|
First of all, I really respect Moxie's choices and am very grateful for his work. What he wants to do, it's entirely his choice. Never meant to imply otherwise. > Those who favour convenience over security are part of a huge problem that faces the Internet. I'm not necessarily in favor of convenience, the problem is I cannot trust a binary blob communicating with a proprietary server, even if I can trust some of the people that worked on it, at least for now. I cannot trust something like WhatsApp. Signal I can trust, because at least it is open-source and up for review, but Signal will not succeed in being popular. At least not when it makes the same design choices. You say they cater to different markets, but I don't see a difference. For example Signal considers the phone number as being the username, just as WhatsApp. Hence I end up carrying more about freedom than security. When I changed my email provider from Google Apps to FastMail, nobody noticed and I value that a lot. > If you work at any company that has credit card numbers being used for either expenses or customer details, you'll quickly find that with a search for 16-digit strings within e-mails will give results That may happen, but we've got strict policies in place. Nothing over email is communicated that's more important than source code. And given that source code lives in a Git repository provided by a public service, it would be ridiculous to do encrypted email, but not have behind-the-vpn on-premises Git repositories. And I know mistakes are made, etc. I still want federation more than I want end-to-end encryption. |