this post was submitted on 29 Nov 2023
76 points (91.3% liked)
Technology
59374 readers
7834 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
deleted
who do you KNOW doesn't suck? myself, i like disroot, but i still prefer to encrypt any comms that go across their services, because i can't explicitly trust them. i don't even (really) trust riseup.net. it's always best to encrypt anything thats sensitive yourself and control the keys.
deleted
i think it's worth pointing out that pgp-protected messages would still be secure in the case of the kolektiva breach, not that anyone is e2ee for mastodon messages.
if you (and your friends) control your (and their) keys, then the actual contents of your communications can't be compromised. i think email is fine if you understand the limitations.
deleted
i would never bother with anything that i consider to be highly secure over any clearnet service. but for keeping advertisers out of my messages or just run of the mill dragnets, or spot-censorship (like how facebook or others forbid certain links), i think deltachat is a really reasonable solution.
but to this point:
deltachat has an option to delete server-side.
deleted
you're asking more than i really know here. i haven't even convinced any of my friends to use it. it was hard enough getting their email addresses lol.
deleted
this is my settings screen. it looks like you would need to actually ask your friends to turn on the server-side purging.
if you are a deltachat user, it creates a directory for your deltachat messages. if not.... you are strongly encouraged to use deltachat :P
can't you just make a rule
maybe. depends on your client or provider
personally, i don't trust protonmail, so i haven't tried it, but i think... it just doesn't work lol.
What's the issue with proton? Just the UI being a bit shit?
The UI has improved a lot since their re-brand, so I doubt that's it.
they make a lot of promises about security, but email can truthfully only reach a certain level of security. the comment from @[email protected] shows weaknesses in relying in protonmail to protect various aspects of your communications, but they sell themselves as TOTALLY SECURE.
the lady doth protest too much.
so they're no more secure than, say, google, when you implement your own e2ee on top of email with PGP or something. but the promises of enhanced security actually set people up to expect more than that. coupled with the fact that they don't even let you use imap or pop, it's not exactly a hacker's dream service.
Proton only uses E2EE for the message body (including attachments). The subject and headers are not end-to-end encrypted.
That's not entirely unreasonable, since they use that data for the search function on the server side. Nobody's really cracked the nut of E2EE search, though there's been some interesting research in the field recently.
Proton should be avoided.
https://www.theregister.com/2021/09/07/protonmail_hands_user_ip_address_police/
https://arstechnica.com/information-technology/2021/09/privacy-focused-protonmail-provided-a-users-ip-address-to-authorities/
https://cyberwarzone.com/protonmail-complies-with-a-record-6000-government-requests-for-user-data-in-2022/
https://encryp.ch/blog/disturbing-facts-about-protonmail/
I do agree that's a fair point about mail.