I'm not sure I understand how half the attack surface on email is avoided simply by not using email, given the attack surface is metadata and the other information held at rest on the persons own computer, alongside the indexing and command history both of which are noted as significant risk irrespective of transport security. Seems like much or even all of the problem is information sharing irrespective of how its done.
That's too binary for me. Email will never go away, that much I can say with confidence. If I can get some people to PGP encrypt their email and further encrypt attachments that may be good enough even if that leaks meta-data. That encrypted email could simply say, "For all further communication about topics x,y,z use text files on this SFTP server and for any other topic use this mail server without encryption to feed our adversaries dummy data." For what it's worth I should add that numerous businesses have fully automated PGP for transferring encrypted financial data between trusted parties. Chances are your payroll data is PGP encrypted at some point and transferred over chroot sftp-only connections based on my employment experience.
I managed to get some lawyers to PGP encrypt rather than storing data on their "secure" centralized platform that has terabytes of juicy delicious lawyer-client privileged content thus guaranteeing it will be hacked assuming it has not been already. For commercial email platforms I delete the emails after transferring them over IMAPS and for my own self hosted email I can DoD wipe the emails then scrub the encrypted disk on a regular basis after transferring over IMAPS to local encrypted storage using non standard ciphers and hashes. Obviously the commercial platform could have a lawful intercept and vaulted retainer storage enabled for my account so deletion may not be entirely useful after some point. Having multiple providers can reduce the effectiveness of lawful intercept. Either way that means my adversaries have to get off their lazy butts and face me.
There are almost always many other options somewhere in the middle. When I see people trying to push their ideologies with binary options on others I have no choice but to assume there must be some ulterior motives. I accept that means I am intentionally attributing malice to their glowing agenda.
The one case I can agree that insert any E2EE is a LARP is when someone or something else is managing the keys and encryption seamlessly such as Proton, Google, Apple, Signal, Facebook, etc... Exactly what this article is promoting in the name of but PGP is old.
Two can keep a secret if one is dead.
reply