![]() The third, “Paranoid Mode” does never get any key, encrypted or otherwise. This means that the user doesn’t have to trust their servers and gets true end-to-end encryption. Just like with PM, only an encrypted key is saved on their servers, which has to be decrypted on access by the user. The second mode, “Cautious Mode” works similar to Protonmail, though seemingly outside of browsers as well. To prevent this we set the passphrase blindly thus locking us out. The only account capable of extracting the key is the HSM supervisor. Though now, they claim these are stored in a “hardware security module” which isn’t accessible by them, though this sentence worries me a bit since it is hard to prove: Their “Trusful mode” is similar to how Lavabit operated in the past, using TLS keys on their servers. However, even better, it is apparently capable of encrypting any metadata and allows users to choose how much trust they’d like to put in their servers. They have a new more secure implementation of encryption called DIME which is Open Source and can be used by anyone who’d be willing to set-up their own service, like what Protonmail did previously. Yes, the only service with enough integrity to publicly decline a NSL has returned and appears to be better than ever. This should make the encryption between their servers and a browser accessing them more secure overall, especially keeping in mind that their open-source encryption solution for the mailbox very much relies on a secure connection between the two. So recently, two things happened which are somewhat connected with competitors to riseup’s mail service:ġ.) Protonmail made their site accessible via a Hidden Service WITH SSL: Tor encrypted email, file storage, calendar, and more ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |