Using Firefox's HTTPS-only mode I've noticed that a huge number of companies send emails with HTTP links. It appears at though a lot of these are marketing redirects for click tracking. This is bad, we need these services to support HTTPS!

@kevincox ...or to stop rendering links in e-mail, since they have only bad security properties. Send them the way of remotely-loaded images, except also take away the option to let you load them.

@LionsPhil I'm not convinced. Links are a critical feature of my email usage.

@kevincox They're also a critical feature of phishing attacks and privacy-intruding tracking.

You could hypothesize about a world of digitally signed e-mail and an allowlist of recognized legitimate businesses by the megacorp that produces your MUA which lets them link to their own first-party domain, but this already fails at the first hurdle because nobody has ever made digitally signed e-mail actually work.

Follow

@kevincox Think of it like Safe Browsing, but for e-mail. It's even easier, because no human sends e-mail any more; it's just a legacy root-of-identity layer for account signups and fallback for notifications if the appropriate app is not yet installed.

Except that all signed e-mail is a disaster. Perhaps there should be a replacement built around modern secure distributed/federated system design. I'm sure adding another competing system will solve it. :blobcatcoffee:

· · Web · 0 · 0 · 0
Sign in to participate in the conversation
✨Plush✨City 🏙

This is a space for soft friends and friends of soft friends to gather together!

In this city we're all about soft friends and compassion and caring about each other!

Code of Conduct in a Nutshell

Discrimination & Bigotry Won’t Be Tolerated.

Hatred will find no home here.

Treat this Space and Those Within it with Respect.

Listen actively to and honor the requests of others; always respond with compassion first.

Consent is Important in all contexts.

If you’re ever unsure, ask first. Use CWs where required.

Listen; Don’t Make Excuses.

If you’re accused of causing harm, either take some responsibility or ask moderators for help.

Don’t Break the Law Here.

The whole space may be liable if you do.

Use the Report Feature.

All reports go straight to our moderation team. We’re here to help!

For more detail, please
Review our
Full Code of Conduct