privacyguides
/
privacytools.io
Archived
1
0
Fork 0
Code Issues 304 Pull Requests 47 Activity

Add security warning to email lists #1543

Merged
jonah merged 2 commits from gpg-email-warning into master 2019-11-30 19:06:57 +00:00
Conversation 2 Commits 2 Files Changed 2 +18
2 changed files with 18 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
pages/providers/email.html
View File

@ -5,4 +5,13 @@ title: "Best Secure Email Providers for Privacy"
description: "Find a secure email provider that will keep your privacy in mind. Don't settle for ad-supported platforms. Never trust any company with your privacy, always encrypt."
---
<div class="card border-danger">
<div class="card-header text-danger"><i class="fas fa-exclamation-circle fa-fw"></i> Warning</div>
<div class="card-body">
<p class="card-text text-danger">Even when using end-to-end encryption technology like GPG, email is inherently insecure and should not be trusted for sensitive communications. Metadata is always communicated in plaintext, and even when encryption is used correctly it is very easy for either party to acidentally respond to or forward a previously encrypted message in plaintext in many clients. GPG also does not easily support modern crypto functionality such as key rotation and forward secrecy.</p>
<p class="card-text text-secondary">We recommend the following email providers for routine notifications and messages from other services that require an email address. For communications that <strong>need</strong> to be safe and secure, you should use a dedicated instant messaging tool, such as Signal.</p>
<a href="/software/real-time-communication/" class="btn btn-outline-secondary">Recommended Instant Messengers</a>
</div>
</div>
{% include sections/email-providers.html %}

9
pages/software/email.html
View File

@ -5,6 +5,15 @@ title: "Email Clients"
description: "Discover free, open-source, and secure email clients, along with some email alternatives you may not have considered."
---
<div class="card border-danger">
<div class="card-header text-danger"><i class="fas fa-exclamation-circle fa-fw"></i> Warning</div>
<div class="card-body">
<p class="card-text text-danger">Even when using end-to-end encryption technology like GPG, email is inherently insecure and should not be trusted for sensitive communications. Metadata is always communicated in plaintext, and even when encryption is used correctly it is very easy for either party to acidentally respond to or forward a previously encrypted message in plaintext in many clients. GPG also does not easily support modern crypto functionality such as key rotation and forward secrecy.</p>
<p class="card-text text-secondary">We recommend the following email providers for routine notifications and messages from other services that require an email address. For communications that <strong>need</strong> to be safe and secure, you should use a dedicated instant messaging tool, such as Signal.</p>
<a href="/software/real-time-communication/" class="btn btn-outline-secondary">Recommended Instant Messengers</a>
</div>
</div>
{% include sections/email-clients.html %}
{% include sections/email-alternatives.html %}