AKA, "Shadow profiling" - you can prevent it somewhat by sending Gmail users Protonmail or Tuta's password encrypted email.
kjellsbells · 1h ago
As I see it, the problem is that the email address has been conflated with your identity, and that is extremely problematic. It should only ever have been a somewhat transient reachability identifier. As an identity it then gets linked to concepts like authorization and trust, eg "we'll send this code to your email, because we implicitly trust that only you can see your email, and that youll always be able to get to it."
Every so often one sees a cri de coeur from someone who has learned this lesson the hard way when Google locks them out of their account, the key to their digital life evaporates, there's nothing they can do about it.
Alternative identifiers exist, eg handles on sites like HN, but they are second-order artifacts of the email as ID.
Given the stakes, then, you have to decide whether to try and control your identity by bulding your own infra for email (domain, mail server, dkim etc and a fair bit of hell), paying for someone to run the infra (eg getting a proton or fastmail address), and hoping they dont enshittify or fail, or letting Google or Microsoft control it and hoping you dont fall foul of them. All these options have drawbacks.
Side musing follows: I dont know what the solution to identity is on the Internet. A very long time ago, X.509 certs issued by quasi government authorities was mooted as part of a international directory system. I can see a future authoritarian state falling in love with this idea again, esp with the resulting lack of anonymity,..but also the ability to "kill" people on the Internet simply by revoking their cert.
thoi4234234234 · 1h ago
Not just email - today it's almost impossible to have a decent life without a (smart) phone and being tied-in through OTP verification.
All these things have become so essential that it's shocking that it's not regulated like a utility (or even as a right given their systemic imposition).
brewdad · 1m ago
OTP verification can largely be worked around because so many sites still use SMS codes which a dumb phone can handle. Similarly, 2FA codes can be handled on a PC without requiring a smart phone. It adds hurdles but can be done.
Where it becomes challenging is situations where smart phones truly are required. When I attended college football games last fall, all tickets were e-tickets. You were required to present a QR code on your device or your ticket stored in Apple Wallet or Google Wallet. I ran into the same situation with my local theater's ticketing. You haven't lived until you've witnessed an audience with an average age of 70 try to figure out their tickets on their smartphones when they've never used them for that before nor had any notion that was even POSSIBLE.
ssivark · 35m ago
> Side musing follows: I dont know what the solution to identity is on the Internet.
I was fond of how Keybase brought to life [1] identity proofs (linking and validating your different online identities) in a very easy to use platform. Pity it went away; feels like a loss for the internet.
Right, but I want to validate my identity for cases where it is important to me. I also want to prevent others from assuming my identity in cases where it doesn't really matter (until it does). My identity here is not the same identity use on Reddit. At the same time being erroneously linked to someone else's posts on Reddit because they use this username could be a real problem. At he same time, I don't necessarily want my posts here to be linked to posts at Reddit or X or wherever. Rinse and repeat across thousands of web sites.
It's a problem with no easy solutions. In part, because no two users want exactly the same solution.
flexagoon · 46m ago
If you don't want to link your email and your identity, you can use aliasing services like SimpleLogin. I have a separate email alias for every account, such as hackernews.ci72j@slmail.me, and only use my personal email for personal communications.
0xbadcafebee · 1h ago
Yeah, and also the post office has all of your mail (because they can/do scan it), and pretty much anyone can intercept SMS, only slightly harder to intercept voice calls on PSTN, and SMTP has always been unencrypted. Private databases sold to the government by corporations already have your job history, political affiliations, sexuality, etc.
Most communications throughout history have not been secure. Despite this, it hasn't been abused nearly as much as it could be. I'm not sure if it's because the scale is difficult, or the technical side, or nobody thinks to suggest it to the despots. It's probably a combination of things. Ironically we tend to fear the abuse of power when it doesn't happen, and then ignore or accept it when it does happen. So the fear/hang-wringing/jumping-through-hoops seems pointless.
I still believe that if you really are concerned about what you're saying, you should say it in a clandestine way. E2E encryption is like a giant red flag saying "I might be doing something shady". Asking grandma about her special cakes [when she doesn't bake] will fly under the radar unless someone is looking really hard.
jraph · 4m ago
The post office and even the ISP are not as big as Google and don't have nearly as much control and data on everybody worldwide.
washmyelbows · 46m ago
the post office scans the exterior, not the contents. That is a significant difference.
vasco · 49m ago
> Despite this, it hasn't been abused nearly as much as it could be
How would you classify submarines parked next to fiber optic cables slurping up data?
goku12 · 23m ago
I hope you have a reference as to how an optic fiber cable can be tapped like that. I also hope you've seen how heavily jacketed these cables are. The cables are so sensitive to mechanical disturbances (but without interference to communication) that it can often sense itself getting shifted around. Tapping it will require a lot more than that. How do you avoid such tip offs?
