No, that's not the rule of good security.

The rule of good security is that the amount of effort that the attacker has to spend to penetrate your security, less the amount of effort you have to spend to maintain your security has to be greater than the higher of the value to you of not having your security penetrated or the value to the attacker of the attacker penetrating your security.

In practice, there are four groups of people that a private individual does not want to share his mail with, in roughly descending order of capabilities:

• Major governments and corporations.
  
• His boss.
  
• Gangsters.
  
• Non-work relations (relatives, friends, lovers, grudges, etc.).

For the last two, ordinary levels of caution are perfectly sufficient: Family members are unlikely to defeat even simple precautions, and you don't need to have better infowar capabilities than the scammers, you just need to have better infowar capabilities than the random sucker two blocks down the road.

To prevent your boss from reading your mail, it will probably suffice to assume that he monitors all traffic that touches hardware he actually owns. So maintain strict segregation between work hardware and networks and personal hardware and networks, and never use the former for anything you don't want your boss to read along with. Assume that your boss installs keyloggers on anything he lends you.

Assume that all major governments and most major corporations will read anything you commit to electronic signal in any form.

- Jake

Friends come and go. Enemies accumulate.