You are viewing a single comment's thread from:

RE: Who's Been Reading Your E-Mail?; A Simple Solution for Better E-mail Privacy and Security

in #security8 years ago

Keep in mind that emails you send FROM protonmail to NOT PROTONMAIL may or may not be encrypted in transit (depending both on how tolerant protonmails' servers are to non-TLS-speaking smtp endpoints and on the configuration of the remote smtp server in the target domain).

They will definitely NOT be encrypted in the other persons' email provider.

If you want to achieve that, then you need PGP.

Windows: https://www.gpg4win.org/
Mac: https://gpgtools.org/
Linux: https://gnupg.org/

Also keep in mind that all the encryption protonmail does for your email, while great, is dependent on the javascript being served to you; if their webserver is compromised, or they are "somehow" compelled to give someone access.. all bets are off.

I'd still recommend protonmail, use it myself, but know the advantages and disadvantages.

And more importantly, don't be lulled into a false sense of security.

8 years ago in #security by
$0.06
  • Past Payouts $0.06
  • - Author $0.05
  • - Curators $0.02
2 votes
Reply 2
Sort:  
  • Trending
    • [-]
     8 years ago 

    Very valid points. There is an encrypted email option which only sends a link to the recipients who then need to decrypt in browser with password.

    $0.00
      Reply
      [-]
       8 years ago 

      karnal is absolutely on the money here... smtp encryption is something of a crapshoot - STARTTLS downgrade attacks are pretty trivial due to backwards compatibility.

      https://www.elie.net/blog/understanding-how-tls-downgrade-attacks-prevent-email-encryption

      When it comes to email, to be absolutely certain you do have to go full tinfoil hat and install some PGP variant...

      $0.00
        Reply

        Coin Marketplace

        STEEM 0.15
        TRX 0.16
        JST 0.028
        BTC 67628.32
        ETH 2424.36
        USDT 1.00
        SBD 2.35