I'm just a girl, incrementing the counter on the number of times I have been sent a plaintext email from a Protonmail user telling me that the message is encrypted.
-
-
@futureisfoss @jjacobsson @evacide you mean my F15 lacrosse pole was not really the same titanium used in fighter planes? Maybe that is why they exploded on contact....
@LovesTha @futureisfoss @jjacobsson @evacide That must have been awkward during your lacrosse matches. Did you get penalized when it happened?
-
I'm just a girl, incrementing the counter on the number of times I have been sent a plaintext email from a Protonmail user telling me that the message is encrypted.
@evacide haha yes
-
I'm just a girl, incrementing the counter on the number of times I have been sent a plaintext email from a Protonmail user telling me that the message is encrypted.
@evacide
We probably have to ditch email altogether instead of raising awareness.And sorry didn't boost your post. Even in here I believe there are still a lot of people who won't get your joke.
-
@futureisfoss @jjacobsson @evacide you mean my F15 lacrosse pole was not really the same titanium used in fighter planes? Maybe that is why they exploded on contact....
@LovesTha @futureisfoss @jjacobsson @evacide @roadskater I would imagine that the structural loads a fighter jet needs to survive and those a sports tool need to survive are quite different /silly
-
"Military grade encryption" is another one
Actually anything "military-grade" is almost always used as a marketing term, not just in tech products.Personally I always try to use noncommercial alternatives where I can, like Mastodon for example. It's so much saner when they're not trying to sell you something, like the listings here - https://www.directory.trade-free.org
And people should donate to these good projects to support them.
@futureisfoss @jjacobsson @evacide personally, I'd rather use civilian encryption than military encryption, as the former is at least hopefully not going to be designed with backdoors of some kind
-
-
@LovesTha @futureisfoss @jjacobsson @evacide That must have been awkward during your lacrosse matches. Did you get penalized when it happened?
@roadskater @futureisfoss @jjacobsson @evacide Didn't happen to me, but there was a recall that was done with pretty generous terms. As the exploding when hitting something did happen.
(Fact checking myself, I found this article, which may be a news paper relaying what STX was saying about them, which would have had PR spin included: https://www.chicagotribune.com/1997/07/09/manufacturers-recall-lacrosse-sticks-and-chaise-lounge-chairs/ )
-
I'm just a girl, incrementing the counter on the number of times I have been sent a plaintext email from a Protonmail user telling me that the message is encrypted.
@evacide yeah like, have we stopped pretending encrypted email is actually a viable thing that works and doesn't break apart if you as much as look at it wrong yet? no? O well, I keep hoping the world will learn eventually, but hope is fading fast
-
I'm just a girl, incrementing the counter on the number of times I have been sent a plaintext email from a Protonmail user telling me that the message is encrypted.
@evacide Can you expand on that? ProtonMail loudly claims to be e2e encrypted to me, but the claims seem less than credible if mails is sent to a proton.me address from an unencrypted place like gmail
-
Do you think Proton's marketing is a bit confusing here? They keep saying their emails are encrypted, I assume what they mean is that they keep the info encrypted on their server. And maybe they also use end-to-end encryption if both the sender and recipient are using Protonmail - tho I'm not really sure about this one so correct me if I'm wrong.
@futureisfoss @evacide they definitely don't do as good a job as they used to in explaining the limitations of their encryption setup. They used to be very explicit in their marketing that end-to-end encrypted email only worked between two proton users and that for everything else, the email was just encrypted at rest. The marketing still alludes to that, but it no longer explicitly says it. For email to non-proton users, they offer PGP (meh) and a password protected email scheme.
-
@evacide Can you expand on that? ProtonMail loudly claims to be e2e encrypted to me, but the claims seem less than credible if mails is sent to a proton.me address from an unencrypted place like gmail
@davecb @evacide They are very clear in their marketing and documentation that e2e only works if you are sending between Proton addresses. They are more important as a Google alternative... I wish they would focus on that instead.
(Edit: to be clear, this is a response to @davecb . I know @evacide knows what she's talking about.)
-
I'm just a girl, incrementing the counter on the number of times I have been sent a plaintext email from a Protonmail user telling me that the message is encrypted.
@evacide but I thought PGP was bad
-
I'm just a girl, incrementing the counter on the number of times I have been sent a plaintext email from a Protonmail user telling me that the message is encrypted.
@evacide State of the art ROT-26 encryption.
-
R relay@relay.infosec.exchange shared this topic
-
Do you think Proton's marketing is a bit confusing here? They keep saying their emails are encrypted, I assume what they mean is that they keep the info encrypted on their server. And maybe they also use end-to-end encryption if both the sender and recipient are using Protonmail - tho I'm not really sure about this one so correct me if I'm wrong.
Exactly. The key is that all protonmail emails are encrypted at rest on their servers and they do not have a backdoor into them like Microsoft, Google, yahoo, etc etc.
-
@evacide State of the art ROT-26 encryption.
@rmd1023 pfft, I have switch to ROT-4082 years ago
-
@davecb @evacide They are very clear in their marketing and documentation that e2e only works if you are sending between Proton addresses. They are more important as a Google alternative... I wish they would focus on that instead.
(Edit: to be clear, this is a response to @davecb . I know @evacide knows what she's talking about.)
-
@CAWguy I would think it's possible...
As a former PM, I'd wonder if competitive position and/or deeply embedded technical differences make it a tough sell, though. -
@evacide
I know that all too well. For example, pharmacies that say, "You can send it to me by email. We have a secure address!"
I had to send some private information to an accountant recently. Their proposal was to email it in an encrypted spreadsheet and then email the password in a separate message. Their other proposal was to use WhatsApp, which is not compatible with either ethics or self-defence.
In other news, we are changing accountants.
-
@CAWguy @wcbdata @evacide This is just slightly automated pgp and has basically all the same ergonomic issues. Encryption is lost the instant anyone forwards or ccs someone outside the network and there's no way to fix that without purpose built clients. At that point you might as well be using chatmail or signal.
