30 sats \ 4 replies \ @ek 24 Jun 2023 \ on: What encrypted email service do you use? bitcoin
Don't most mail providers use TLS encryption at least?
Yes, this means your mail provider can read your mails but ...
That's also the case if you have a conversation with someone from another provider afaict.
For example, if a non-Proton user sends a mail to a Proton user, it also uses TLS but the mail is stored using "zero-access encryption". But if you send a message to them, it uses TLS encryption so their mail provider can read your mail:
-- https://proton.me/support/proton-mail-encryption-explained
So I think using SMTP for confidential data is just a lost battle.
Use other services.
Encrypted email is essentially harm-reductive. This is why when choosing a provider I just consider what the provider would do with my information rather than concerns about the email system itself. I have a big issue with Proton's marketing because of that, the way they explain it makes it appear like a perfect system when in fact you need to read in the lines or on privacy policies / support articles.
These posts, while focused on PGP (another annoying system I wish I could use less), It makes a lot of the points and problems 'encrypted' email providers have.
reply
LARP security
lol, but well said. "Encrypted mail services" give a false sense of security.
I think everyone using these mail services (and even paying for them) should read these articles
reply
I like to believe LARP security also boils down to having security that only exists to be shown off rather than having any major benefit. Kind of like Proton's entire "THE SECURE EMAIL™ BASED IN SWITZERLAND™" marketing shtick, and with PGP users showing off their keys everywhere.
As a customer, they're better as an alternative or ethical service - It's the closest bridge to mainstream email service that isn't completely piled on Google or Microsoft.
reply
Thanks for the articles!
reply