49
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 12 Mar 2026
49 points (90.2% liked)
Privacy
9329 readers
3 users here now
A community for Lemmy users interested in privacy
Rules:
- Be civil
- No spam posting
- Keep posts on-topic
- No trolling
founded 2 years ago
MODERATORS
…email will inherently be a lot less secure than messaging, no matter what you do.
If you truly want to be private about something, don’t email it lol
Even PGP?
...TBF, getting your counterparty to also use PGP is the heavy lift there.
Security yes, privacy not especially.
PGP lets you encrypt the messages and sign them to digitally prove you sent them.
It doesn't help with the problem here which is that the metadata of who you are (the IP used to log into the webmail and the email address of the sender) and who you're talking to (the email of the recipient) and when (timestamps etc.) were able to be leaked.
In fact, depending on the implementation, PGP could be considered slightly worse for privacy because you'd have the added identity proof of the message having a signature that only you could create with your private key (although that's encrypted, it's a stronger identity proof than the sender email address). It also generally leaks the recipients' key IDs too (although that's configurable) PGP is great for accountability, message confidentiality and non-repudiation. Not so much for privacy. For that you'd need other systems.
Good point re: metadata. Keeping that private is an underrated aspect of security.
People like Jeffrey Epstein running one of the biggest blackmail networks in the planet and at the same time blatantly emailing each other about it from gmail really amazes me. Either they are that stupid or powerful enough that they just don't care.
Is it really so hard to make it secure? If both parties are using some kind of secure email client, couldn't the clients just encrypt and decrypt the subject/content?