72 lines
3.1 KiB
Markdown
72 lines
3.1 KiB
Markdown
---
|
|
title: "Stop Using Gmail"
|
|
description: Email was meant to be decentralised. Thanks, Google, for fucking that up.
|
|
date: 2020-02-20T01:09:10-05:00
|
|
draft: true
|
|
cover: /assets/pngs/gmail.png
|
|
toc: true
|
|
categories:
|
|
- Technology
|
|
tags:
|
|
- Email
|
|
- Privacy
|
|
- Decentralisation
|
|
---
|
|
|
|
Much like XMPP[^1], email was designed to be fully decentralised.
|
|
Individuals can run servers for themselves and maybe some friends and
|
|
family. As long as they have a public address, they can be contacted.
|
|
|
|
## History
|
|
|
|
## The fundamental problem
|
|
First and foremost, over all else, Google is an advertising company;
|
|
their entire business model depends on harvesting user data to more
|
|
accurately serve you personalised ads. Emails sent and received with
|
|
Gmail are stored unencrypted on Google's servers[^2]. This allows them
|
|
to scan the text for keywords and extract data that can be used to build
|
|
a detailed profile on you. If you've ever gotten an email from someone
|
|
mentioning something about a mechanical keyboard and, a day or two
|
|
later, you start seeing ads[^3] about them, that's why.
|
|
|
|
This is generally pretty well-known and doesn't bother those who aren't
|
|
really concerned with privacy. However, these people don't think about
|
|
how their decision affects people who *do*. In choosing to remain with
|
|
Gmail, they give it more and more power over the world of this
|
|
distributed-by-design technology. *It is in Google's interest* to make
|
|
it difficult for others to interact with the platform.
|
|
|
|
Consider this. An individual decides he wants to run his own mail
|
|
server. He sets everything up properly,
|
|
[SPF,](https://en.wikipedia.org/wiki/Sender_Policy_Framework)
|
|
[DKIM,](https://en.wikipedia.org/wiki/DomainKeys_Identified_Mail)
|
|
[DMARC,](https://en.wikipedia.org/wiki/DMARC)
|
|
[DANE,](https://en.wikipedia.org/wiki/DNS-based_Authentication_of_Named_Entities)
|
|
etc., sets the website and webmail client up with
|
|
[TLS,](https://en.wikipedia.org/wiki/Transport_Layer_Security)
|
|
implements some form of [email
|
|
antivirus](https://en.wikipedia.org/wiki/Clam_AntiVirus) and [spam
|
|
filtration system,](https://www.rspamd.com/) basically uses all the
|
|
standard components for a good email server. He tests it, it works, it's
|
|
fast, and it's reliable. In his spam testing, his system gets a negative
|
|
score[^4] and passes all the requirments with flying colours. He decides
|
|
it's time to reconfigure his web applications to send mail using it
|
|
rather than his domain registrar's servers. Everything works well for a
|
|
bit, approximately two weeks.
|
|
|
|
**Enter Google.**
|
|
|
|
Sayonara sucker. The email giant decides that his services are sending
|
|
spam and blocks the domain.
|
|
|
|
[^1]: *XMPP* stands for the e*X*tensible *M*essaging & *P*resence
|
|
*P*rotocol. You can be more information about it in [NixNet's
|
|
documentation.](https://docs.nixnet.services/XMPP)
|
|
[^2]: For more information on how insecure email is, [read
|
|
this](https://nixnet.email/docs/privacy-and-opsec/)
|
|
[^3]: I recommend
|
|
[uBlockOrigin](https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/)
|
|
for blocking ads
|
|
[^4]: A positive score means emails from there are likely to be marked
|
|
as spam. A negative score is *good*.
|