And as far as I know, emails are not E2E encrypted, but they are almost always encrypted in transit. Why go through all the trouble just to get encrypted data?
Now I concede that all those things (OFC, TLS) may have vulnerabilities that can theoretically be exploited. But do you send such valuable information over the internet that it's worth their cost and effort to retrieve it? And if your answer is yes by some chance, would you transmit it without taking adequate security measures?
In comparison, Google and the others have billions of emails simply sitting unencrypted in their storage, ready for access at zero cost. I can't see your argument contradicting the information security risk posed by these companies.
atoav · 27m ago
> Despite this, it hasn't been abused nearly as much as it could be.
Yes, because a few decades ago a total surveilance of a population would have needed a signifikant part of the population to do the surveilance or base your surveilance on statistical chance. If you ever get the chancs to inform yourself about the way the GDR/Stasi watched its citizens before the fall of the Berlin Wall, go for it.
I previously described the recent technological advances as a shift of the above-mentioned ratio: Never in history could a dictator know more of the communications of all his citizens with less people being in on it. Never before in history could a dictator pretend the populus was on his side with less people then now.
These changed ratios already altered the face of politics, and I am pretty sure this wasn't it.
And for your grandma example: Metadata isn't encrypted nearly anywhere. If your grandmas network looks as if she makes a special, explosive kind of dough (or this ever gets mentioned anywhere), the timing of your message and whom you are sending it to might be enough for them to send you to a secret prison without due process. Correctness of such accusations is only a requirement when you don't have absolute powers and dictators will always find someone to blame, otherwise they would look weak.
moralestapia · 1h ago
If the post office (or somebody else) reads your mail that's a federal crime.
Your analogy is moot.
jowea · 2h ago
Needs to consider the other big email providers too.
omeid2 · 1h ago
Yes, Microsoft has a rather large portion of corporate and business email, a very large portion of it.
I think in general treating email any other way than "everyone will eventually read your mail" makes no sense. Email communication, from forwarding to how people archive, to copy-pasting provides no security and is so brittle, just assume anything you write in an email is for public consumption. Reminds me of a post from a few years ago about encrypted mail as a security LARP (https://www.latacora.com/blog/2020/02/19/stop-using-encrypte...)
If you want secure messaging that nobody else will snoop on use an application dedicated to.. secure messaging. It's never what email was for and it's not how it's being used.
Gigachad · 2h ago
Article is from 2014 where this was more of a valid concern. These days I don't think people send email for anything other than external communication with businesses. And only in western countries.
kevin_thibedeau · 2h ago
The only personal electronic communication I use are the only two widely deployed federated protocols: email and SMS. Everything else involves compromises to enter a walled garden that offers no value to me.
recursive · 1h ago
My experience in 2025 must be extremely different from yours. I don't even know what alternate channels you might have in mind.
denkmoon · 40m ago
Chat. Matrix for nerds, discord for gamers and redditors, telegram for everyone else who cares and imessage/rcs for those who don’t.
princevegeta89 · 2h ago
Exactly. Email is never an organized channel for communication. It only makes sense in the corporate world.
For users who don't pay for their personal email, email is nothing but a marketing channel and a very inefficient one at that. All the companies and corporations and people try to pretend to make email addresses look confidential and private. But the reality is they just see it as a way to spam you with ads and promotions and meaningless clickbait messages.
The idea of unsubscribing from emails from corporations and agencies is again just an act of pretense. 95% of the cases, it's not done in one click and involves a series of a few confusing steps. Even from a technology perspective, email is fucked and a legacy artifact as of today.
I would love to see a more secure protocol to replace it, where the recipient always has full control over all the messages that he can ever receive.
goku12 · 3m ago
> For users who don't pay for their personal email, email is nothing but a marketing channel and a very inefficient one at that.
I have a paid personal email plan on my own domain name. (Mostly to get aliases and plus addresses). It is setup very well and filters spam very efficiently, compared to some 'corporate-standard' filters on other services. But I still have to use my gmail address because most individual contacts wouldn't see my mails otherwise since they are on gmail, hotmail, etc. And for many official websites, my email addresses are 'not valid email addresses'. Granted that my TLD .space isn't an official sounding one, but it's used by exactly two types of users - people who use it as their space, and people/organizations working on space tech. So I pay, but I'm still forced to watch them spam. Honestly, I believe that email is now a captured monopoly (cartelopoly?).
