I'm just a girl, incrementing the counter on the number of times I have been sent a plaintext email from a Protonmail user telling me that the message is encrypted.
-
@CAWguy @wcbdata @evacide Most eMail is encrypted in transit across the network/internet. SMTPS (SSL/TLS encrypted mail delivery using certificates for verifying identities & negotiating encryption keys) has been a thing for a long time.
It's the eMail provider that's the issue. Once the message is received, the server itself has a plain-text copy, even if the backend storage has filesystem-level encryption.
The real solution is for all eMail clients to have PGP/GPG, with a directory server that publishes public keys.
That way you can query the directory server with my eMail address, receive my public key, then encrypt your message with that key, and then it traverses all of the internet plumbing in an encrypted format that only the intended recipient can decrypt.
The percentage of people who do this is very, very small in the context of the entire internet.
@JustinDerrick Thanks for the long description. So would this small percentage of people using this setup be due to a network effect/getting friends to comply issue, or do most people simply not care about privacy?
-
@JustinDerrick Thanks for the long description. So would this small percentage of people using this setup be due to a network effect/getting friends to comply issue, or do most people simply not care about privacy?
@CAWguy You'd have to get everyone you know to leave their webmail providers, and only receive eMail with specific physical devices (phone / laptop / desktop). I haven't been able to get anyone I know to give up their webmail accounts, even by offering them free hosting and vanity addresses on my mail server.
-
@CAWguy You'd have to get everyone you know to leave their webmail providers, and only receive eMail with specific physical devices (phone / laptop / desktop). I haven't been able to get anyone I know to give up their webmail accounts, even by offering them free hosting and vanity addresses on my mail server.
@JustinDerrick Those are definitely many steps too far! I merely suggested using Signal at a small non-profit where I volunteer, and I could see the eye rolls at me.
-
@JustinDerrick Those are definitely many steps too far! I merely suggested using Signal at a small non-profit where I volunteer, and I could see the eye rolls at me.
@CAWguy Yeah, many years ago, I presented info about Signal to a nearby non-profit. Their President still sends stuff through SMS, even after having made it a requirement for their entire team to start using Signal.
The inertia of bad habits is very difficult to overcome.
-
I'm just a girl, incrementing the counter on the number of times I have been sent a plaintext email from a Protonmail user telling me that the message is encrypted.
@evacide rot26-encrypted
-
"Military grade encryption" is another one
Actually anything "military-grade" is almost always used as a marketing term, not just in tech products.Personally I always try to use noncommercial alternatives where I can, like Mastodon for example. It's so much saner when they're not trying to sell you something, like the listings here - https://www.directory.trade-free.org
And people should donate to these good projects to support them.
@futureisfoss @jjacobsson @evacide A friend is in the US navy and told me "military grade" means "outdated, hard to use, developed by the lowest bidder contractor".
-
I'm just a girl, incrementing the counter on the number of times I have been sent a plaintext email from a Protonmail user telling me that the message is encrypted.
@evacide This message reaches you encrypted with the devilish rot0 algorithm.
-
I'm just a girl, incrementing the counter on the number of times I have been sent a plaintext email from a Protonmail user telling me that the message is encrypted.
@evacide @zarchasmpgmr if we all believe hard enough maybe it will come true
-
I'm just a girl, incrementing the counter on the number of times I have been sent a plaintext email from a Protonmail user telling me that the message is encrypted.
@evacide Be a large pile of nickels by now, huh?
-
Same problem with Tuta.
for email, I pretty much settle for 'not automatically surveilled', and use something else if it needs to be better than that.
-
@riverpunk You have come to the correct conclusion, yes. In the meantime, I do need to come up with suggestions for what people should do about sensitive email and I have to cut through a lot of misleading advertising claims in order to do it.
