Issue 2: Making it easy to encrypt
Issue 3: Popularizing encryption or getting more people to do it
Why?
It’s hard for personal communications. The server shouldn’t know the keys, and they need to survive for decades.
This article is about encrypting the body of the email which is easy* but no widely implemented standard exists.
* Stupid easy for two nerds to email securely.
* Stupid hard to work with multiple people and non-nerds.
I have lost chat histories more times than I can remember, and I have to be extra diligent about this these days.
I don’t even want to think about pgp when I have to manually take care of this problem. Not because of my own skills, but because I could never make it reliable for my family and friends on their side.
As per Signal’s diehard proponents, losing chat history is a feature, not a bug (I’m not being facetious when saying this, and you can see comments of this kind in Signal related threads here).
Edited to add: I don’t agree with that premise and have long disliked losing chat history.
I have edited my previous comment to reflect that I don’t like losing chat history.
Than he should use something else. I need signal to be secure first, second and third and reliable in edge cases like this a distant number.
I am tending now to running Mautrix Whatsapp bridge and backing up my data through this.
Poor are those people who are forced to hide their message in encrypted formats,
Most people keep their emails behind a password for a reason...
The other day someone was shocked to see that I don't have FB and instagram accounts. When did people lose their freedom not have social media accounts?
Proton doesn't provide public APIs for retrieving the public GPG keys associated with their users' accounts, nor do they provide a way to send encrypted mail to their users' accounts without using their official apps.
Ergo, Proton is not really working to further the state of cryptography for email, they're only working to compel users to use their proprietary software (and ultimately their paid services).
If services which do automated sending of emails to their subscribers/users have no way to encrypt those emails for its users who are on proton mail, I don't understand how Proton can claim to care about encryption.
At present time, the best way to assure privacy is to lease (using cryptocurrency) VPS instances in a neutral, privacy-respecting country and self-host a web-mail stack oneself. There isn't really a practical way around this because powerful nation states are able to demand access to customer data from almost every cloud/VPS provider in their jurisdiction.
I wish the client stored it decrypted once received.
https://www.latacora.com/blog/2020/02/19/stop-using-encrypte...
tomlockwood•1h ago