> I would love to see a more secure protocol to replace it, where the recipient always has full control over all the messages that he can ever receive.
I wholeheartedly agree. Email is an awesome idea. But its age is starting to show. We need something with security and encryption built-in, much fewer moving parts (Can we integrate MTA, MDA, WebUI, spam filters, DKIM, etc into just one?), option to opt out of rich formatting (the HTML and AMP junk), dynamic updates, etc and proper spam filtering, etc. We should also have a way to disincentivize or punish big players from rejecting valid emails. Perhaps it can use HTTPS to overcome those pesky corporate reverse proxies and firewalls.
But the idea of having a domain name as a namespace for users is still precious.
cryptoz · 2h ago
I mean, for normal people that is exactly how it’s being used. Your receipts for everything are automatically emailed with all kinds of private info for example. Nobody, and I mean nobody, is expecting those receipts to be public. And since all that is in your email you reasonably expect your other email to be private as well.
Email is auth now. People do not use email the way you are describing.
shadowgovt · 1h ago
One of the biggest issues with the way the modern internet works is that it technically works the way GP describes but people believe it works the way you describe.
Even assuming all encryption is configured correctly at the endpoints so we can discount the risk of mid-transit interception and comprehension (do I assume CVS has encryption set up correctly on their outbound receipt emails? I do not...) People think it's like the postal network but it's more like the mail lands at the post office and they hand you a copy of it, while they retain the originals.
xyst · 2h ago
e2e encryption with s/mime is the answer, unless y’all think otherwise.
I played around with it the other day. Installed actalis/digicert s/mime cert on client. Sent emails between the 2 addresses. Emails decrypted locally on clients but same message sent on webmail client is encrypted/unreadable (besides subject line)
dylan604 · 2h ago
Tony the tiger says "that's grrrrreat." Now, send an e2e encrypted to another email that is not yours and see how long it takes them to understand what you sent. PGP for email has been around for a very long time, and there's a reason it is unheard of by the general public. it is a pain in the ass.
spacedcowboy · 2h ago
Indeed it is, for now.
waynesonfire · 1h ago
Or, it's just too good. Why did it take so long to have encrypted DNS? Another example, https, which uses tls for secure communication still manages to leak the domain name because the Server Name Indication in the ClientHello is sent in plain text before encryption is established. The solution, ECH, is no where to be seen.
The folks that read your e-mail and monitor your online presence do not want you to use these tools.
paxys · 1h ago
As a bonus your emails will stay protected from the person you send them to as well.
colordrops · 2h ago
It's easier to get someone to install Signal than all of that.
photochemsyn · 2h ago
Google's products are garbage - any honest person can report on the degeneration of their services. That's what happens with monopolies over time.
Google would like you to think they're a God's-eye master of reality of course... but they're not. Just another corporate flop, like IBM etc.
shadowgovt · 1h ago
IBM stock is currently valued at $231.59 billion.
Seems like a pretty nice gig, being a corporate flop.
TZubiri · 33m ago
That's the value of the stock, which is distinct from the quality of the product. You can make a lot of money selling bad products for a high price. (At least if they are bad for users but good for businesses)
Congeec · 2h ago
Because social media. The same goes for a phone number. If your contacts give out a phone book, your number is leaked.
No comments yet
renewiltord · 3h ago
I have my personal email set to Gsuite. I hide nothing. It’s in my DNS MX. Just look it up before you send me a message on my personal. Since MX records are what you need in the first place, it’s what you should be checking. If someone wants to opt out, they are welcome to.
TZubiri · 2h ago
Only by a very wide definition of "having" your email. Having data in one of your servers means not much if it's not usable or findable.
Can a government submit a subpoena to Gmail asking for your emails? Unlikely, they would just answer that you are not a client of theirs and as such they don't have your emails.
Can they submit a subpoena asking Google to hand over all of the emails that your clients sent or received from your address? Sure they can. It's going to be a way harder sell to the judge and the reason and burden of proof will be that much higher, as it would essentially be closer to fishing or mass surveillance. But it's something that I can see passing for cases of national security or child abuse. Nothing I would personally worry about, but I understand if you want to wear a tinfoil hat.
Semantics and nuance matter.
arcanemachiner · 2h ago
What a blissfully-naive take. You're more than a decade behind the times.
Am I the one that is a decade behind the times? You are the one citing a case from 15 years ago, lol.
