How faulty is the email platform?

Clever little shit aren't you?

Encrypting it.

Gmail is extremely secure

Battlestation.
FBI approved.
Focusing on the cage...

Make DKIM mandatory
Make SPF hardfail mandatory
Make DNSEC mandatory
Make STARTTLS for SMTP mandatory
Only send email to servers you trust
Use PGP wherever possible

considering all the shit you have to set up to get a working, secure webservers, which other webservers will accept email from.... it's pretty broken

>webservers
*emailserver

That's a pretty budgie!

I miss my bird now.

It's time to face that basically every majorly used communication protocol on the current web is not secure. There's a couple in there with secure chat but they tend to rely on third party servers and closed source platforms. Note that "Muh obscure client" doesn't count if the vast majority of normal users aren't using them.

We probably won't have any decent solution until web 3.0 starts gaining traction

front end encryption.

carrier pigeons are technology

the communications are secure. the problem is giving normies full access to technoligy they don't understand. Who the fuck keeps all they email they've received on their server?? once you read it that shit should go into local storage/backup or be deleted.

Encryption isn't sufficient. This is also a criticism of the modern internet stack as well. Encryption protects the contents of the message, however, sometimes merely knowing who is communicating is too much information leakage for some people/situations. Additionally, the way we handle encryption and identification now, through certificate authorities, is also flawed. The authority can easily abuse it's privileged and give out fake certificates breaking or causing lost credibility to it's users, either through malice or incompetence. And it requires that the certificate authority can verify who you are, usually through the collection of personal information that others have access to unless requested, and even then can be taken if the servers are hacked. PGP and similar "web of trust" security architectures is like all commie "build trust by building networks": shit is run by your average incompetent.

The IDEAL network is completely anonymous (as in no one knows who is communicating), unless the user allows it; completely trustless, unless someone wants it to be; and works without anyone doing a damn thing (i.e. storing keys safely, or blinding trusting someone's pub key).

people who work on multiple devices and prefer not to have to rely on backups of a local pc to keep their email safely backed up

I have an archive of important mails like receipts and accounts going back years, stored on the server and cached in my client so I can't lose them easily

>I have an archive of important mails like receipts and accounts going back years, stored on the server and cached in my client so I can't lose them easily

user I get it, but ask yourself would you want any or all of those emails to be in the front page of the New York Times tomorrow?

>convenience
>security

Choose one, and only one.

Bitmessage

Better, but proof-of-work isn't ideal. What if I want to run that shit on my laptop with a fucking U processor and they have to raise the difficulty to deal with someone trying to corrupt the network with a botnet?

Can you really blame them, when the resources are there, but they aren't utilized on the backend? all of this shit should have been GPG from day fucking one.

>read title of this thread
>avast popup comes up saying "everyone can see what you do online"

im done

there is nothing wrong with email when it's used with the proper security measures

It's incompetent users that are the problem who can't understand who controls their data or what proper security model to use with email

Email is like sending a postcard through the mail system. Neither is faulty.

>This is also a criticism of the modern internet stack as well.
The internet stack isn't for privacy. If you want privacy you build an application layer that's secure. It's not the physical networks job to protect your identity.

>The authority can easily abuse it's privileged and give out fake certificates breaking or causing lost credibility to it's users, either through malice or incompetence.
>easily
>abuse once
>go bankrupt because no one trusts you
>hacked once
>massive shitstorm, every OS drops your certificate
>go bankrupt
it's meant for businesses, not your ultra leet hacker shit

>PGP and similar "web of trust" security architectures is like all commie "build trust by building networks": shit is run by your average incompetent.
Regardless of your opinion of the people using it, they've proven effective

>IDEAL
Nothing in cryptography is ideal. literally not a damn thing. You can forever try to discredit modern approaches to crypto by comparing them to your magic theoretical world, but the fact is that CAs have virtually never failed, PGP has virtually never failed, and when they do it's often the users fault, and not the standard being broken, and when it is the standard, the whole world very swiftly switches to something better

>convenience
>security

This is what's wrong nowadays.
It's totally out of balance.

If I use PGP I encrypt the message with my private key and it is sent encrypted till someone fetches my public key from a keyserver to unecrypt it.

So basicly anyone can decrypt it or am I missing something ?

It just protects the message from being tampered with ?

you don't understand the basics of pki

>web 3.0 or web having anything to do with email
Hmm rmyt

except from the people you should actually be scared off....

Me too.
>feelsbadman.jpg

Fucking knew what this was going to be before even googling it

The last one is too hard for normies.

I do not remember the history lesson at the start, but if this is the vid i think it is, this explains it pretty well: youtube.com/watch?v=YEBfamv-_do