runbox privacy issues ?
Runbox is a privacy concious service, right?
It turns out (just tested) emails sent through web and smtp all have the same UID in the email header. So all aliasses have the same UID in the header as the main account. Effectively anyone, especially with finances ( big ads business ) can and will know instantly all aliasses used by a same user ... I would consider it a big privacy issue, no distinctly different identities when using aliasses ... and all in the plain (pgp doesn't encrypt email headers, so it is all linked through the UID in plain sight) |
Thanks for the info...
+1 Runbox care to reply? |
This has been mentioned by a handful of people in recent times, and we understand the concerns. We are looking at alternatives that will prevent aliases and identities from being linked to each other, while still allowing us to track abuse of our services.
|
Quote:
|
Quote:
I was careful to say that this was raised with us recently by a small number of people and we have taken that concern seriously enough to be looking (not will be looking at some obscure point in the future) at a way to remove the UID from the headers and put something else in place that won't link aliases to each other. As soon as we have something that will work we will put it in place. |
Quote:
|
Quote:
The same for SMTP is in the works. - Geir |
Quote:
EDIT: Took the time to test a few moments ago. webmail works, smtp is still crippled with a UID across main account and aliasses. Implement as said by runbox, good point, but feels a little like a half baked solution was put in pllace to shush waiting for godot? |
Geir/runbox, Care to update us on EMD ? "Godot" after al ?
|
All times are GMT +9. The time now is 03:34 AM. |
Copyright EmailDiscussions.com 1998-2022. All Rights Reserved. Privacy Policy