|
|
Subscribe / Log in / New account

Email insecurity (was One of the great benefits of Open Source)

Email insecurity (was One of the great benefits of Open Source)

Posted Nov 7, 2025 15:36 UTC (Fri) by farnz (subscriber, #17727)
In reply to: Email insecurity (was One of the great benefits of Open Source) by paulj
Parent article: Debian to require Rust as of May 2026

It works well enough for most use cases - any new system has to have good reason to switch.

And we know from SMS (which is charged per-message to the sending companies, even if you buy a bulk lot from a provider like Trello) that charging isn't enough to reliably stop spam, either; there's ways to get around charging, including outright fraud. From what you've described, you're going to recreate the problems SMS has, which include spam and financial problems, in order to get rid of the problems e-mail has; but then, why would I use the new protocol, and not SMS?

to post comments

Email insecurity (was One of the great benefits of Open Source)

Posted Nov 7, 2025 16:04 UTC (Fri) by paulj (subscriber, #341) [Link] (3 responses)

> there's ways to get around charging

So.... there often wasn't charging is what you're saying.

Email insecurity (was One of the great benefits of Open Source)

Posted Nov 7, 2025 16:08 UTC (Fri) by farnz (subscriber, #17727) [Link] (2 responses)

No; there was charging done, but then fraud and other criminal activity meant that the money didn't actually transfer as intended, or the charges were undone by court order.

The "charges undone by court order" is impossible to avoid without making your payment system in breach of anti money laundering regulations, and therefore illegal to use at scale.

Email insecurity (was One of the great benefits of Open Source)

Posted Nov 10, 2025 11:51 UTC (Mon) by paulj (subscriber, #341) [Link] (1 responses)

> The "charges undone by court order" is impossible to avoid without making your payment system in breach of anti money laundering regulations, and therefore illegal to use at scale.

I'm no legal expert, but the existence of (on-chain) irreversible distributed payment systems and businesses created around them and/or using them (including very large and some heavily regulated ones) shows your belief here can not be true. The on-chain transaction can not be reversed, once confirmed, but businesses can always refund - by choice or legal order - some payment.

AFAIK, the likes of the EU are not trying to ban irreversible distributed payment systems.

Email insecurity (was One of the great benefits of Open Source)

Posted Nov 10, 2025 12:07 UTC (Mon) by farnz (subscriber, #17727) [Link]

You don't need to change the ledger - it's entirely allowable to have the original transaction in the ledger, and a later transaction that reverses the full effect of that previous transaction.

What is not legal is a setup where the money can neither be retrieved directly by the sender, nor can the recipient be identified for the purposes of having the court order apply to them, too. Otherwise, how do you prove (as required by Russian, Chinese, EU and USA sanctions laws) that you're not sending money to a sanctioned entity directly?


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds