Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Free End-to-end Encrypted Mail and 10 GB Storage (Replacement for G-suite) - Page 2
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Free End-to-end Encrypted Mail and 10 GB Storage (Replacement for G-suite)

2»

Comments

  • emgemg Veteran

    @Jackma1 said:
    never heard of Skiff...

    I assumed that the choice of name was a play on "SCIF", which is a government-acronym for "sensitive compartmentalized information facility" and commonly pronounced "skiff".

  • jlet88jlet88 Member
    edited February 2023

    @emg said:

    @Jackma1 said:
    never heard of Skiff...

    I assumed that the choice of name was a play on "SCIF", which is a government-acronym for "sensitive compartmentalized information facility" and commonly pronounced "skiff".

    Yep. It's a good play on words. People with security clearances would review top secret sensitive documents in SCIFs so it fits really well. So you get your own virtual "SCIF" by signing up for Skiff. I can imagine the big US investors were probably all excited about -- and it kind of does have a fun user-friendly ring to it.

    And with ProtonMail, which was founded by scientists, they're geeking out about the word "proton."

    Then you have "Tutanota" which means "secure message" in Latin. That's pretty good too, maybe not as clever as "Skiff," maybe a bit abstract, but still has a good meaning.

    Then you've got "Mailfence" which isn't a very exciting name (but it's a good service IMO!) -- "watch out, we've got a fence around your mail! It will be protected!" The problem with that word "fence" is that it doesn't inspire confidence... unless it's a seriously good fence.

    There's also "Countermail" which reminds me of "counterintelligence" -- like a bunch of intelligence operatives secretly sending messages to each other.

    Then there was "CTemplar" which was an encrypted service inspired by the Knights Templar who were elite medieval warriors going on crusades.... but that business has closed up shop apparently. It ended much like the crusades.

    Of course you have the famous "Lavabit" which is super hot with bubbling molten bits of data oozing around while decrypted, but then when cool, the data turns into solid impenetrable rock. Pretty good name.

    And of course you've got "Hushmail" -- "shhhhh, we've got secrets to keep!" Unless you cooperate with a government and provide a user's decrypted data... (you can tell I'm not a fan of Hushmail.)

    There are several other encrypted providers but those are the most "obvious" names that imply some kind of privacy or secrecy in the brand itself.

    So I think Skiff might actually be one of the better names TBH, or at least one of the most clever. Judging by names only, do you want your own virtual private SCIF, or a bunch of protons flying around a particle accelerator, some ancient Latin secret messages, an 80's spy thriller, knights running around raiding ancient lands, molten rock burning your fingertips, or people shushing you all the time? Welcome to the world of encrypted email.

    Thanked by 1air4x
  • If anyone is silly enough to believe any of this encryption BS, the must have just born.

    Whatsapp says the same but its messages can be intercepted and read by Whatsapp and spy agencies, there's a backdoor in it. They too bang on about the end-to-end encryption lie.

    Thanked by 1kidrock
  • @asterisk14 said:
    If anyone is silly enough to believe any of this encryption BS, the must have just born.

    Whatsapp says the same but its messages can be intercepted and read by Whatsapp and spy agencies, there's a backdoor in it. They too bang on about the end-to-end encryption lie.

    Thats why end to end, so no one between can read it.

    Thanked by 1kidrock
  • @ascicode said:

    @asterisk14 said:
    If anyone is silly enough to believe any of this encryption BS, the must have just born.

    Whatsapp says the same but its messages can be intercepted and read by Whatsapp and spy agencies, there's a backdoor in it. They too bang on about the end-to-end encryption lie.

    Thats why end to end, so no one between can read it.

    Didn't score too highly in English comprehension test at school I bet, did you?

    Thanked by 1kidrock
  • @asterisk14 said:

    @ascicode said:

    @asterisk14 said:
    If anyone is silly enough to believe any of this encryption BS, the must have just born.

    Whatsapp says the same but its messages can be intercepted and read by Whatsapp and spy agencies, there's a backdoor in it. They too bang on about the end-to-end encryption lie.

    Thats why end to end, so no one between can read it.

    Didn't score too highly in English comprehension test at school I bet, did you?

    I write what i think its correct. Im a native german speaker, so please forgive me.

    Thanked by 1kidrock
  • @ascicode said:

    @asterisk14 said:

    @ascicode said:

    @asterisk14 said:
    If anyone is silly enough to believe any of this encryption BS, the must have just born.

    Whatsapp says the same but its messages can be intercepted and read by Whatsapp and spy agencies, there's a backdoor in it. They too bang on about the end-to-end encryption lie.

    Thats why end to end, so no one between can read it.

    Didn't score too highly in English comprehension test at school I bet, did you?

    I write what i think its correct. Im a native german speaker, so please forgive me.

