HackerTrans
TopNewTrendsCommentsPastAskShowJobs

amilich

no profile record

Submissions

Encryption Bans – – – What Is This, Russia?

wsj.com
12 points·by amilich·3 वर्ष पहले·1 comments

Russia Blocks Skiff

skiff.com
2 points·by amilich·3 वर्ष पहले·0 comments

Encrypted Email Company Skiff Wants You to Sign Out of Google Workspace Forever

forbes.com
1 points·by amilich·4 वर्ष पहले·0 comments

Skiff end-to-end encrypted calendar launched

skiff.com
5 points·by amilich·4 वर्ष पहले·0 comments

Custom Domains with E2EE Mail

skiff.com
2 points·by amilich·4 वर्ष पहले·1 comments

Skiff – Private, Web3 Email

medium.com
4 points·by amilich·4 वर्ष पहले·0 comments

Use a crypto wallet for your email

skiff.com
3 points·by amilich·4 वर्ष पहले·4 comments

Skiff for Startups

skiff.com
2 points·by amilich·4 वर्ष पहले·1 comments

Private, Decentralized Collaboration

blog.ipfs.io
3 points·by amilich·5 वर्ष पहले·0 comments

comments

amilich
·9 माह पहले·discuss
Hey - really sorry to hear this - could you email me [email protected]? Here are 3 suggestions to try- 1. Reset your settings.json - if shared with vscode, sometimes settings can cause perf regressions 2. Could you try cmd-shift-p -> "capture and send debugging data"? Will send us some profiling data to debug 3. Clear your user data (will delete chats) as a last resort - cmd-shift-p, "reveal user data," close the app, then delete this folder and restart the app
amilich
·3 वर्ष पहले·discuss
Thanks for sharing! PGP support has been a huge request and enables end-to-end encryption automatically between large email providers for one of the first times we know of.
amilich
·3 वर्ष पहले·discuss
It's enough of other companies making money on our data. That's why I started Skiff (end-to-end encrypted email/docs/drive/calendar)! It's harder to build products E2EE but you get long-term trust from users.
amilich
·3 वर्ष पहले·discuss
Hello :)

Skiff cannot access email content, subject, and header info. To/from/cc/bcc fields are not stored end-to-end encrypted, though.
amilich
·3 वर्ष पहले·discuss
Few notes - iOS issue stems from a recent upgrade from an iframe to a webview. It's fixed on all mobile apps and versions. - All DMARC-failing mail does go to spam. - Caching images on receipt was examined but deemed impractical. It balloons email size from generally 50-150 KB to possibly multiple MB. Even for a personal mailbox, this could lead to 100s of GB being stored. Some version of this could be done on device or in the browser and temporarily stored. I actually think iOS either does this or will do this in the future.
amilich
·3 वर्ष पहले·discuss
Thanks for the report. I am investigating this now.
amilich
·3 वर्ष पहले·discuss
I just compared Skiff and Tutanota on your tool. The results were the same. Thank you for confirming this.
amilich
·3 वर्ष पहले·discuss
It's very simple. One of them had access to user's private keys (Lavabit).

One never has access to user private keys (Skiff).
amilich
·3 वर्ष पहले·discuss
That's why Skiff has had 4 security audits, not just 1 3 years ago. And, with multiple of the best auditors.
amilich
·3 वर्ष पहले·discuss
No, I'm not joking. We do have this option, and it's consistent with the defaults across private mail providers. Still waiting for your list of the ones that don't load images by default.

It does not load the images. That's just patently false disinfo.
amilich
·3 वर्ष पहले·discuss
Any security engineer would have a heart attack if any employee, friend, or colleague said "security audit stuff [doesn't] matter." I wouldn't use software that doesn't undergo security audits.

Also, pentest ≠ audit. Completely different!
amilich
·3 वर्ष पहले·discuss
Actually, that's completely false. Security audits are a standard, reputable process for software. Trail of Bits is probably the best (or one of very few top) firms in this category. Check out: https://github.com/trailofbits
amilich
·3 वर्ष पहले·discuss
That's just false. Downloading crypto libraries over the web plagued Javascript crypto for years. We use tweetnacl, stablelib, and webcrypto - and tweetnacl also uses webcrypto!
amilich
·3 वर्ष पहले·discuss
Yes - privacy focused mail providers offer this as an option but do not enable it by default. Mainstream mail providers do not even have it as an option.
amilich
·3 वर्ष पहले·discuss
We use an open-source mailserver (Haraka), but security audits are the most trustworthy way to do this. We've had 4: skiff.com/transparency. Audits cover infrastructure.
amilich
·3 वर्ष पहले·discuss
What mail providers block all remote content by default?
amilich
·3 वर्ष पहले·discuss
Skiff encrypts all received emails with user public keys immediately on receipt. This is quite clear in our security model page and whitepaper. Skiff does not have access to any user emails, including external received ones.
amilich
·3 वर्ष पहले·discuss
No: Skiff does not have access to a single email stored on our platform, including ones received externally. All are public-key encrypted, including subjects and content.
amilich
·3 वर्ष पहले·discuss
We also don't do this. In a near future implementation you can just synchronize the end-to-end encrypted search index.
amilich
·3 वर्ष पहले·discuss
This sounds like a possible captcha error. Can you email me at andrew (at) skiff.com ? Sorry about this.