You know what I reckon would be cool? If all the throngs of organisations and companies who claim to be open would actually establish themselves in the distributed, open source Fediverse. That'd be cool.
If they wanted to join this Mastodon instance, I'd be happy to approve their accounts - all they'd have to write in response to "why do you want an account on our server?" is "We're keen to walk the talk and stop being hypocrites". If they write that, they're in.
๐๐๐๐๐ 
haha, ProtonMail did that - and then they left...
@selea just another reason I'm pleased I didn't adopt their service (and set up my own mail service, which, frankly, is superb).
@selea full credit, though, to the folks at Mailcow.email, as I use their dockerised install.
Running your own mailserver is really nice, so much freedom included
@selea yes, I've found it librating, and an opportunity to be generous to my friends. I host email for myself and many others. 3 MailCow instances, all about 2-3 years old. They are remarkable and inspiring technology, created by impressive and generous folks.
@lightweight @selea
Hi,
if you don't have skills for selfhosting things, what's the solution ?
GPG is a good way round people reading your e-mails providing the recipients also understand and use it.
It would be good to know why less and less people are using it, so that can be addressed.
Hmm opposite to my experience I have had e-mails where a long signature includes about e-mail not being secure.
Unless we get GnuPG or similar as part of basic IT training then people will think opposite extremes.
If banks signed their e-mail it would be much better and probably easier to spot scams
@zleap @foxmask @selea banks are generally run by people who don't get tech. My bank (in NZ) has a reasonably informed CTO (with whom I spoke) but he essentially said that proper security protocols are beyond them. He assured me they'd have a 'secure upload' facility 2 years ago. It's not there yet. The bank still routinely instructs people to sign documents (e.g. account signing authorities) on paper, scan, and email them as unencrypted attachments. They're about 20 years behind.
Yiou need to understand the issue so you can recruit the right people to help make things secure.
Weare short of cybersecurity experts here in the UK too.
Indeed, as people have said here too much focus on bits of paper, not actual ability to do the job in many cases.
Box ticking does not seem to lead to the right outcomes.
@lightweight @zleap @foxmask @selea I think "time and expertise" are good reasons to pay $ for (unlike giving "the ability to exploit your data"). I personally feel confident in having self-hosted things to test and play with, but for critical things like email, with at least baseline security, certificates etc... not so much ๐
@miren @zleap @foxmask @selea fair enough. We all have to make that call for ourselves. Having worked for companies offering those services for money, I know that I'm as capable as the folks running lots of those systems, and I've got self-interest as well, so I'm happy to back myself in that role. :)
@lightweight @miren @foxmask @selea
Perhaps we need to provide good quality information so people can make their own decisions.
er
@miren @lightweight @foxmask @selea
I feel hhe same way I can set up a raspberry pi, sort of set up Apache or ngnix to serve basic web pages but doing all that securely is beyond me
@zleap @foxmask @selea that's always an option. The https://mailcow.email crew offer a managed service. But it costs $, because it requires their time and expertise. And doesn't depend on being able to exploit your data (and that of your correspondents).