21
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 26 Jul 2024
21 points (95.7% liked)
Monero
1690 readers
6 users here now
This is the lemmy community of Monero (XMR), a secure, private, untraceable currency that is open-source and freely available to all.
Wallets
Android (Cake Wallet) / (Monero.com)
iOS (Cake Wallet) / (Monero.com)
Instance tags for discoverability:
Monero, XMR, crypto, cryptocurrency
founded 1 year ago
MODERATORS
I'd use coin cards if they didn't send the damn private keys over email. Smh
We need a monero gift card vendor that understands security
Email is encrypted in transit using TLS. Use a provider like Proton or Tutanota that also end-to-end encrypts your inbox, and you should be fine. But I agree, it's not ideal.
With the current mess of Proton I would use Tutanota
SMTP doesn't allow requiring TLS encryption between email servers
That means TLS encryption can be defeated by MITM modifying the handshake to say one side simply doesn't support TLS. Boom, no more encryption.
Email is not confidential unless you use e2ee, such as PGP.
Using Proton or Tutanota with coin cards offers no protection here because the problem is coincards. One option is for coincards to let a user enter their PGP key, like facebook supports. Another option is for coincards to hire a security engineer to tell them to stop fucking emailing private keys, and just display them on their website like any other decent gift card vendor.