So, if you want to have any sense of a service respecting you, it should be hosted on a server you can control?
No difference at all between the server of the world’s biggest advertiser and a server by a company that opens itself for audits and is in a country whole laws require no bullshit? Are you sure those two are the same? All or nothing?
Because their primary audience is those gullible enough to believe they somehow can’t read your messages, yet they can easily capture your private password.
It is entirely possible to keep secure data on a server that only someone else with the password can access. They don’t store your password in plaintext, they don’t test whether what you typed is the same thing they keep on their servers. If the password works to decrypt your data then your client can read the emails. If not, your client gets gibberish and knows your password was wrong. With a secure system your password should never be sent to the server at all.
Now, that doesn’t mean it’s trustworthy. There could be holes in the security, and I certainly would feel better controlling my own server, but it’s not automatically insecure just because it’s hosted by them.
All Their services are online based right? I don’t understand why using their proprietary servers is an argument here.
So, if you want to have any sense of a service respecting you, it should be hosted on a server you can control?
No difference at all between the server of the world’s biggest advertiser and a server by a company that opens itself for audits and is in a country whole laws require no bullshit? Are you sure those two are the same? All or nothing?
Was that reply for me?
Because their primary audience is those gullible enough to believe they somehow can’t read your messages, yet they can easily capture your private password.
It is entirely possible to keep secure data on a server that only someone else with the password can access. They don’t store your password in plaintext, they don’t test whether what you typed is the same thing they keep on their servers. If the password works to decrypt your data then your client can read the emails. If not, your client gets gibberish and knows your password was wrong. With a secure system your password should never be sent to the server at all.
Now, that doesn’t mean it’s trustworthy. There could be holes in the security, and I certainly would feel better controlling my own server, but it’s not automatically insecure just because it’s hosted by them.