On Sun, 24 Mar 2024, William Unruh wrote:

> On 2024-03-23, D <nospam@example.net> wrote:
>>
>>
>> On Sat, 23 Mar 2024, William Unruh wrote:
>>
>>> On 2024-03-23, D <nospam@example.net> wrote:
>>>>
>>>>
>>>> On Fri, 22 Mar 2024, Stefan Claas wrote:
>>>>
>>>>> D wrote:
>>>>>
>>>>>>
>>>>>>
>>>>>> On Thu, 21 Mar 2024, Stefan Claas wrote:
>>>>>>
>>>>>>> William Unruh wrote:
>>>>>>>
>>>>>>>> Of course the problem with rolling your own is that 99% of the
>>>>>>>> computer user have vey little idea about cryptography or about
>>>>>>>> "rolling you r own" "Use PGP" is of very little help since it needs
>>>>>>>> to be made automatic and needs to have a "phonebook" containing
>>>>>>>> people you might want to communicate with and their public keys.
>>>>>>>> Plus you have to make sure to keep your own private keys secret.
>>>>>>>> There are so many ways of messing up and making the system
>>>>>>>> insecure, depite using the best tools. That is of course what
>>>>>>>> companies presumably like Tutanota provide. Unfortunaely with a
>>>>>>>> huge potential security hole. The balance between security and
>>>>>>>> ease of use (both of which are crucial) is delicate. Oepn source
>>>>>>>> is a bare minimum ( so you can check up on their claims, or at
>>>>>>>> least have others check up on their claims). Also you have to make
>>>>>>>> sure that the people you communicate with also have the software,
>>>>>>>> and use it. encrytion is useless if your recipient replies to
>>>>>>>> your missive by quoting it all in cleartext and then adding their
>>>>>>>> own reply.
>>>>>>>
>>>>>>> There is Mailvelope for Gmail and others, which is a browser based
>>>>>>> plug-in and it has it's own key server. This should simplify the
>>>>>>> process of using PGP for encrypted email and you don't have to
>>>>>>> sign-up for tuta, proton.me etc.
>>>>>>>
>>>>>>> https://mailvelope.com/
>>>>>>
>>>>>> Doesn't that just trade tuta for mailvelope.com?
>>>>>
>>>>> Well, I would say no. People can keep their email account and do
>>>>> not need to switch to tuta.com, for encrypted email. Mailvelope
>>>>> is also older than tuta.com
>>>>>
>>>>>
>>>> Sorry, what I meant is that does this not mean that someone could break
>>>> into mailvelop and send malicious updates to people who have the mailvelop
>>>> plugin?
>>>
>>> It is opensource, which is a plus. It is javascript, which I suspect is
>>> a minus (I am not at all sure how safe Javascript is). It is a plugin
>>> into browsers (chrome or firefox), which again is a minus (how much does
>>> it depend on the the security of the whole browser?)
>>>
>>> mailvelope runs on your own machine and encrypts (using a javascript
>>> version of OpenPGP) on you own machine. So the breaking would have to
>>> occur on your own machine. Not sure what you mean by "malicious
>>> updates". Updates of what? mailvelope? I think you would have to
>>> initiate the download and the installation. I presume it does not
>>> initiate and install its own updates.
>>>
>>
>> Ahh... thank you that sheds more light on it, and yes, that's what I had
>> in mind, if mailvelop "pesters" people to upgrade, or even worse,
>> automatically upgrade. That would be an enormous risk in case they are
>> broken into.
>
> Well, if they find a security bug, pestering them to upgrade is what
> they should do. One would hope that if they were broken into, and a
> security flaw introduced and then the cracker sent out requests to
> upgrade, that they would quickly notice and take down the bad version.
> The same is true of the kernel, which would be evenmore of a security
> threat.
>

Then there's not much of a difference. I would think that the kernel
project has more eyes on it than mailvelop. It could also be the
government who probably could throw the entire mailvelop team into prison.