78
submitted 5 months ago by corbin@infosec.pub to c/technology@beehaw.org
you are viewing a single comment's thread
view the rest of the comments
[-] oktux@beehaw.org 1 points 5 months ago

The problem is that almost no one uses PGP, as this vice article points out: https://www.vice.com/en/article/vvbw9a/even-the-inventor-of-pgp-doesnt-use-pgp

If your goal is secure communication with other tech-savvy, privacy conscious people, then I agree that PGP is a reliable, time tested solution.

But if your goal is to keep email providers from data mining your inbox, then Proton is an easy way to do that, no matter who you're communicating with.

[-] unexposedhazard@discuss.tchncs.de 1 points 5 months ago* (last edited 5 months ago)

How can proton protect your unencrypted emails? Unless you are writing someone that also uses protonmail or pgp, the emails wont be encrypted. This is barely an advantage at all over the existing system. You are just telling people to depend on this single point of failure, which is proton.

You cant expect everyone to use protonmail, that would be unwise from a decentralization standpoint. The real solution is only using email for people that are unwilling or unable to use something other than email. For everyone else you should simply switch to different communications protocols that were made with e2ee in mind.

[-] oktux@beehaw.org 1 points 5 months ago* (last edited 5 months ago)

I think we mostly agree, and I appreciate you advocating for secure alternatives and privacy in general!

How can proton protect your unencrypted emails? Unless you are writing someone that also uses protonmail or pgp, the emails wont be encrypted.

That's true. Proton can only encrypt your inbox in that case.

This is barely an advantage at all over the existing system.

I disagree. Having my inbox encrypted and using an email provider that doesn't mine my data is certainly worthwhile for me.

You are just telling people to depend on this single point of failure, which is proton. You cant expect everyone to use protonmail, that would be unwise from a decentralization standpoint.

I'm not advocating Proton over other, more secure and private communication methods. My point is that, if you're choosing an email provider, Proton is a good choice. They're a nonprofit whose mission is privacy, and they spend considerable technical effort to ensure it.

I would hate to see someone switch from Proton to Gmail or some other provider that doesn't offer any privacy because they mistakenly think all providers are the same.

The real solution is only using email for people that are unwilling or unable to use something other than email. For everyone else you should simply switch to different communications protocols that were made with e2ee in mind.

To the extent that's practical, I strongly agree. As you correctly point out, email is a plaintext protocol, and there's nothing Proton can do about that.

But if you do use email and not all your contacts have exchanged PGP keys with you, which I'm sure is true for many people, then I think there's a lot of value in using a provider that offers an encrypted inbox and doesn't mine your data.

this post was submitted on 24 Jul 2024
78 points (100.0% liked)

Technology

37804 readers
137 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS