onereplyac
No user record in our sample, but onereplyac has activity below (stories or comments). Likely we have partial data — the full bulk-load will fill profiles in.
No user record in our sample, but onereplyac has activity below (stories or comments). Likely we have partial data — the full bulk-load will fill profiles in.
Totally agree... it is just disappointing that services like Skiff advertise total E2EE to unsuspecting users with no mention of this in their marketing, luring users into a false sense of security
Free marketing at the expense of user trust
Unfortunately not even close. When the server gets the email it is not encrypted (unless the sender has a skiff address too, which is a very tiny portion...). And when you send an email to anyone outside skiff it is the…
The encryption happens after the server recieves the plaintext email and passes it to the client...
Normal email proiders don't dowbload all emails whenever a user logs into a new device
That's all moot though, since your server has access to plaintext emails when sending and recieving (99.99999% of email addresses would be outside skiff), which completely subverts the whole point of encryption. A…
Depends, on an older phone, downloading all emails just to allow for searches locally won't be very efficient. Log out also becomes a problem, if emails are stored on one device that gets stolen, adversary now has…
Except there is a reason. Encrypting email has very little to no benefit, since it is transmitted in plaintext and usually stored in plaintext on the recipient's side, your emails almost always exist in unencrypted…
From the whitepaper, it seems search is done by downloading all emails on every device to index them locally. Curious how well this works with a large amount of emails?
It really is not backed by cryptographic security at all. Since your server has access to plaintext emails when sending and recieving (99.99999% of email addresses would be outside skiff), which completely subverts the…