[gioele]

In encryption there is no "good": it is either "perfectly working" or "fundamentally compromised".

If there is only a small flaw in an encryption system, be assured that it will be exploited to break down the whole system. A simple example are all the issues with random number generators producing not perfectly random numbers; yes, it is just a slight problem in an otherwise good solution but that problem completely debases the overall system.

[sipior]

Yes gioele, I know. But we're not talking about flaws in the mailpile cryptosystem. Obviously their implementation of GPG will have to be professionally vetted. The other flaws (vulnerability to traffic analysis, reliance upon the recipient to store the message contents securely), are, to put it mildly, very hard to solve with email in its current incarnation. Taking the piss out of the mailpile folks because they don't solve these issues seems churlish at best.

With luck, they'll deliver a good, self-hosted gmail replacement with a secure mail store that's easy for folks to install on their own. That's surely a step forward.

[toyg]

Not really. NSA already use their mail mass-dumps mostly for aggregated analysis, to pinpoint networks of interlinked individuals which they can then pass to other agencies for parallel construction.

Mailpile will not change that.

At the very least, we need metadata encryption right about now.

[sipior]

I don't disagree with your last statement, but I also wish to point out that there are, believe it or not, other reasons to encrypt email that do not involve the NSA.

[bhitov]

That is not correct. There can exist flaws that cause loss of entropy that do not entirely compromise a cryptosystem.