@kevincox ...or to stop rendering links in e-mail, since they have only bad security properties. Send them the way of remotely-loaded images, except also take away the option to let you load them.
@kevincox They're also a critical feature of phishing attacks and privacy-intruding tracking.
You could hypothesize about a world of digitally signed e-mail and an allowlist of recognized legitimate businesses by the megacorp that produces your MUA which lets them link to their own first-party domain, but this already fails at the first hurdle because nobody has ever made digitally signed e-mail actually work.
@kevincox Think of it like Safe Browsing, but for e-mail. It's even easier, because no human sends e-mail any more; it's just a legacy root-of-identity layer for account signups and fallback for notifications if the appropriate app is not yet installed.
Except that all signed e-mail is a disaster. Perhaps there should be a replacement built around modern secure distributed/federated system design. I'm sure adding another competing system will solve it.
This is a space for soft friends and friends of soft friends to gather together!
In this city we're all about soft friends and compassion and caring about each other!
Hatred will find no home here.
Listen actively to and honor the requests of others; always respond with compassion first.
If you’re ever unsure, ask first. Use CWs where required.
If you’re accused of causing harm, either take some responsibility or ask moderators for help.
The whole space may be liable if you do.
All reports go straight to our moderation team. We’re here to help!