End-to-end encrypted email is bad for you
ownerofhappy.orgThis article is talking about what I call pseudo E2EE, not real E2EE.
- Pseudo E2EE is where an email or chat vendor is encrypting the contents using the keys they generated on behalf of their client of which they can control via targeted ephemeral updates. Most centralized platforms doing E2EE for email or chat is really just pseudo E2EE. It's probably useful for protecting against some junkie that stole your laptop or phone. Pseudo E2EE can be target-bypassed with a warrant by making subtle changes to the client via targeted ephemeral updates.
- Real E2EE is when the email client controlled by the sender and receiver manage key exchanges out of band and encrypt the email themselves, meaning POP/IMAP still work as expected, the server can not see the clear-text version of the body and the client can choose whether to store encrypted or unencrypted. All they get is the meta-data and if that is an issue, do not use email. To hide meta-data use anonymous SFTP on either your home router or a disposable VM instead and encrypt all the contents and zero out the contents and after delivery. Use a ram disk if the contents are small enough and reboot after delivery.
Thunderbird makes doing real E2EE just a few clicks. It's happy-clicky. One can exchange their public keys with friends and associates however they wish. Making local backups of the Thunderbird data folder is trivial and it can be stored offsite wherever the client wishes. Real E2EE can not be bypassed without abducting one of the recipients and putting them under duress warrant and arrest plus threat of imprisonment, torture, etc... There are a myriad of ways to further mitigate these attack vectors.
That is a great distinction to make, though E2EE email providers don't even meet "pseudo E2EE". Unless using PGP, emails are encrypted on the server, making it no more than encryption at rest that can be bypassed without ever updating the client.
Unfortunately most encrypted providers skip through all these details and jump straight to advertising "zero knowledge encryption" which is dangerously misleading
Fair enough. All great points and I agree. I was being too generous with the zero friction E2EE providers. As a side note one of the things that bugs me is that the most commonly used chat platform that advertises fake E2EE is run by the very person that would have shredded anyone saying it when he was younger. It's sad watching people sell out but I suppose I can't blame him as he needed a bigger boat.
Well, these services take a lot of moxie to run