Oddbean new post about | logout
mattybs | 9 months ago (raw) | root | parent | reply | flag +2 
 I self-host everything I can -- I skip Proton Pass so I can self-host Passky. Email is one of the only things I'm not self-hosting because I see Proton as a great option, and the mobile/desktop/web apps are awesome.

Not to say that I might not still self-host my email someday, but it's lower on the priority list now. 🦾
Ava | 9 months ago (raw) | root | parent | reply | flag +1 
 well said. and i would add, no tool can save you from bad opsec.
zhenya | 9 months ago (raw) | root | parent | reply | flag +1 
 Most common email opsec error?
Ava | 9 months ago (raw) | root | parent | reply | flag +1 
 not knowing email is not private.
zhenya | 9 months ago (raw) | root | parent | reply | flag +1 
 Same with proton?
Ava | 9 months ago (raw) | root | parent | reply | flag +1 
 yes, if you are not practicing other opsec and are emailing with someone who is not using proton.

"Gmail uses TLS (Transport Layer Security)(new window) to encrypt emails by default. That means your messages are secure while in transit, as long as the recipient’s email service supports TLS. But once they arrive, the privacy of your emails depends on what encryption the receiving server uses."

Gmail also holds the encryption keys to your messages. So it can access them and hand over their contents to third parties, like advertisers or governments.

https://proton.me/blog/how-to-send-encrypted-email-gmail
zhenya | 9 months ago (raw) | root | parent | reply | flag +1 
 Ha why are earth does gmail need a key?! So glad to be off of the google. Since setting up with proton, ive certainly curbed what im willing to email to someome, assuming they used gmail or outlook unless i know otherwise.
Ava | 9 months ago (raw) | root | parent | reply | flag 
 🎯