts: 3,458
Threads: 101
Joined: Sep 2016
Most email is sent over ssl, so the actual transmission of email is already fairly secure. The only real weak points are the end points, and this draft-only approach is 100% end point lol.
Posts: 5
Threads: 3
Joined: Nov 2019
(Dec-08-2019, 02:40 AM)ichabod801 Wrote: I have gotten into reading Greg Hurwitz's books. One of these series is the Orphan X series.
I've seen that novel at the book store, and read the back. It seemed a lot like Jason Bourne, but a more detailed description on wiki makes it seem like a combination of Bourne and The Equalizer.
Is that true?
Posts: 4,229
Threads: 97
Joined: Sep 2016
It's really more the Equalizer than Bourne. Orphan X is an off-the books covert operative who got out of the business and now helps people who need it, but his former compatriots are trying to kill him. That's very much the Equalizer. Obviously, he's got a lot of training, like both of the others. But it's just training from a very young age, it doesn't have the psychological twist that Bourne does, and he doesn't have amnesia or anything like that. Well, maybe a little OCD.
Posts: 2,344
Threads: 62
Joined: Sep 2016
(Dec-09-2019, 05:25 PM)nilamo Wrote: Most email is sent over ssl, so the actual transmission of email is already fairly secure. The only real weak points are the end points, and this draft-only approach is 100% end point lol. +1 to this, I think this is the best answer that addresses the OP.
That said, email historically has been very insecure (no SSL) so that is a potential problem, but for example Gmail to Gmail is never going to be plaintext to an attacker, except at the end point.
Posts: 2,955
Threads: 48
Joined: Sep 2016
I was thinking two years ago about creating tmux session and just open vim. Then both, me and someone else could connect to that session, one of us remotely and edit the same vim document.
Also, this can be done with netcat and ssh
|
