Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Are you assuming everyone uses Gmail or do you not know how SMTP works?


You might be surprised just how many mail providers support STARTTLS for email, at least opportunistically.

https://www.fastmail.com/help/technical/ssltlsstarttls.html


And opportunistic STARTTLS is vulnerable to downgrade attacks by MITM.

the problems with email are that, no matter how sure you are that the connection between you and your mail server, and your local and server storage, are secure, the parties you may be interacting with are not. And then, as is talked about in the article, your recipient forwards the mail as plaintext...


And downgrade attacks are mitigated by MTA-STS: https://www.hardenize.com/blog/mta-sts

Not supported by everyone just yet since this is a new standard, but Gmail at least supports it.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: