When it comes to the privacy vs usability debate, I come down hard on the side of privacy. Doesn't matter how pretty it is if it's going to get you rubber hosed.
An example of this in practice is eschewing software & services which use privacy and security in their marketing but whose implementations don't hold up under scrutiny, such as Protonmail and Keybase.
A lot of people will defend such products regardless, resulting in a trend I've been thinking of as "privacy roleplaying". It's harmful and needs to stop.
If you're familiar with privacytools.io, by the way, they have a seriously bad problem with privacy roleplaying. I do not recommend them as a resource.
PrivacyTools provides a baseline considered to be reliable and safe based upon criteria and general consensus. We constantly improve and refine.
We always encourage people within our community to consider their threat model. Not everyone needs "dial up to 11" security which usually comes at the cost of UX, or requires substantial background knowledge.
If the choice is between having something or nothing, we encourage people to think about what they need.
Disclosure, I'm a team member.
@dngray why don't you quit privacy roleplaying and actually investigate and explain claims of privacy and how they hold up to scrutiny? Or just keep shilling ProtonMail because you bought their marketing team's bullshit
@dngray "ProtonMail has zero access encryption at rest for your emails, address book contacts, and calendars. This means the messages and other data stored in your account are only readable by you."
Straight up lying
They're pretty clear about what is encrypted:
https://protonmail.com/support/knowledge-base/what-is-encrypted/
https://protonmail.com/blog/protoncalendar-security-model/
Just because someone disagrees with you, does not make them a shill. Personally I do not use ProtonMail (though I have tested it thoroughly). I have a number of mail accounts, mailbox.org, disroot.org, and one hosted at privacytools.io.
That is not to say I think ProtonMail is a bad product however and have recommended it on numerous occasions to people both IRL and through PrivacyTools.
@dngray ProtonMail's privacy "guarantees" are based on trust. Privacy is NOT based on trust, it's based on math.
You need to advise people that accessing their encrypted emails in the web browser is NOT secure, and that they're only taking ProtonMail's at their word that incoming emails are encrypted and that a plaintext version is not stored later, and that if they were compelled to they could store a plaintext copy of your emails.
Actually, ProtonMail needs to be doing this, and because they aren't, you need to stop recommending them. Same for Tutanota.
@dngray you also need to stop recommending Posteo, no support for custom domains is a HARD dealbreaker and you're leading your readers into vendor lock-in. Disgusting.
It might shock you, but most people who use email do not own their own domain.
We clearly state there that you cannot use your own domain with Posteo.
The idea is a reader would consider which option there is most appropriate to their needs.
@dngray "privacy" by populism is a fucking stupid argument, this is just more privacy roleplaying. Usability is never more important than privacy when the stakes are getting black bagged and rubber hosed by the STATE-LEVEL ACTORS you claim to offer tools against on your HOME PAGE
There is also a warning at the top of that page too:
> When using end-to-end encryption (E2EE) technology like OpenPGP, email will still have some metadata that is not encrypted in the header of the email. Read more about email metadata.
> OpenPGP also does not support Forward secrecy, which means if either your or the recipient's private key is ever stolen, all previous messages encrypted with it will be exposed. How do I protect my private keys?
@dngray perfect! Now do it for all the other trade-offs you expect uninformed users to make, and get protonmail and tutanota the fuck out of your recommendation list
It's been there since March 1st 2020: https://github.com/privacytools/privacytools.io/pull/1672/files#diff-338290deae83c3bc8c6392188f6d96b5
It also says, which I am sure you will disagree with:
> Rather than use email for prolonged conversations, consider using a medium that does support Forward secrecy.
And guess what? That's not email.
@dngray I would not disagree with this statement, in fact. I also happen to know that the person who added this statement has also campaigned against the other bullshit privacytools.io is doing, to no avail
I'm pretty sure it was me that added that statement, or at least re-worded it to sound better.
