Quote from: vlad1m1r on May 29, 2012, 10:56 amI would rate its security somewhere between sending a plain text e-mail and sending a GPG encrypted e-mail, leaning heavily towards the plain text side! Yep, very heavily.Quote from: vlad1m1r on May 29, 2012, 10:56 amI have to confess though I do use Privnote to protect the mailing addresses I use for my customers to send cash in exchange for Bitcoins as many of them are new to cryptography and haven't yet mastered GPG - as such I do worry more about the information remaining on their hard drives if sent in an e-mail as opposed to being removed from the site after a certain amount of time.Alternatively you could use an anonymous remailer. There are even a couple that can be reached from within the Tor network, but chances are the email will still be sent in plain text through the clearnet at some point.Most people using anonymous remailers prefer to use GPG with them.Quote from: vlad1m1r on May 29, 2012, 10:56 amAs you say this doesn't protect you from man in the middle attacks, even though Privnote do use SSL and also there's a risk that after the note is deleted it could still be recovered by Privnote themselves and handed to LEO.I'd say that's quite high, it would be simple for them to replicate any data submitted to their site. As for MitM attacks, sometimes they're rebadged as an Internet filter (censorship tool) and sold as a commercial product.Quote from: vlad1m1r on May 29, 2012, 10:56 amOf course you would still need the corresponding message containing the Privnote link to demonstrate context e.g that a person had uploaded their address specifically to receive illegal drugs, and not just to receive a CD but I agree it's something of a risk and could in itself prompt further investigation.Essentially it is security through obscurity: relying on only one or two people knowing the URL and that's it. The SSL doesn't really do anything if their generated URLs can be predicted in any fashion.I wonder what method they use to derive the URLs? Is it using /dev/random or /dev/urandom? Are they silly enough to use a SHA sum of the content or the source address? Is there a predictable algorithm? And could whatever method that is being used be susceptible to an attack that would reveal some notes or even specific notes?Quote from: vlad1m1r on May 29, 2012, 10:56 amIn an ideal world, everyone would master GPG and we'd have no need of such sites!Yes, both within Tor and in the clearnet! I'd like to see a world in which the majority of email is encrypted and the only unencrypted things being sent are things like mailing lists.