76

I don't understand why it took us 50 years to figure out how to do encrypted messaging-over-email. Anyone wanna swap email addresses?

you are viewing a single comment's thread
view the rest of the comments
[-] LWD@lemm.ee 20 points 11 months ago* (last edited 11 months ago)
[-] federatingIsTooHard@lemmy.world 7 points 11 months ago

Why send messages (encrypted or not) across multiple providers that get to see who you are communicating with, when you are communicating, and how often you are communicating? (i.e. why not just use a dedicated messaging app that we know doesn’t suck?)

who do you KNOW doesn't suck? myself, i like disroot, but i still prefer to encrypt any comms that go across their services, because i can't explicitly trust them. i don't even (really) trust riseup.net. it's always best to encrypt anything thats sensitive yourself and control the keys.

[-] LWD@lemm.ee 15 points 11 months ago* (last edited 11 months ago)
[-] federatingIsTooHard@lemmy.world 3 points 11 months ago

i think it's worth pointing out that pgp-protected messages would still be secure in the case of the kolektiva breach, not that anyone is e2ee for mastodon messages.

[-] federatingIsTooHard@lemmy.world 0 points 11 months ago

if you (and your friends) control your (and their) keys, then the actual contents of your communications can't be compromised. i think email is fine if you understand the limitations.

[-] LWD@lemm.ee 7 points 11 months ago* (last edited 11 months ago)
[-] federatingIsTooHard@lemmy.world 0 points 11 months ago

i would never bother with anything that i consider to be highly secure over any clearnet service. but for keeping advertisers out of my messages or just run of the mill dragnets, or spot-censorship (like how facebook or others forbid certain links), i think deltachat is a really reasonable solution.

but to this point:

, it is inadvisable for privacy to keep data (even in an encrypted form) on a server post delivery.

deltachat has an option to delete server-side.

[-] LWD@lemm.ee 1 points 11 months ago* (last edited 11 months ago)
[-] federatingIsTooHard@lemmy.world 0 points 11 months ago

this is my settings screen. it looks like you would need to actually ask your friends to turn on the server-side purging.

[-] federatingIsTooHard@lemmy.world 0 points 11 months ago

you're asking more than i really know here. i haven't even convinced any of my friends to use it. it was hard enough getting their email addresses lol.

[-] LWD@lemm.ee 1 points 11 months ago* (last edited 11 months ago)
[-] federatingIsTooHard@lemmy.world 0 points 11 months ago

What will this do to your traditional email inbox?

if you are a deltachat user, it creates a directory for your deltachat messages. if not.... you are strongly encouraged to use deltachat :P

[-] HubertManne@kbin.social 1 points 11 months ago
[-] federatingIsTooHard@lemmy.world 0 points 11 months ago

maybe. depends on your client or provider

[-] federatingIsTooHard@lemmy.world -4 points 11 months ago

What about Protonmail or other email services that doesn’t directly connect to conventional email protocols?

personally, i don't trust protonmail, so i haven't tried it, but i think... it just doesn't work lol.

[-] LUHG_HANI@lemmy.world 2 points 11 months ago

What's the issue with proton? Just the UI being a bit shit?

[-] simple@lemm.ee 2 points 11 months ago

The UI has improved a lot since their re-brand, so I doubt that's it.

[-] federatingIsTooHard@lemmy.world 2 points 11 months ago

they make a lot of promises about security, but email can truthfully only reach a certain level of security. the comment from @RTRedreovic@feddit.ch shows weaknesses in relying in protonmail to protect various aspects of your communications, but they sell themselves as TOTALLY SECURE.

the lady doth protest too much.

so they're no more secure than, say, google, when you implement your own e2ee on top of email with PGP or something. but the promises of enhanced security actually set people up to expect more than that. coupled with the fact that they don't even let you use imap or pop, it's not exactly a hacker's dream service.

[-] GenderNeutralBro@lemmy.sdf.org 1 points 11 months ago

Proton only uses E2EE for the message body (including attachments). The subject and headers are not end-to-end encrypted.

That's not entirely unreasonable, since they use that data for the search function on the server side. Nobody's really cracked the nut of E2EE search, though there's been some interesting research in the field recently.

this post was submitted on 29 Nov 2023
76 points (91.3% liked)

Technology

59436 readers
1533 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS