I’ve been seeing comments about mailing lists. They usually want plaint text emails like these.

You are viewing a single thread.
View all comments View context
6 points

They just need to tunnel the data and let the client decrypt it. Basically what Proton does with their bridge app. And also basically what Tuta’s client does.

permalink
report
parent
reply
2 points

Fair enough. The clients are open source, nothing’s preventing anybody from making a gateway if that’s the real desire.

permalink
report
parent
reply
9 points

Frankly, I can’t really wrap my head around what services like Proton and Tuta are trying to do, so in turn I can’t get a clear idea of the threat model.

They’re basically running encrypted file storage servers that are used to store email messages, forcing their users to use proprietary protocols to access them. But sending and receiving email messages implies messages passing through other, non-encrypted servers.

The only scenario where they’d approach anything resembling security is if both the recipient and sender are on the same service. Not even passing messages between two such services (Tuta & Proton) is really secure. And since the vast majority of the average user’s messages are exchanged with other servers it means that the vast majority of their messages have a copy in clear on at least one other server out there, and have passed through clear relays that are also not encrypted at rest, making more potential copies available.

So what exactly is solved by having one copy encrypted if there are non-encrypted copies readily available?

permalink
report
parent
reply
8 points
*

Data at rest. I totally agree for normal email usage patterns email is unencrypted. But most people have a massive multi-year backlog of archived messages. There’s no reason that can’t be encrypted.

The benefit tuta provides is the entire backlog is encrypted on disk, client side encrypted. That means you’re unencrypted exposure is only live messages, and not your backlog. It reduces your risk window.

It’s good data hygiene to keep all of your data at rest encrypted.

For the scenario where email is sent between two tuta users, The message is encrypted with the other users key and the service never sees the unencrypted message. But as you indicated that is a vanishingly small percentage of the population. And nowadays you would just use signal or simple x to message somebody securely directly. So email is definitely for the legacy world

This is equivalent to having full disc encryption, your email client always downloading all the email to disk and deleting it from the server. Your email archive is encrypted at rest. The difference here is it’s a cloud service provider, so you can have different clients on different devices all synchronized.

permalink
report
parent
reply

Programming

!programming@programming.dev

Create post

Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!

Cross posting is strongly encouraged in the instance. If you feel your post or another person’s post makes sense in another community cross post into it.

Hope you enjoy the instance!

Rules

Rules

  • Follow the programming.dev instance rules
  • Keep content related to programming in some way
  • If you’re posting long videos try to add in some form of tldr for those who don’t want to watch videos

Wormhole

Follow the wormhole through a path of communities !webdev@programming.dev



Community stats

  • 3.1K

    Monthly active users

  • 892

    Posts

  • 7.7K

    Comments