|
|
|
|
|
|
by cedws
881 days ago
|
|
|
I see Skiff also advertises itself as "end-to-end" encrypted. This is the same misleading advertising as ProtonMail is guilty of. Traditional email cannot be E2E encrypted because of protocol limitations. You can technically achieve E2E encryption if using PGP, but if the private keys are not in your control then it is effectively pointless. ProtonMail can only guarantee E2E encryption without PGP if you are sending email to another ProtonMail user. I don't know if Skiff also offers this special kind of encryption. Either way, they should be more upfront about the level of privacy they can offer. I had a read of Skiff's page on E2EE. It is very carefully worded and, from a skim read, is not upfront about the fact that un-PGP'd email sent and received through Skiff can be read by Skiff. https://skiff.com/blog/end-to-end-encryption-email Oh, one more thing. Skiff's SMTP server (inbound-smtp.skiff.com) is running on AWS in the United States which means it will be beholden to US warrants. Skiff does not have a warrant canary. Getting big Crypto AG vibes from this. |
|
|
> All emails between Skiff users are end-to-end encrypted, including both subject and contents. External mail is encrypted with your keys on receipt, keeping it private.