this post was submitted on 29 Nov 2023
76 points (91.3% liked)

Technology

59374 readers
7834 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

I don't understand why it took us 50 years to figure out how to do encrypted messaging-over-email. Anyone wanna swap email addresses?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] -4 points 11 months ago (1 children)

What about Protonmail or other email services that doesn’t directly connect to conventional email protocols?

personally, i don't trust protonmail, so i haven't tried it, but i think... it just doesn't work lol.

[–] [email protected] 2 points 11 months ago (4 children)

What's the issue with proton? Just the UI being a bit shit?

[–] [email protected] 2 points 11 months ago

they make a lot of promises about security, but email can truthfully only reach a certain level of security. the comment from @[email protected] shows weaknesses in relying in protonmail to protect various aspects of your communications, but they sell themselves as TOTALLY SECURE.

the lady doth protest too much.

so they're no more secure than, say, google, when you implement your own e2ee on top of email with PGP or something. but the promises of enhanced security actually set people up to expect more than that. coupled with the fact that they don't even let you use imap or pop, it's not exactly a hacker's dream service.

[–] [email protected] 2 points 11 months ago

The UI has improved a lot since their re-brand, so I doubt that's it.

[–] [email protected] 1 points 11 months ago

Proton only uses E2EE for the message body (including attachments). The subject and headers are not end-to-end encrypted.

That's not entirely unreasonable, since they use that data for the search function on the server side. Nobody's really cracked the nut of E2EE search, though there's been some interesting research in the field recently.