upvote

points

by kgwxd13 hours ago |
comments
upvoteby em-bee11 hours ago|
next
[-]
you can encrypt the content but not the metadata, not even the subject unless you use a customized client that encodes it (like deltachat which doesn't use a subject at all), but then you still have your email address exposed.

for all intents and purposes email is not e2ee.

reply
upvoteby Bender9 hours ago|
parent|
[-]
Email encryption for most people is sufficient even if the metadata is exposed. One can simply state in their email encryption "Bing Bing Bong" or "Why did you not put the trash out?" which might mean to the recipient :: "check the second SFTP server" or "let the cat outside" or "Jump on my private Mumble chat server" or "Get on my private self hosted IRC server". The email message need not be encrypted for that matter.

The intended payload can be in an header-less encrypted file on a throw-away SFTP server in the tmpfs ram disk.

reply
upvoteby tuwtuwtuwtuw4 hours ago|
parent|
next
[-]
So it's end to end encrypted except that third parties can see who you communicated with and when? Sure.
reply
upvoteby Bender3 hours ago|
parent|
next
[-]
Exactly.
reply
upvoteby unethical_ban4 hours ago|
parent|
prev|
[-]
I have never considered metadata a part of the term E2EE. It has always been about the message contents.

I understand that metadata is valuable information for spies/governments and that encrypting or hiding it is valuable for privacy. But if you use that definition, there are almost no E2EE protocols on the planet in use.

First and foremost, any protocol that uses Apple or Google push notifications is giving metadata to those organizations. Even Whatsapp, iMessage, Signal, Telegram private messages, all of that leaks metadata but the contents of messages are hidden from the provider.

reply
upvoteby beeflet4 hours ago|
parent|
prev|
[-]
yeah bro genius, that sounds like a totally actionable thing people will do all the time with email. Be sure to drink your ovaltine
reply
upvoteby Bender3 hours ago|
parent|
[-]
yeah bro genius

I know, right? I admit that is mostly for people on Linux desktops. People on smart phones are 100% monitored regardless of encryption or fake E2EE that platforms pinky promise is really E2EE like Signal. Shame on Moxie, he knows better.

Ovaltine has a crapload of sugar. Don't drink that horse piss.

reply
upvoteby tuwtuwtuwtuw4 hours ago|
prev|
next
[-]
I can bring my own encryption to tiktok as well. Has roughly the same usability and usage.
reply
upvoteby sleepybrett6 hours ago|
prev|
[-]
you can bring your own encryption to ANY messaging platform, doesn't mean it will be easy to use. e2ee just really makes it handy so that users don't need to preshare any keys.
reply