Comment by thedanbob
1 month ago
It's more common than you might think. I know of at least one popular email client that stores your credentials on their servers to enable features like multi-account sync and scheduled sending.
1 month ago
It's more common than you might think. I know of at least one popular email client that stores your credentials on their servers to enable features like multi-account sync and scheduled sending.
I bought a hardware password manager a while back and the bulk load tool sent all your creds to a cloud service. I have not used it since, and sent the manufacturer a nasty note.
It was the Ethernom Beamu, company now defunct.
Do you mean Spark? I get why they need to do it that way but I also hate that they have to do it that way because it sucks for privacy.
Yeah, Spark. Shame because I really liked their client, but I refused to use it anymore after I realized what they were doing.
I would expect such a feature to use end-to-end encryption for the data, so that only the user can see the credentials. It does, right? Right?
>>multi-account sync and scheduled sending
>I would expect such a feature to use end-to-end encryption for the data
How would "end-to-end encryption" when such features by definition require the server to have access to the credentials to perform the required operations? If by "end to end" you actually mean it's encrypted all the way to the server, that's just "encryption in transit".
> If by "end to end" you actually mean it's encrypted all the way to the server, that's just "encryption in transit".
This is what Zoom claimed was e2ee for a little while before getting in trouble for it.
2 replies →