Düsseldorfer Linux User Group

2023-09-14 - DLUG und Freie Software Freunde Online Treffen

Themen des Abends waren:

Jitsi Quality

Unsichere E-Mails mit/zwischen Medizinern

Voice Control

Security and Privacy, ...

passend dazu Fabians Projekte:

Mehr BSDs:

und Versionsverwaltung

E-Mail und Sicherheit

Werner sagt:

Background: The problem with encrypted subjects is that
  1. it is not possible to filter messages without first decrypting them. Being able to filter messages on the subject is essential for a smooth mail work flow.
  1. decrypting the message automatically takes some time and requires that the key or the token holding the key has been unlocked. This requires user attention.
  1. Automatically decrypting all messages to replace the three dots subject with the real one in the message folder view, opens the box for a wide variety of side-channel attacks which in the worst case can lead to a compromise of the key.
For easier recognition of message threads, it would be better to offer an option to use a random nonsense subject than to use a fixed one like those three dots. The best solution, however, is to educate users that meta information, like the subject, are not encrypted so that they can take any necessary precautions.