Also, I'm not sure what seems to be contradicting here. The exception that you are brining up proves the rule. If I say that humans have five fingers in each hand, will bringing up the famous case of the sixed fingered lady be relevant at all to the discussion? Especially if I worded it specifically saying that "most" humans have 5 fingers? Check my wording, I said unlikely.
The fact is, most government agencies do not have access to your emails, let's say that the NSA does, which is debatable, great, that is 0.01% of the government, and probably 0% of companies (that are not Google), unless they submitted a subpoena as part of some litigation.
Feel free to obsess about the one or two agencies that have access to emails for national security reasons, and feel free to lump it into "THE government". But I don't think you'll ever make any important nuanced cybersecurity trade offs with that attitude, you'll just want to encrypt everything until none of your users can do shit (if you have users at all, you may not even be able to get a job because you are doubtful of sending your resume to anyone, and you might be too busy configuring your own email server instead of just using gmail and doing other productive stuff.)
Every so often one sees a cri de coeur from someone who has learned this lesson the hard way when Google locks them out of their account, the key to their digital life evaporates, there's nothing they can do about it.
Alternative identifiers exist, eg handles on sites like HN, but they are second-order artifacts of the email as ID.
Given the stakes, then, you have to decide whether to try and control your identity by bulding your own infra for email (domain, mail server, dkim etc and a fair bit of hell), paying for someone to run the infra (eg getting a proton or fastmail address), and hoping they dont enshittify or fail, or letting Google or Microsoft control it and hoping you dont fall foul of them. All these options have drawbacks.
Side musing follows: I dont know what the solution to identity is on the Internet. A very long time ago, X.509 certs issued by quasi government authorities was mooted as part of a international directory system. I can see a future authoritarian state falling in love with this idea again, esp with the resulting lack of anonymity,..but also the ability to "kill" people on the Internet simply by revoking their cert.
All these things have become so essential that it's shocking that it's not regulated like a utility (or even as a right given their systemic imposition).
Where it becomes challenging is situations where smart phones truly are required. When I attended college football games last fall, all tickets were e-tickets. You were required to present a QR code on your device or your ticket stored in Apple Wallet or Google Wallet. I ran into the same situation with my local theater's ticketing. You haven't lived until you've witnessed an audience with an average age of 70 try to figure out their tickets on their smartphones when they've never used them for that before nor had any notion that was even POSSIBLE.
I was fond of how Keybase brought to life [1] identity proofs (linking and validating your different online identities) in a very easy to use platform. Pity it went away; feels like a loss for the internet.
[1] https://news.ycombinator.com/item?id=7453360
It's a problem with no easy solutions. In part, because no two users want exactly the same solution.
Most communications throughout history have not been secure. Despite this, it hasn't been abused nearly as much as it could be. I'm not sure if it's because the scale is difficult, or the technical side, or nobody thinks to suggest it to the despots. It's probably a combination of things. Ironically we tend to fear the abuse of power when it doesn't happen, and then ignore or accept it when it does happen. So the fear/hang-wringing/jumping-through-hoops seems pointless.
I still believe that if you really are concerned about what you're saying, you should say it in a clandestine way. E2E encryption is like a giant red flag saying "I might be doing something shady". Asking grandma about her special cakes [when she doesn't bake] will fly under the radar unless someone is looking really hard.
How would you classify submarines parked next to fiber optic cables slurping up data?
And as far as I know, emails are not E2E encrypted, but they are almost always encrypted in transit. Why go through all the trouble just to get encrypted data?
Now I concede that all those things (OFC, TLS) may have vulnerabilities that can theoretically be exploited. But do you send such valuable information over the internet that it's worth their cost and effort to retrieve it? And if your answer is yes by some chance, would you transmit it without taking adequate security measures?
In comparison, Google and the others have billions of emails simply sitting unencrypted in their storage, ready for access at zero cost. I can't see your argument contradicting the information security risk posed by these companies.
Yes, because a few decades ago a total surveilance of a population would have needed a signifikant part of the population to do the surveilance or base your surveilance on statistical chance. If you ever get the chancs to inform yourself about the way the GDR/Stasi watched its citizens before the fall of the Berlin Wall, go for it.
I previously described the recent technological advances as a shift of the above-mentioned ratio: Never in history could a dictator know more of the communications of all his citizens with less people being in on it. Never before in history could a dictator pretend the populus was on his side with less people then now.
These changed ratios already altered the face of politics, and I am pretty sure this wasn't it.
And for your grandma example: Metadata isn't encrypted nearly anywhere. If your grandmas network looks as if she makes a special, explosive kind of dough (or this ever gets mentioned anywhere), the timing of your message and whom you are sending it to might be enough for them to send you to a secret prison without due process. Correctness of such accusations is only a requirement when you don't have absolute powers and dictators will always find someone to blame, otherwise they would look weak.
