15
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 21 Jun 2025
15 points (100.0% liked)
Information Security
330 readers
1 users here now
founded 2 years ago
MODERATORS
Once a mail server gets hold of your mail, it can basically do whatever it wants with it, including forwarding it to FAANG MXes, HTTP POSTing it to the NSA or publishing it on Pastebin. This is one of the reasons why we push for end-to-end encryption, there can be no confidentiality or integrity otherwise.
I’m w/you on the e2ee, of course. But this requires both people to partake, so the suggestion is broken in most non-p2p situations. In a world where govs, NGOs, and most people are incompetent, e2ee is not generally available. From there, do you want to function at all? You can be 100% dysfunctional if you insist on e2ee. I am almost there, actually. Countless businesses lose my business because they are not on the ball w/security. And gov offices get paper correspondence from me because their digital attempt stinks.
But there are situations where e2ee is not strictly important for a particular situation. Yet I will be damned if I have to dance for Google or MS to get their servers to accept my msgs, all to help the scumbags profit from seeing my payload. So I will send an in-the-clear email to non-FAANG recipients in some cases.