Oddbean new post about | logout
d7094945 | 5 months ago (raw) | export | reply | flag +1 
 It seems to me that #ProtonMail is lying when they say that they cannot read your emails.

If they don’t have access to your emails, then how could they possibly let you back into your account if you’ve forgotten your password?

Whatever it is that they send to your recovery email to get back into your account, they obviously have access to the same thing, otherwise how did they send it to you?

Am I wrong?

#asknostr #privacy
RayBuni | 5 months ago (raw) | root | parent | reply | flag 
 We need nostr mail
marcelinho | 5 months ago (raw) | root | parent | reply | flag 
 nostr:note1yewsnvjca0kahnpln88zfrj0vyxyst8hxazay2ggall0quvcx3eqxt3d2s
Mguy | 5 months ago (raw) | root | parent | reply | flag 
 I may suggest not using email at all for sensitive communication, but instead use something like Session Private Messenger
d7094945 | 5 months ago (raw) | root | parent | reply | flag 
 Yes. Setting a recovery email can be bad OPSEC because you can possibly be identified by it.

But that’s not the point. The point is that ProtonMail has access to your shit, otherwise they wouldn’t be able to help you “recover”.
Islamic Audiobooks Central | 5 months ago (raw) | root | parent | reply | flag 
 A lot of talk and claims about #e2ee simply misses the point. Best expose I've heard so far is by the #Jitsi founder on Watchman Privacy:

https://watchmanprivacy.libsyn.com/2023/02

from: 00:06:47
d7094945 | 5 months ago (raw) | root | parent | reply | flag 
 Seems false. Decrypts it how? You no longer have access. Therefore you have no way to decrypt anything.