Submitted by psychothumbs t3_zp40e0 in technology
Bierbart12 t1_j0qkxap wrote
I thought this was common practice on every single message delivery service across the internet for over 10 years now?
rootbeerdan t1_j0qp1qw wrote
Zero knowledge encryption is rare because people don't like losing access to everything if they forget their password.
Even then, email was never and will never be designed to be private. Anyone who says your email is completely private is lying to you. Even ProtonMail has quite misleading marketing because they can trace every email based on the metadata (which they conveniently leave out in almost all of their documentation).
If you want privacy, use Signal.
Nullifid t1_j0qx3bh wrote
Why signal?
rootbeerdan t1_j0r1hhd wrote
Because it was actually designed to be private and collect minimal metadata. The signal protocol is well understood and vetted, so for the 99.99% of people it’s extremely private and secure.
Of course you could go all the way back to using IRC with Tor and then using PGP to encrypt your messages, but if you get to that point E2EE is probably the least of your worries.
Cultural-Height3898 t1_j0rn2rh wrote
Signal is awesome, now if only they'd remove requirement to use phone number that would be perfect.
ColgateSensifoam t1_j0s3e0a wrote
Email is rarely authenticated, let alone encrypted
edman007 t1_j0sxuio wrote
Nah, it's mostly encrypted now. The issue is the way the encryption works they can't use the key the server sent it with in the client. The receiving sercyer has to have key.
If you want end to end encryption you need to use PGP or s/mime
uzlonewolf t1_j0suw6z wrote
Eh, the connections to and between servers are usually encrypted with TLS, just like websites, so it's not like it's completely plain-text either.
alphafalcon t1_j0tsk7q wrote
Yeah, usually... But the default fallback mechanism for "I can't connect via TLS/the certificate doesn't match/is expired/something is wrong" is either to ignore the invalid certificate or fall back to plain text.
It's better that directly sending plaintext but only marginally.
The_Starmaker t1_j0qlg65 wrote
I assume you’re thinking of SSL or something, because that wouldn’t really be possible.
Epistaxis t1_j0tjzh3 wrote
No, it's only been commonly encrypted along each hop of the journey from sender to recipient. It's like sealing your message in a security envelope that's then opened at your local post office, where the postal workers read it and update the database they keep about your personal interests so they can send you better junk mail (or make sure you're not competing with their in-house junk mail business), then they reseal it in another envelope and send that to the recipient's local post office, which unseals it and does the same thing, then seals it again for its final trip to the recipient. End-to-end encryption stays sealed for the entire trip and the postal workers can't unseal the envelope even if they want to. End-to-end encryption with key escrow means your boss is allowed to go to the sorting facility and open your mail but the postal workers can't.
So this isn't offered with the "free" version of Gmail because they can't profit by opening your mail and therefore carrying it for you is a net loss.
Viewing a single comment thread. View all comments