Seeing it's only for paying enterprise accounts it makes way more sense. Average users will not have access to encryption, only business accounts. Google doesn't want the liability of knowing their discussions so it's all just marketing BS right now unfortunately.
this post was submitted on 31 Dec 2022
26 points (100.0% liked)
Privacy
789 readers
7 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
Its another step in the direction of "email" by name only. Microsoft is doing the same with their outlook/office365 "email" accounts for business customers that are hardly recognizable as normal standardized email any more.
Also I am guessing that they will have keys to get around it when the Feds ask. Or maybe even just have them made for the Feds. When big players like Google really start pushing E2EE (especially when or if they make it standard for the most basic accounts). I start questioning if or how they might be working with (or at least might have undercover agents as employees in the right places) any or all agencies/departments of any/all the intelligence complex. Nice to have E2EE for at least protecting against some non-state actors of course. But if they build methods for decryption "for legal law/government access", then it is only time before non-state actors also get access. Which then effectively results in non-secure messaging (email or other), just with extra steps.
Same. Back in the late 90s when including encryption in your software could land you in serious trouble, then was suddenly okay, the hairs on my neck stood up with the same suspicion.
I wonder if the encryption will work between different encrypted services - so protonmail <-> gmail encryption will work automatically. Or if they will only enable the encryption for gmail <-> gmail correspondence.
We have GNUPG since 1987 you can use it in gmail or another mail server. It is Libre Software.
Tbh email sucks from a security/privacy point of view. The protocol is stone age old and has not aged well. PGP is a security joke (compared to decent protocols).
This might be a bit hyperbolic, but you get the idea. I think that the email spec should be redone from the ground up. I know it's not going to happen tho.
@SrEstegosaurio @dodo
Only the biggest email provider can determine the course of the email protocol. As once one big provider adopts a new protocol it creates a domino’s effect on all the others for many reasons (compatibility, privacy, security)
I definitely agree. From what I understand about email security it's more of a safety net of security right below the tight-rope. What needs to be done is we just need to build a bridge instead of making everyone use the tight-rope.
“End to end encryption” who owns the keys?