Hi August,
On 2022-01-28 09:11:00, you wrote to All:
AA> I'm giving it a go. It's actually not too bad. It's almost like Protonmail
AA> (they generate a key/pair in the background, they claim the passphrase is
AA> never on the server, and the messages and attachments
AA> are stored encrypted on their server.) But unlike Protonmail, you
AA> operate the system with a standalone DT program that they provide, and
AA> get to use your existing email address of your choosing. (Protonmail
AA> creates an @protonmail.com address for you). And, ofcourse there are
AA> Android and iOS versions too.
No Linux DT version?
AA> Unlike Protonmail, there is no export of the keys to share or
AA> adapt to another OpenGPG system.
AA> You basically have to trust that all the security concerns on
AA> the FAQ are legit.
AA> They do however store the passphrase using a SHA-1 hashcode. I
AA> thought SHA-1 was depricated.
It is considered no longer safe, afaik...
AA> I wonder if that could be an issue if their database of SHA-1 hashes
AA> ever leaked.
An attacker with enough resources could in theory find some or all passwords.
And of course that becomes progressively easier in the future...
AA> Safester *is* different operationally. It doesn't use the internet
AA> email system. Messages are only between client/server/ client.
So you can only exchange messages with other Safester users.
You're not a good sales person for Safester! Because all the things you mention
make me not want to use it! ;-)
Bye, Wilfred.
--- FMail-lnx64 2.1.0.18-B20170815
* Origin: FMail development HQ (2:280/464)
|
