German infosec agency urges security review after Yahoo! flensing Germany's Bundesamt für Sicherheit in der Informationstechnik (Federal Office for Information Security or BSI) has warned users to reconsider the security chops of their email providers and plugged local services in response to news a billion credentials were stolen from Yahoo! The oft-raided web concern revealed yesterday …
... and your phonebook will be raided. It should become clear that those practices are not welcome and should be forbidden. Especially since you may be as careful as you like, but just give your phone number and address to a naive friend, and it will become part of some online database... which one day will be raided as well.
Quite so - but at least your friends won't have your passwords in their address book! :)
But seriously, this:
"Schönbohm says users should only fill out their real personal information such as address and phone numbers when it is essential."
... means that it may be harder to collate data from a friend's harvested address book with you, if key information doesn't match - so that's one thing. Using different email addresses across different services helps here, too.
Services like GMX, Web.de. Telekom and a few others have set up their mail servers, so that all mail addressed to German servers stay within the country and, when the recipient is part of the "E-Mail made in Germany" initiative, the email traffic is encrypted from end to end.
Obviously, if you send an email outside of Germany or to a recipient who is using a mail server not in the EmiG initiave, then the email will be sent the "old fashioned" way.
Yes, there are quite a few e-mail providers in Germany that seem to care about privacy: https://posteo.de , https://mailbox.org and https://tutanota.com
Maybe German people should support their local e-mail providers. But also use OpenPGP or S/MIME end-to-end, so that not even if e-mail providers receive valid court orders to intercept communications, no one can see anything really private... without at least one of the parts in the communication have idea (malware infiltration still possible, but preventing is also possible in the correct setups and following best practices).
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
