It is so hard to get an email address without providing an email or SMS verification. Like 9/10 on the internet difficulty scale.
Any site that lets you receive email for example by generating a random inbox seems to be blocked by the more full-featured ones that let you send email. I’ve spent the last week trying to get an email address doing lots of searches and trying to signup for any email address at all without success.
This makes sense if you understand that bots cause problems universally but at the same time the personal information strategy isn’t working. Spammers have no problem getting email accounts and every other kind of account. It’s the honest person who won’t go to the dark side and pay for stolen accounts that is in the worst shape.
Maybe you want to setup your own mail server? Ther you need a domain name and registars want even more information. Many of them give you privacy on your domain records, but this is no defense from the surveillance state.
If as said in the sidebar mass surveillance is about mass control, and not justice, then email is an extremely important technology to start supporting for privacy and freedom.
Spam and abuse are problems to be sure but there must be other ways to solve them than by providing information that links back to the real world.
Now what can we do about it?
No: email, even when encrypted, leaks plenty of metadata. From a privacy perspective it has been a lost cause for decades. We need new protocols.
Are there even any candidates at the moment? What would a next gen email look like, one that didn’t leak metadata?
Matrix is the successor to email. Open spec, encryption-first design, federated, much easier to self host and possibly p2p in the future.
I don’t think that is true. Matrix could be the successor to mailing lists, as it has interesting properties (anti-censorship, consensus-building) for that usecase. But so far matrix implementations are too reliant on huge databases to become practical… I hope the situation continues to improve in the coming years.
It leaks plenty of metadata. Also it’s hardly easy to self-host.
How do you avoid leaking metadata to your server in a federated system?
By using onion routing to connect to it, as Briar does. Also by not having a server at all, again as Briar does.
Briar’s server is the app itself, all federation metadata concerns also apply to p2p federation. Your briar app leaks metadata to every other device it talks with.
And isn’t there a way to sign into things with Matrix? Like OAuth? I thought I heard of that somewhere.
No matrix has its own auth system for signing into it. But more importantly they have bridges that can connect matrix rooms to other services, like IRC, xmpp, etc.
Link please, most of the search results for that don’t seem to be what you’re referring to.
https://matrix.org/
Does the matrix protocol even enable an inbox-message-delivery type of communication similar to email, or is it all about room synchronisation?
At least with the current clients even a 1to1 chat is a room state synchronised across the involved servers, and doesn’t lend itself to managing messages in an inbox very well.
Its even better than email in that regard, you have to accept a message request before they can spam you. And it looks really no different from email, with a list of conversations being equivalent to your inbox.
Briar is a good example.
I think tox might be a good fit.
Whether fit for purpose working receive email addresses are a requirement to obtain many services. I should be more precise though, if we are creating services that we want to be usable with privacy, then we should not support email as a requirement for use. Since the case is that many services do require email, I mean to focus here on supporting this anonymous email facility.