[VMG]

The thing is that you can't do email then.

You can say that google might leak your emails, but the same is true if you use your private email server.

[masterzora]

That's not exactly true. You just need to be super-paranoid and make sure that everything of importance is sent (on both ends) encrypted.

That's still wholly untenable for the real world, but not all paranoid people live in the real world per se.

[tshaddox]

It's unfortunate that simple public key encryption, which has been easily available for many years, is still seen as untenable and "super-paranoid." Any email client, or better yet Gmail, could easily implement it and make it virtually transparent to the user (when both ends of the email are using such a client, obviously).

[masterzora]

I apologise if you have mistaken my meaning! I certainly hope we don't take wider scale encryption to be untenable, but it is very certainly untenable for a single person to use the web in a meaningful way with normal people while maintaining that every single email needs to be encrypted.

[baddox]

I agree. I didn't mean that your evaluation of the current state of things is wrong, but rather that the current state of things is unfortunate.

[gst]

The security of my private mailserver is nearly the same as the security of my laptop. For security reasons I don't use a VPS for email, but a small server that sits in my basement: There are some security measures that will lead to an automatic shutdown in case someone tries to physically access the server and the whole harddisk is encrypted. (Yes - you can call me paranoid.)

[wladimir]

You go through a lot of trouble to try to secure an inherently insecure protocol (email). Or do you mainly use on-the-wire encrypted mail as well?

[gst]

I don't care about things like (short-term) wiretapping. But I care about the fact that I have stored about 15 years of mail history.