Gentoo Archives: gentoo-user

From: mad.scientist.at.large@××××××××.com
To: Gentoo User <gentoo-user@l.g.o>
Subject: Re: [gentoo-user] encrypting emails on more than one email account with same keys
Date: Fri, 24 May 2019 03:57:03
Message-Id: Lfbz-8j--3-1@tutanota.com
1 sorry, obviously i mis-sent that.
2
3 "We the People Dare to Create a More Perfect Union" <aclu.org>
4
5
6
7 May 23, 2019, 9:49 PM by mad.scientist.at.large@××××××××.com:
8
9 > I use Tutanota.com, they allow multiple open sessions, many people can look at/use the same email address if they all have the email addr. and password.  I suspect other encrypted mail providers do the same.  However, if it's actually of value i'd use something more secure.  You can always encrypt documents and send them out over any old email, likely far more securely than plaintext sent encrypted via mail server.  They did have a security flaw in the tutanota software months ago and people got into mail boxes, I've since seen a small amount of spam (I usually get none, aggressive pursuit works!) demonstrating again that humans are usually the weakest part of any security system.  So, how much do you trust people you haven't met?   I suspect most lawyers would agree that email is just a bad idea if confidentiality matters, or the web in general frankly and it's getting worse fast.
10 >
11 > "We the People Dare to Create a More Perfect Union" <aclu.org>
12 >
13 >
14 >
15 > May 23, 2019, 9:39 PM by gtaylor@×××××××××××××××××××××.net:
16 >
17 >> On 5/23/19 1:11 PM, Dale wrote:
18 >>
19 >>> I have to deal with a State entity for some communications and they do that send a link thing to go to a Cisco site to get/send emails. I guess it is somewhat better than just plain open email but as you point out, if they have the email with the link, they do the same as the intended recipient and get the encrypted email too.
20 >>>
21 >>
22 >> Some of these types of sites, most that I've used, configure something out of band, usually a password, such that you have to have that to get logged in to see the message(s) in the future.
23 >>
24 >> I know that my insurance, my bank, and my CC company do this. Just having the link is not sufficient to be able to read the ""secure message.
25 >>