▲ | em-bee 6 hours ago | ||||||||||||||||||||||||||||||||||
Centralization is not a security property true, i wasn't thinking about security here but reuse of infrastructure. signal doesn't reuse infrastructure because it needs its own servers. End-to-end encryption that the user can’t accidentally downgrade from that's a fair point. that doesn’t spray valuable metadata across the Internet i find that a gross exaggeration. yes. metadata can be read by every server the mail passes through. but in practice most mails are only touching the sending and the receiving mail server. if both of those servers are in control of the sender and recipient and the connection between them is encrypted then the metadata remains private. also, where i use deltachat, the alternative is to use email. I think the average person doesn’t know what an encrypted email is which is why we need more encryption by default. adoption outside of corporate S/MIME is marginal. because it is to hard to use. deltachat makes it easy to use. next possible step: delta mail. a more traditional mail client that makes encryption as easy as deltachat does. The goal is to actually put users in a position where adversaries struggle to collect the kinds of data and metadata that would allow them to harm people there is a long road to get to that. more encryption is just one step, but a necessary one. i agree with you, but the goal can't be reached if we don't work on multiple fronts. one of those is helping people to learn about encryption and privacy, which only happens by slowly getting them to use better tools and by improving those tools. rejecting deltachat is rejecting something that improves the current state for something better that is not obtainable by some. sometimes that makes sense, especially if the solution promises more than it holds. and deltachat would fall into this if it were to promise complete privacy. but i don't think it does that. i have friends who outright refuse to sign up to a new service. but deltachat is ok because they can use their existing email for it. technically that sounds the same as saying that with signal you can reuse your existing phonenumber, but people already have much higher privacy expectations to sharing their phone number, and also deltachat doesn't share your email address except with recipients so it really isn't the same thing. | |||||||||||||||||||||||||||||||||||
▲ | woodruffw 6 hours ago | parent [-] | ||||||||||||||||||||||||||||||||||
> if both of those servers are in control of the sender and recipient and the connection between them is encrypted then the metadata remains private. Why are we entertaining this hypothetical? It isn’t true in practice; the average user doesn’t control their mail server. The average user is using Gmail or Outlook, where their metadata is a single subpoena away. And again, it just isn’t true: you need not just control over the server but also strict transport security for this property. This is not widely true of mail servers on the Internet. > rejecting deltachat is rejecting something that improves the current state for something better that is not obtainable by some. I don’t agree. I think the average user has multiple high-quality E2EE messaging technologies available to them, and that Delta Chat effectively muddies the water by providing a worse security posture with the trappings of a familiar-but-unsecurable ecosystem (email). (I also don’t know why people think Signal shares your phone number with people other than recipients. To my knowledge, that has never been the default and presumably never will be, even with their private contact discovery protocol.) | |||||||||||||||||||||||||||||||||||
|