[Python-Dev] Offtopic: paranoia
R. David Murray
rdmurray at bitdance.com
Mon Sep 9 17:36:32 CEST 2013
On Mon, 09 Sep 2013 17:11:21 +0200, Jesus Cea <jcea at jcea.es> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 06/09/13 21:34, R. David Murray wrote:
> > Note that I said that single signon *itself* was overrated. If you
> > use the same token to authenticate to multiple sites (and here the
> > 'token' is the email address) then your identities on those sites
> > are ipso facto associated with each other. *If* that email address
> > is also never leaked (never displayed, even to other signed on
> > users, all communication with the site encrypted), then you only
> > have to worry if the sites exchange information about their
> > accounts, or if the government comes knocking on their doors....
> >
> > Yes, I'm paranoid. That doesn't mean they aren't listening.
>
> Being paranoid is good. Fix for this is actually trivial: Use
> different emails for different "personalities".
Yes, that's exactly my point.
> If you are doing things you really NEED to hide, virtual machines and
> TOR is the way to go.
Well, it would helpful if a lot more people started routing traffic
through TOR even when they didn't NEED to. I plan to start doing so soon.
--David
More information about the Python-Dev
mailing list