Replying to Avatar Schmidt

Email wasn't designed with privacy in mind.

Most emails are transmitted in plain text, making them easily readable by anyone who intercepts them, including governments, service providers, and malicious actors.

If you must use email, encryption is essential to protect your privacy. The best way to encrypt email is using PGP (Pretty Good Privacy). It allows you to encrypt the content of your emails so that only the intended recipient with the correct private key can decrypt and read them.

But PGP can be cumbersome for everyday use, requiring both parties to have the necessary software and keys set up. In contrast, using privacy-focused messaging apps like SimpleX, which offer end-to-end encryption by default and has no user IDs, is a more secure and user-friendly alternative to email for sensitive communication.
Avatar
Juraj 1y ago

mostly correct.

Most emails are actually encrypted in transit these days, non TLS SMTP is actually pretty rare these days (estimates say that around 90% is actually tls encrypted).

you can also publish a policy that an email to your domain has to go through tls or fail delivery, protecting against active downgrading attacks.

of course end to end encryption is the best, so the SimpleX recommendation (or any other e2e encrypted messenger) stands.

https://juraj.bednar.io/en/blog-en/2022/05/03/encrypted-messengers-comparison/

nostr:note1853amryax4pue8mv720fstcwj923yrqgnyta5krycp3hx4slvy2s7ezqh6

Reply to this note

Please Login to reply.

Discussion

No replies yet.