    Whatapp say they have end-to-end encryption but CIA/MI6/BND can read the messages, there is a back door and so can Whatsapp.

    SO Skiff will be the same end-to-end encryption lie.

    What everyone needs to understand is once you put/transmit something on the internet, do not expect any secrecy/privacy of it. It's all BS.

    Thanked by 1kidrock
  • @asterisk14 said:
    If anyone is silly enough to believe any of this encryption BS, the must have just born.

    Whatsapp says the same but its messages can be intercepted and read by Whatsapp and spy agencies, there's a backdoor in it. They too bang on about the end-to-end encryption lie.

    So I have what may appear to be a long answer below, but it's actually a short one, since this is a huge topic. But I'll try to summarize below.

    TLDR: First Whatsapp is NOT open source. Skiff is open source and audited. They are totally different beasts.

    Now for a better summary, still not complete, but I don't have all day. o:)

    Whatsapp is owned by Facebook/Meta -- of COURSE you shouldn't trust it.

    Skiff is funded in part by Sequoia Capital among several other big Silicon Valley types, and is based in the US -- so of COURSE you should be skeptical since they haven't proven themselves in the market yet. However, again, Skiff is taking good steps by being open source and auditing. That's a positive sign.

    And no one is holding up Skiff to be a paragon of perfection. However, it's definitely not the same as Meta. They really can't be compared in the same sentence.

    As for your various comments about end-to-end encryption being a lie and BS, you clearly don't know what you're talking about simply by lumping together a closed-source app from a proven highly-invasive company like Meta that has repeatedly violated the privacy of billions of people, with an open source audited app from an as-yet unknown company like Skiff.

    But that's okay. Many people get hung up on one term: "end-to-end encryption" and think they're all the same. They are not the same though.

    And you are totally right to be skeptical about all apps that promise some degree of privacy. Everyone should always ask hard questions. That's the key that people need to understand, that it's always a question of degrees of privacy, and you have to do a proper risk assessment to determine what level of privacy you actually need. Most people will probably be just fine with Skiff. It offers a huge increase of privacy over something like Gmail.

    Of course anyone who really cares about privacy wouldn't trust Whatsapp. But even Whatsapp will still be significantly safer to send messages with than, say, SMS, which any 14-year-old kid can intercept and think he's special. Again, degrees of privacy.

    And like I mentioned, yes, we should be skeptical about Skiff, and maybe spend some time going through the whitepapers and source code -- because guess what? We can. Anyone can. You can go through the source code too if you want. And if you can't read it, well at least security experts can, and the larger community of developers can for you. Of course you'll have to trust them for their analysis and audits. That is, if you feel like you can trust them... and then we're back to a proper risk assessment and what passes for the degree that you need to be confident that no one is spying on you.

    For end-to-end encryption to mean anything, you have to trust the encryption, and if you can't see the code, you would be wise to assume that there's a back door or other vulnerabilities that can be exploited, even if you trust the company to be honest. So Whatsapp is already out for any real privacy situation for several reasons. Of course.

    However, the jury is still out on Skiff. It's still brand new, but it is making good decisions so far. Maybe they will turn out to be like Meta, or maybe not. So if you don't trust it, you can skip it and choose something else.

    Other open source end-to-end encrypted services out there have more of a track record, they've been at it for longer, already dealt with big legal challenges, incredible scrutiny and pressure, etc. And some have even been built from the ground up from a nonprofit foundation or started from the beginning as a community-built open source project, so you can judge the motivations of the people who started it.

    Skiff is clearly a for-profit venture, so if you don't trust for-profit organizations, then Skiff should be off your list.

    And since you mentioned Whatsapp, which again is not to be trusted at all, but if you want similar functionality, then you'd know you need to use Signal, which has a very good track record so far, is obviously end-to-end encrypted, has some of the best privacy features, is fully open source and has been analyzed by the very best experts, AND Signal is an independent nonprofit organization. That ticks a lot of boxes, and probably has the highest degree of privacy of any of these kinds of apps.

    Lastly, you are basically right about one general idea that "once you put/transmit something on the internet, do not expect any secrecy/privacy of it." This is generally true in the long term sense since encryption is always a cat-and-mouse iterative game of building and defeating encryption systems. So even Signal may be safe today, but if someone keeps your encrypted data, perhaps in 10 or 100 years, or who knows when, they may figure out how to decrypt your old data. So again, we're back to a risk assessment about the degree of privacy you want or need, today, tomorrow, in 10 years or 100. So if you really want absolute 100% privacy for online communication, don't ever touch the Internet. At least we can agree on that.

    Thanked by 1kidrock
  • 1: who is behind skiff
    2: pop, smtp, (imap) availible?

Sign In or Register to comment.