Hacker News new | past | comments | ask | show | jobs | submit login

Unless you're PGP'ing everything that comes and goes from your mailbox, you have Z E R O guaranteed security. Sure your mail server host may claim that they are hosting only, but you can never be sure that an employee has not gone rouge. What if the host decides to start monitoring your mail server upstream?

Host the server at home instead? Well do you trust your ISP? I imagine you don't.

Trust along the entire transit of the message, as well as the final destination? Can't there either.

So in the end it doesn't matter if there's yet another service in the middle. API or host or anything. If you're not encrypting it locally it doesn't matter. Period. The only point you can sell on is you are removing a service that can cause a point of failure. But don't act like it's more secure than before.




I'm well aware of that. Right now it's just as important for me to try to manage my security and privacy.

Hosting the mail server at home would be a possibility (we have a fiber connection). I could also place a server in the datacenter of a friend and do the mail hosting myself. I don't want to spend the time to manage my email hosting since I'm depending on it. Running your own mailserver is not as easy as it sounds like. It's rather time consuming when you want to do it in a sound way: - Spam filtering - DKIM - SPF - Security etc... Sure I could follow a $random_tutorial but then I would surely miss a couple of best practices. I don't think this time is well spent because I'm paying other people more knowledgeable about email to do it for me. That's a conscious decision I made. I rather not have an additional party involved when I see no need.

Please note that also used to run/help run a couple of large mail servers. So I have a general idea how they behave and what to do.


I'm not sure your "all or nothing" approach is feasible. Reducing your attack surface is a worthwhile security pursuit.


But that's how security works. Reducing the surface area is great, nothing wrong with that. However, the system is only as strong as the weakest link. E-mail is hilariously insecure, so just avoiding a single layer, API, or applications and calling it done is not enough.


Using your logic you have to send me all your passwords. I'll take them by email please.

(And don't bother to PGP encrypt them as you can't trust the Debian GnuPG maintainer either.)


> Using your logic you have to send me all your passwords. I'll take them by email please.

Where the heck was that written? That's not how Public / Private Keys work AT ALL.

> (And don't bother to PGP encrypt them as you can't trust the Debian GnuPG maintainer either.)

You do realize you can download, review, and compile from source? It's called Open Source for that very reason.

I expect more of an educated response on Hacker News than the one you have just demonstrated here.


While I generally agree, there is always the caveat of the Ken Thompson hack: http://programmers.stackexchange.com/questions/184874/is-ken...




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: