Our great sponsors
-
SurveyJS
Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App. With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.
> a new protocol that can degrade gracefully
Does Autocrypt meet that definition?
Sadly, for the last 3 years, ProtonMail has resisted implementing it (unlike Posteo, for example), using FUD tactics to justify themselves:
Deploying via IPFS might also work? Though it'd require having a trustworthy backend storing state ... or I suppose auditing to ensure backend can't inject anything malicious into client layer.
From what I i understand, some cryptocurrency DApps like Uniswap[0] are using this route.
Deploying via IPFS might work indeed, but you're then either reliant on a gateway or have to run IPFS yourself locally. I know that Brave now supports IPFS, but for most people a more lightweight solution would be to install the Signed Pages extension for Chrome or Firefox.[0]
I'm not sure if you actually need a trustworthy backend, or rather, if the frontend is encrypting its state before sending it to the backend, then the worst a malicious backend can do is delete or replay your data. By including timestamps and replicating your state to multiple independent backends, that risk can be largely mitigated.
The linked site is very low on info high on outrageous claims. It is not the same as gmail and protons response to that paper are accurate imo. The fact is web clients are inherently insecure but you can run your own client entirely afaik (https://github.com/ProtonMail/proton-mail). I don't think anybody has evidence of wrong doing but the service is proprietary so...
Related posts
- Daily General Discussion - May 27, 2022
- ProtonMail: Important clarifications regarding arrest of climate activist
- Ask HN: What is a good alternative to SendGrid?
- Listmonk: Newsletter and mailing list manager with a modern dashboard
- Stalwart mail server (self-hosted all-in-one mail server) now as an admin webui