undefined | Better HN

0 pointsblululu4y ago0 comments

End to end encryption is a privacy feature by itself. The example of using an email service to send a mass email to a dislist is irrelevant to the possibility that it would also be able to preserve privacy in other communications. You could send an email directly to the local police chief if you wanted but that does not preclude wanting privacy elsewhere.

0 comments

3 comments · 1 top-level

lavabiopsy4y ago· 2 in thread

I think you are confusing privacy with security, which is a common mistake, not your fault -- end-to-end encryption is what secures the messages, by itself it does not ensure that the messages get to the right place or that the encryption keys are belonging to the right people. It needs to be used in combination with other methods and techniques. Explicit features that are in the domain of "privacy" would be ensuring messages are deleted on a regular basis, or some kind of key cycling, or an anonymizing service like tor, etc.

To use your example of emailing the police chief: let's say your threat profile is that you're being stalked by a criminal, and you want to email the police to give them information on this crime, but you don't want the criminal to know. If the criminal breaks into your email, or if your house is broken into and a hidden camera is placed behind your computer, it makes little difference whether you have end-to-end encryption or not, your privacy is still violated. Does that explain it better? Maybe Proton could have some better messaging around this, if their customers are getting privacy and security confused?

dvdkon4y ago

I think you're using a definition of end-to-end encryption that's too narrow, same with privacy. E2E schemes try to ensure that your messages can only be read by their intended recipient. That's undeniably a privacy feature, since having private messages read by a third party (without consent) would be a privacy violation.

Security and privacy are intertwined, imagine your server getting hacked (security problem) leading to your private documents being exposed on the internet (privacy violation).

lavabiopsy4y ago

I understand they are billed that way but in practice I don't believe they fulfill that goal, as the job of making the messages unreadable is mostly already done by transport security (SMTP TLS). Sure it can protect against some things if the mail server is the target, but as we see here, there is still a large amount of identifying metadata that they (unavoidably) have on you. The goal with "privacy" is to ensure that your communications are undetectable and unidentifiable, and I would hardly call it that if it's still regularly going through a well-known mail server attached to a highly identifiable account. And of course it depends on how much you actually use the E2E encryption which is technically optional, for example if you send/receive a lot of mail from gmail users that aren't using S/MIME, which still seems to be the case for a lot, then it won't be enabled and your messages are still vulnerable in a server hack.

j / k navigate · click thread line to collapse