Email insecurity (was One of the great benefits of Open Source)
Email insecurity (was One of the great benefits of Open Source)
Posted Nov 7, 2025 14:43 UTC (Fri) by paulj (subscriber, #341)In reply to: Email insecurity (was One of the great benefits of Open Source) by farnz
Parent article: Debian to require Rust as of May 2026
You currently already can lose your money if your computer is hacked, if you pay for email. If you're happy to sell your eyeballs and data, then in any new, (not email!) messaging system that used some online, distributed payments system to make spam uneconomic, you could use clients that sold your eyeballs and data to big-tech and *you* would no additional payment systems on your computer/client. Even if you chose to pay, it still need /not/ be an extra risk, because you may well be using this payment system for numerous things already.
As for your experience with the current email system and lack of spam, that's cause of a layer of crappy additional side-protocols which *still do not substantially stop spam* PLUS a filtering system to try separate out the deluge of spam that _still gets through_. All of which you _ALREADY PAY FOR_ - one way or another.
It's a _shit_ system. It _does not work_ - not even the big-tech companies manage to reliably stop spam by any means, and also do not manage to reliably separate the spam from the signal. There are regular false-positives, and many false-negatives in my Big-tech administered Inbox.
As for the 2yo comment. I never saw that somehow, till now. Or I saw meant, meant to check later and forgot! I'll try remember today :)
Posted Nov 7, 2025 15:36 UTC (Fri)
by farnz (subscriber, #17727)
[Link] (4 responses)
And we know from SMS (which is charged per-message to the sending companies, even if you buy a bulk lot from a provider like Trello) that charging isn't enough to reliably stop spam, either; there's ways to get around charging, including outright fraud. From what you've described, you're going to recreate the problems SMS has, which include spam and financial problems, in order to get rid of the problems e-mail has; but then, why would I use the new protocol, and not SMS?
Posted Nov 7, 2025 16:04 UTC (Fri)
by paulj (subscriber, #341)
[Link] (3 responses)
So.... there often wasn't charging is what you're saying.
Posted Nov 7, 2025 16:08 UTC (Fri)
by farnz (subscriber, #17727)
[Link] (2 responses)
The "charges undone by court order" is impossible to avoid without making your payment system in breach of anti money laundering regulations, and therefore illegal to use at scale.
Posted Nov 10, 2025 11:51 UTC (Mon)
by paulj (subscriber, #341)
[Link] (1 responses)
I'm no legal expert, but the existence of (on-chain) irreversible distributed payment systems and businesses created around them and/or using them (including very large and some heavily regulated ones) shows your belief here can not be true. The on-chain transaction can not be reversed, once confirmed, but businesses can always refund - by choice or legal order - some payment.
AFAIK, the likes of the EU are not trying to ban irreversible distributed payment systems.
Posted Nov 10, 2025 12:07 UTC (Mon)
by farnz (subscriber, #17727)
[Link]
What is not legal is a setup where the money can neither be retrieved directly by the sender, nor can the recipient be identified for the purposes of having the court order apply to them, too. Otherwise, how do you prove (as required by Russian, Chinese, EU and USA sanctions laws) that you're not sending money to a sanctioned entity directly?
It works well enough for most use cases - any new system has to have good reason to switch.
Email insecurity (was One of the great benefits of Open Source)
Email insecurity (was One of the great benefits of Open Source)
No; there was charging done, but then fraud and other criminal activity meant that the money didn't actually transfer as intended, or the charges were undone by court order.
Email insecurity (was One of the great benefits of Open Source)
Email insecurity (was One of the great benefits of Open Source)
You don't need to change the ledger - it's entirely allowable to have the original transaction in the ledger, and a later transaction that reverses the full effect of that previous transaction.
Email insecurity (was One of the great benefits of Open Source)