Your analogy is moot.
(2022) https://news.ycombinator.com/item?id=33304075
(2014) https://news.ycombinator.com/item?id=7731022
If you want secure messaging that nobody else will snoop on use an application dedicated to.. secure messaging. It's never what email was for and it's not how it's being used.
The idea of unsubscribing from emails from corporations and agencies is again just an act of pretense. 95% of the cases, it's not done in one click and involves a series of a few confusing steps. Even from a technology perspective, email is fucked and a legacy artifact as of today.
I would love to see a more secure protocol to replace it, where the recipient always has full control over all the messages that he can ever receive.
I have a paid personal email plan on my own domain name. (Mostly to get aliases and plus addresses). It is setup very well and filters spam very efficiently, compared to some 'corporate-standard' filters on other services. But I still have to use my gmail address because most individual contacts wouldn't see my mails otherwise since they are on gmail, hotmail, etc. And for many official websites, my email addresses are 'not valid email addresses'. Granted that my TLD .space isn't an official sounding one, but it's used by exactly two types of users - people who use it as their space, and people/organizations working on space tech. So I pay, but I'm still forced to watch them spam. Honestly, I believe that email is now a captured monopoly (cartelopoly?).
> I would love to see a more secure protocol to replace it, where the recipient always has full control over all the messages that he can ever receive.
I wholeheartedly agree. Email is an awesome idea. But its age is starting to show. We need something with security and encryption built-in, much fewer moving parts (Can we integrate MTA, MDA, WebUI, spam filters, DKIM, etc into just one?), option to opt out of rich formatting (the HTML and AMP junk), dynamic updates, etc and proper spam filtering, etc. We should also have a way to disincentivize or punish big players from rejecting valid emails. Perhaps it can use HTTPS to overcome those pesky corporate reverse proxies and firewalls. But the idea of having a domain name as a namespace for users is still precious.
Email is auth now. People do not use email the way you are describing.
Even assuming all encryption is configured correctly at the endpoints so we can discount the risk of mid-transit interception and comprehension (do I assume CVS has encryption set up correctly on their outbound receipt emails? I do not...) People think it's like the postal network but it's more like the mail lands at the post office and they hand you a copy of it, while they retain the originals.
I played around with it the other day. Installed actalis/digicert s/mime cert on client. Sent emails between the 2 addresses. Emails decrypted locally on clients but same message sent on webmail client is encrypted/unreadable (besides subject line)
The folks that read your e-mail and monitor your online presence do not want you to use these tools.
Google would like you to think they're a God's-eye master of reality of course... but they're not. Just another corporate flop, like IBM etc.
Seems like a pretty nice gig, being a corporate flop.
No comments yet
Can a government submit a subpoena to Gmail asking for your emails? Unlikely, they would just answer that you are not a client of theirs and as such they don't have your emails.
Can they submit a subpoena asking Google to hand over all of the emails that your clients sent or received from your address? Sure they can. It's going to be a way harder sell to the judge and the reason and burden of proof will be that much higher, as it would essentially be closer to fishing or mass surveillance. But it's something that I can see passing for cases of national security or child abuse. Nothing I would personally worry about, but I understand if you want to wear a tinfoil hat.
Semantics and nuance matter.
https://en.m.wikipedia.org/wiki/PRISM
In 2023, Google received requests for user information for about 900,000 accounts, and complied with ~80% of them, and both numbers are on the rise.
https://transparencyreport.google.com/user-data/overview
Also, I'm not sure what seems to be contradicting here. The exception that you are brining up proves the rule. If I say that humans have five fingers in each hand, will bringing up the famous case of the sixed fingered lady be relevant at all to the discussion? Especially if I worded it specifically saying that "most" humans have 5 fingers? Check my wording, I said unlikely.
The fact is, most government agencies do not have access to your emails, let's say that the NSA does, which is debatable, great, that is 0.01% of the government, and probably 0% of companies (that are not Google), unless they submitted a subpoena as part of some litigation.
Feel free to obsess about the one or two agencies that have access to emails for national security reasons, and feel free to lump it into "THE government". But I don't think you'll ever make any important nuanced cybersecurity trade offs with that attitude, you'll just want to encrypt everything until none of your users can do shit (if you have users at all, you may not even be able to get a job because you are doubtful of sending your resume to anyone, and you might be too busy configuring your own email server instead of just using gmail and doing other productive stuff.)