@lauren It is important to describe the limitations here. E2EE here would be useful when emailing with third parties. Since is proprietary software, users just have to trust to do the right thing. Technically, it is easy to build E2EE where the service can get the private keys and decrypt as they like. Given participation in etc, proprietary Gmail cannot provide trustworthy E2EE, especially considering most emails stay within Gmail 1/2

@lauren and audits are the only way to provide trustworthy . Apps like , with /#Megolm, with , , provide trustworthy E2EE because they are built on open standards, free software, and have been publicly audited. That is the standard all services should be held to in order to be labeled trustworthy. Anything else just means you have to trust the service operator. 2/2


@guardianproject @lauren And of course is a key part of this whole picture, allowing anyone to confirm that the exact binary that is running on their device matches the source code as published and audited.

Sign in to participate in the conversation
Librem Social

Librem Social is an opt-in public network. Messages are shared under Creative Commons BY-SA 4.0 license terms. Policy.

Stay safe. Please abide by our code of conduct.

(Source code)

image/svg+xml Librem Chat image/svg+xml