36
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 04 Aug 2024
36 points (100.0% liked)
Technology
37805 readers
74 users here now
A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.
Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.
Subcommunities on Beehaw:
This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.
founded 2 years ago
MODERATORS
Email in itself is an outdated protocol. Even if you're selfhosting it, and have the best opsec practices; if the other person uses gmail then you're fucked anyway.
Not having mandatory security is a legit issue, but there isn't a drop-in replacement that does, not in 2024. You're gonna need widespread support, support for file transfer, federated operation, resistance to abuse, client software on many platforms, etc.
And email security is way down the list of things that I'd be concerned about. At least with email, you've got PGP-based security. If you're worried about other people's mail providers attacking mail you send them, that's getting into "do you trust certificate authorities to grant certificates" territory, because most secure protocols are dependent upon trusting that.
Like, XMPP with OTR is maybe a real option for messaging, but that's not email.
EDIT: Not to mention that XMPP doesn't mandate security either.
Security is getting better on the transport side.
@Estebiu
Then again, it's useful to filter out the gmail zombies.