Add security warning to email lists (#1543)

This commit is contained in:
Jonah Aragon 2019-11-30 13:06:56 -06:00 committed by GitHub
parent 3462278383
commit 40335b9e3d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 18 additions and 0 deletions

View File

@ -5,4 +5,13 @@ title: "Best Secure Email Providers for Privacy"
description: "Find a secure email provider that will keep your privacy in mind. Don't settle for ad-supported platforms. Never trust any company with your privacy, always encrypt." description: "Find a secure email provider that will keep your privacy in mind. Don't settle for ad-supported platforms. Never trust any company with your privacy, always encrypt."
--- ---
<div class="card border-danger">
<div class="card-header text-danger"><i class="fas fa-exclamation-circle fa-fw"></i> Warning</div>
<div class="card-body">
<p class="card-text text-danger">Even when using end-to-end encryption technology like GPG, email is inherently insecure and should not be trusted for sensitive communications. Metadata is always communicated in plaintext, and even when encryption is used correctly it is very easy for either party to acidentally respond to or forward a previously encrypted message in plaintext in many clients. GPG also does not easily support modern crypto functionality such as key rotation and forward secrecy.</p>
<p class="card-text text-secondary">We recommend the following email providers for routine notifications and messages from other services that require an email address. For communications that <strong>need</strong> to be safe and secure, you should use a dedicated instant messaging tool, such as Signal.</p>
<a href="/software/real-time-communication/" class="btn btn-outline-secondary">Recommended Instant Messengers</a>
</div>
</div>
{% include sections/email-providers.html %} {% include sections/email-providers.html %}

View File

@ -5,6 +5,15 @@ title: "Email Clients"
description: "Discover free, open-source, and secure email clients, along with some email alternatives you may not have considered." description: "Discover free, open-source, and secure email clients, along with some email alternatives you may not have considered."
--- ---
<div class="card border-danger">
<div class="card-header text-danger"><i class="fas fa-exclamation-circle fa-fw"></i> Warning</div>
<div class="card-body">
<p class="card-text text-danger">Even when using end-to-end encryption technology like GPG, email is inherently insecure and should not be trusted for sensitive communications. Metadata is always communicated in plaintext, and even when encryption is used correctly it is very easy for either party to acidentally respond to or forward a previously encrypted message in plaintext in many clients. GPG also does not easily support modern crypto functionality such as key rotation and forward secrecy.</p>
<p class="card-text text-secondary">We recommend the following email providers for routine notifications and messages from other services that require an email address. For communications that <strong>need</strong> to be safe and secure, you should use a dedicated instant messaging tool, such as Signal.</p>
<a href="/software/real-time-communication/" class="btn btn-outline-secondary">Recommended Instant Messengers</a>
</div>
</div>
{% include sections/email-clients.html %} {% include sections/email-clients.html %}
{% include sections/email-alternatives.html %} {% include sections/email-alternatives.html %}