- cross-posted to:
- privacyguides@lemmy.one
- cross-posted to:
- privacyguides@lemmy.one
Proton: “We’re consolidating our social media presence due to limited resources and no longer posting on Mastodon. Follow us on Reddit for the latest updates”
Proton: “We’re consolidating our social media presence due to limited resources and no longer posting on Mastodon. Follow us on Reddit for the latest updates”
Sender and recipient can’t be encrypted e2e. How would the server know to whom deliver the email if those are encrypted and not visible to it?
AFAIK tuta encryption extends to the subject line only.
Still a nice addition, don’t get me wrong, but I believe you misunderstood something.
From their own doc:
Contacts and everything else is encrypted similarly in all “secure email” providers, including Proton.
Thank you for the correction.
“End-to-end” is a bit of a misnomer in this case. Both Proton and Tuta apply encryption after receiving email in the general case, since email is not sent with E2EE across different providers (in general). Both Proton and Tuta can see your incoming email (body and all) from external servers in the general case — they just don’t store it that way. (This is different when sending email between two Proton users or two Tuta users.)
Yes, that’s absolutely true. Assuming a full PGP flow, (e.g., proton to proton) even in that case the recipient and other metadata (in tuta, excluding subject line) is still visible to the provider.
Hopefully the more people move to secure providers, the more the general case will be transparent PGP, but we are a long way from there…