• Jin@lemmy.world
    link
    fedilink
    English
    arrow-up
    16
    ·
    6 months ago

    All Their services are online based right? I don’t understand why using their proprietary servers is an argument here.

    • John Richard@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      ·
      6 months ago

      Because their primary audience is those gullible enough to believe they somehow can’t read your messages, yet they can easily capture your private password.

      • Excrubulent@slrpnk.net
        link
        fedilink
        English
        arrow-up
        12
        ·
        edit-2
        6 months ago

        It is entirely possible to keep secure data on a server that only someone else with the password can access. They don’t store your password in plaintext, they don’t test whether what you typed is the same thing they keep on their servers. If the password works to decrypt your data then your client can read the emails. If not, your client gets gibberish and knows your password was wrong. With a secure system your password should never be sent to the server at all.

        Now, that doesn’t mean it’s trustworthy. There could be holes in the security, and I certainly would feel better controlling my own server, but it’s not automatically insecure just because it’s hosted by them.

    • claudiop@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      6 months ago

      So, if you want to have any sense of a service respecting you, it should be hosted on a server you can control?

      No difference at all between the server of the world’s biggest advertiser and a server by a company that opens itself for audits and is in a country whole laws require no bullshit? Are you sure those two are the same? All or nothing?