Re: [MlMt] OT: iOS mail client

Sat, 05 Sep 2020 07:14:11 -0700 

On 5 Sep 2020, at 8:38, Bryce Wray wrote:


On 5 Sep 2020, at 5:28, Charlie Garrison wrote:
Fair warning to all who are looking at new mail programs - read __very carefully__ the privacy policy for Spark. Unless they have changed, using their program means giving __their servers__ access to all your email. If you don't mind handing over all your email, the Spark UI isn't too bad. I use email mostly for business and giving Spark access to all of it was complete non-starter. (Which I discovered the hard way, and then had a fun couple of days working out how bad the damage was. 😞)
I have complete trust in MailMate though, and it would be nice to have an iOS alternative that is as nice to use. I chose Edison Mail (Email) - it's no MailMate, but good enough to replace Apple Mail on my phone and tablet. 

-cng
Just so you know, the folks behind Edison Mail (which, admittedly, is a nice-to-use app) have had their shares of privacy issues, too: 

https://www.macrumors.com/2020/05/16/edison-mail-sync-bug/

https://www.vice.com/en_ca/article/pkekmb/free-email-apps-spying-on-you-edison-slice-cleanfox


If I understand this correctly, Spark's architecture requires them to
have access to your email passwords. To me, that's a complete
non-starter; your email password is the most important one you
have, since it can be used to reset all of your other passwords.

Edison, though, appears to have a badly broken credential-sync
feature. In particular, although they (I hope!) use encryption for
transport of your credentials, the passwords themselves are not
encrypted only to you. That speaks poorly of their competence in
security, since (even apart from that bug) if they were hacked
everyone's plaintext passwords would be captured. Your passwords
should be encrypted on your device—preferably with a random
key—and they should see only ciphertext. Apple got this right, but
it's actually a very hard problem to solve properly.

        --Steve Bellovin, https://www.cs.columbia.edu/~smb

_______________________________________________
mailmate mailing list
[email protected]
https://lists.freron.com/listinfo/mailmate

Reply via email to