“email is inherently insecure, email can never be secure, it leaks a LOT of metadata and only the body is encrypted, subject can NOT be encrypted, you can NOT build a secure system on top of email”

  • fxomt@lemmy.dbzer0.comM
    8·
    1 day ago

    Question: why not use a protocol built and strengthened around secure chatting specifically?

    Why not SimpleX or signal?

    • adbenitez@lemmy.mlOPEnglish
      3·
      1 day ago

      it is all about the sassy retro style and base64 MIME body

      more seriously: Signal is centralized and based on phone numbers, and as said by Signal themselves: “Privacy is Priceless, but Signal is Expensive” https://signal.org/blog/signal-is-expensive/ while email infra is WAY more economic and decentralized

      SimpleX maybe but I it is not powerful/flexible nor as solid/mature as email server infra

      • fxomt@lemmy.dbzer0.comM
        3·
        1 day ago

        I see, thank you. I think delta is audited too so it’s pretty solid.

        Though, if you advertised delta/arcane directly instead of a meme, people might not have been so angry haha. You’re free to make a post about them but please do cite the audit :)

        • adbenitez@lemmy.mlOPEnglish
          3·
          1 day ago

          I didn’t want to advice/promote DeltaChat/ArcaneChat, they are not the only possible way of using email securely, just came here with the meme as a way of leaving out a rant because I have seen a lot of people talking like that and it is by now an urban legend people just repeat like parrots and pointing to articles that basically are misleading. Had a recent discussion about that in the Privacy Guides forum and just came here with the meme to shake the frustration away ;-)

          • fxomt@lemmy.dbzer0.comM
            2·
            1 day ago

            Yeah i checked that thread, that user that kept bickering seemed like an asshole, sorry. I think delta/arcane is pretty novel and noble.

            Standard OpenPGP e-mail encryption protects message contents, but not message headers such as From, To and Subject fields. To protect Subject header Delta Chat and other email clients such as Thunderbird and K-9 Mail replace Subject with “…” or “Encrypted Message” and place real Subject into the encrypted part of an e-mail message

            Clearly they didn’t even read the audit 🤦‍♂️ Thanks for your good work, btw :D