this post was submitted on 10 Apr 2024
310 points (97.0% liked)

Technology

34419 readers
235 users here now

This is the official technology community of Lemmy.ml for all news related to creation and use of technology, and to facilitate civil, meaningful discussion around it.

Ask in DM before posting product reviews or ads. All such posts otherwise are subject to removal.

Rules:

1: All Lemmy rules apply

2: Do not post low effort posts

3: NEVER post naziped*gore stuff

4: Always post article URLs or their archived version URLs as sources, NOT screenshots. Help the blind users.

5: personal rants of Big Tech CEOs like Elon Musk are unwelcome (does not include posts about their companies affecting wide range of people)

6: no advertisement posts unless verified as legitimate and non-exploitative/non-consumerist

7: crypto related posts, unless essential, are disallowed

founded 5 years ago
MODERATORS
MinutePhrase@lemmy.ml
310
Proton picks up Standard Notes to deepen its pro-privacy portfolio (techcrunch.com)
submitted 5 months ago by dvdnet62@feddit.nl to c/technology@lemmy.ml
81 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] Swarfega@lemm.ee 2 points 5 months ago (2 children)

I do pay for SimpleLogin and will continue to do so. The only place my actual proton email address is exposed is on SimpleLogin. Every site I use on the internet has its own alias. That's 350+ sites currently.

The only downside to a catchall, as I see it, is someone could just start creating any random email address knowing it will find your legitimate mailbox. Also sending as any of the aliases can be a pain.

[–] zarenki@lemmy.ml 3 points 5 months ago

Compared to simplelogin (or proton pass aliases, addy, firefox relay, etc), one other downside of a catchall is in associations across accounts. Registering with a @passmail.net address implies that I use Proton; registering with random-string@mydomain.org implies I have access to that domain. If 10 data breach leaks have exactly one account matching the latter pattern then that's a strong sign the domain isn't shared. If one breached site has my mailing address, my real identity can be tied to all the others.

[–] PiJiNWiNg@sh.itjust.works 1 points 5 months ago (1 children)

Yeah, I have to agree that the 'send as' can be a pain, would be nice if it sent as the recipient email by default. As far as people spamming looking for a legit address, I've fortunately not run into that, but I could see how that could happen.

[–] Swarfega@lemm.ee 1 points 5 months ago

Yeah. I mean, even if you did get targeted by someone they really don't want to waste their time on someone who is more privacy/security conscious. Thieves want easy targets.