From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id B980B158091 for ; Fri, 3 Jun 2022 10:50:52 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id CF76FE0936; Fri, 3 Jun 2022 10:50:46 +0000 (UTC) Received: from mail-gw.thundermail.uk (mail-gw.thundermail.uk [149.255.60.72]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 67651E08FF for ; Fri, 3 Jun 2022 10:50:46 +0000 (UTC) Received: from mailgw01.thundermail.uk (mail-gw.thundermail.uk [149.255.60.66]) by mail-gw.thundermail.uk (Postfix) with ESMTPS id DF2D2600DCD1 for ; Fri, 3 Jun 2022 11:50:44 +0100 (BST) X-ASG-Debug-ID: 1654253444-0554135d915804240001-LfjuLa Received: from cloud220.unlimitedwebhosting.co.uk (cloud220.unlimitedwebhosting.co.uk [149.255.60.183]) by mailgw01.thundermail.uk with ESMTP id F42rvE3zn48TeFqp (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO) for ; Fri, 03 Jun 2022 11:50:44 +0100 (BST) X-Barracuda-Envelope-From: confabulate@kintzios.com X-Barracuda-Effective-Source-IP: cloud220.unlimitedwebhosting.co.uk[149.255.60.183] X-Barracuda-Apparent-Source-IP: 149.255.60.183 Received: from dell_xps.localnet (230.3.169.217.in-addr.arpa [217.169.3.230]) by cloud220.unlimitedwebhosting.co.uk (Postfix) with ESMTPSA id 6E52CC74EDA for ; Fri, 3 Jun 2022 11:50:43 +0100 (BST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kintzios.com; s=default; t=1654253443; bh=zk/ioeOGVG03WxbtorQmONatv432BpjZC4SQc5ITNIQ=; h=From:To:Subject; b=hcpWuStdH9Qz9xYkCfQw5m4aA7piGxrtHNwqRuCZyFTqmOXAJPIWWNJiQZeEkzpMq UZKucAUmiOkXuRdAUFufQhfbbtspBxby/WPDItBixJYJFSSRkaRvS0w3mmxbh3eZQb haZ+A4UDr1C1jlqNhyN6OC6Ifmlr4xYbt9N/61WA= From: Michael To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Seamonkey automatic email download after switch to Oauth2 Date: Fri, 03 Jun 2022 11:50:42 +0100 X-ASG-Orig-Subj: Re: [gentoo-user] Seamonkey automatic email download after switch to Oauth2 Message-ID: <44714985.fMDQidcC6G@dell_xps> In-Reply-To: References: <33106514-ceee-9041-88de-aed91f414a10@gmail.com> <3673393.kQq0lBPeGt@dell_xps> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart2118144.Icojqenx9y"; micalg="pgp-sha256"; protocol="application/pgp-signature" X-PPP-Message-ID: <20220603105043.1360186.80402@cloud220.unlimitedwebhosting.co.uk> X-PPP-Vhost: kintzios.com X-Barracuda-Connect: cloud220.unlimitedwebhosting.co.uk[149.255.60.183] X-Barracuda-Start-Time: 1654253444 X-Barracuda-Encrypted: ECDHE-RSA-AES128-GCM-SHA256 X-Barracuda-URL: https://149.255.60.66:443/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at thundermail.uk X-Barracuda-Scan-Msg-Size: 1841 X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using global scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=1.9 tests= X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.3.98455 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- X-Archives-Salt: ad879556-66d2-446e-b554-c37bf631b979 X-Archives-Hash: 41c8e0a69ab51360522e67a353fbae3a --nextPart2118144.Icojqenx9y Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="UTF-8"; protected-headers="v1" From: Michael To: gentoo-user@lists.gentoo.org Date: Fri, 03 Jun 2022 11:50:42 +0100 Message-ID: <44714985.fMDQidcC6G@dell_xps> In-Reply-To: On Friday, 3 June 2022 12:15:53 BST spareproject776 wrote: > How did you even enable the oauth thing ? only had security device or > push to an authenticated device available. Then lied and forced enabling > sms as a 'recovery' option. When I enabled OAuth2 it was early days and Google did not ask for 2FA as a prerequisite back then. All you had to provide, for account recovery, was another email address. So I set up a second Google email address for this purpose and cross referenced the two accounts. Some months thereafter Google started asking for 2FA via SMS, before you could access the page to set up app access. More recently they also started asking for DOB, "... for legal purposes". Soon they will be asking for digital ID and a DNA test, or whatever. :p I noticed whenever I tried to login from a remote location Google would block the mail client and also block webmail login if I tried to use a browser. Evidently, geolocation/IP address was being used as a security check. To acknowledge this was not an attempt by some remote and nefarious actor to compromise my account, I had to connect to Google by tunneling via a VPN connection to my home and from there to the Google webmail. After that I was able to login remotely. The question about privacy is a moot point. Privacy is often conflated with identity and consequently with security. All a mail service provider *need* to know is if the person trying to login is the same person who set up/owns the account. A single or multiple challenge-response mechanism over an encrypted network connection is enough to identify the owner of the account via the credentials exchanged between client and server. No sharing of any other private and personally identifiable information needs to be part of it. --nextPart2118144.Icojqenx9y Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part. Content-Transfer-Encoding: 7Bit -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEXqhvaVh2ERicA8Ceseqq9sKVZxkFAmKZ54IACgkQseqq9sKV ZxkfQA//XwPvqPIs3ZXW5ZZEm1rhxKkEzPdJExPBFVrxSPdrPPXpc8C2qLKWZqE+ hLbeZ9YIEJCh/PUTmVXZp4fnkNXuGRCwoQu6U/u/fd5oNGPjlypMC6FYc1Qj5btv mvQRJdZPWgdstugNmB9w01O7o8toa9N9s5XjDT72cqQ+C25FxsiuI2eMWNGdKuRb NIcIb0S0erKXh7bFrCdQcDHDoRuu1GuOngdrLlF5vAKhlVx3ZkcMh5CNgrTglLpg msapW6+PSjOfJsG+cHfgNhYwWv16l2N3olVvMQZBPYlhrUcuDi8gIr2HBxX3kQgk UQXIXEyJZoWEtafouwZ2diluFydcJXkjL2xTeg5yuoI+U6TMwscNRnLli7wn8llY 1jCbqv2p2x0vfy1JW8+Dk5As9Q0djN4KcjeZdJ/gUd2aVr+tl+3pDyYKCDvBCmqr 7mi33kIE42trhYUI98RlbEFo5sjz+3XJ+fUQzPMzub5rhltZJj0iADOdDfZXSfcq sPsh5mrv+yiVmdrBMl19rhl+M/91mlEUTDPBeTAfXraXYaWqzt55L2oD4tZlozEi GvPQgE/1ZE9xQd6wW4AwAqOHL9WWbNVux1TA4jCJAbVv9HZJUeaa0Np/DKIFCL0Q gLl33Ttz7124ElHIv+7HJJgrBp3O7N8WQ0CjqDh9Wl6OYytiihA= =fxTI -----END PGP SIGNATURE----- --nextPart2118144.Icojqenx9y--