Why does email seem so insecure?

[Moths]

Especially considering recent events why is it so easy to spread malware or phish information from emails from companies?

Is it an inherent problem with email or the client's themselves or is it just really difficult to try and lock down and retardproof email? I mean you cant install a new web browser without 15 co-signed approvals from IT but you can easily sink the whole ship with one dodgy attatchment from rajesh.

 

[Nero Fiddled]

There are two seperate things going on in your example.
Phishing takes advantage of some peoples seeming need to answer all and any questions that are asked, particularly if the questioner appears to have some sort of authority.
That's social conditioning more than a technical issue as you can't programatically remove human stupidity 100%.

As for the technical vulnerabilities of e-mail, that has it's roots back in the early internet days of the 1980's and my best guess would be that the designers of the e-mail protocol;s never envisaged a time where people would intentionally try and damage each other.

If the technology behind "internet" were reconsidered now, with the benefit of hindsjght, it would be totally different from a technology perspective.
Making major changes to it now would be a bit like trying to change the wheel on your car while it was still driving down the freeway.

 

[VargReallyDidNothingWrong]

Is it an inherent problem with email or the client's themselves

The latter. The weakest link is always going to be your average user because they are fucking retarded.

 

[byuu]

This has all been already solved through PPG/GPG signing.
It's just that no one uses it.

 

[Baguette Child]

This has all been already solved through PPG/GPG signing.
It's just that no one uses it.

It's not even that hard to use, but good luck ever convincing normies to try it. Anything that requires even two steps extra is like a brick wall to the average user in the 2020s.

 

[Celebrate Nite]

The weakest link is always going to be your average user because they are fucking retarded.

^this

I've lost count as to how many mandatory online classes/training I've had to take with every office job I've worked in, yet there's always that one moron that will just click things even if they aren't sure who or where it's from.

 

[AmpleApricots]

average user in the 2020s

It's always been like this tbh. many people just really are that stupid, and if they're not stupid they just don't give a shit. It's not something that can ever be won and even if the internet was structured differently, so would be the scams. Even with the most invasive, boot-to-the-neck kind of surveillance and control there would be abuse and fraud, it'd just be done by a different group of people. Because being abusive and scamming other people out of their shit is just as human as being dumb.

Nothing that can be solved by technology.

 

[Short Circuit]

Anything that requires even two steps extra is like a brick wall to the average user in the 2020s.

Worst part is that Silicon Valley niggers could easily implement a protonmail-like model into Gmail or Outlook and thus making the web many times more secure, but I guess the NSA wouldn't like that.

 

[Fomo Hoire]

Is it an inherent problem with email or the client's themselves or is it just really difficult to try and lock down and retardproof email? I mean you cant install a new web browser without 15 co-signed approvals from IT but you can easily sink the whole ship with one dodgy attatchment from rajesh.

Short answer: Backwards Compatibility

Spoiler: Autistic answer

You can't really send an email without approval either - Either you pay for service with money, or you pay with your identity (usually your phone number), or you get a dodgy shit-tier provider like lolcow.email that can go down at any time and probably delivers straight to spam.

You can send spam on day 1, but you're probably limited to like 300 emails per hour and if you're banned for being a spammer, you only have so many phone numbers/IP Addresses/dollars you can use to create disposable addresses on reputable email providers.

You could set up your own email server to make infinite accounts, but if you don't have a clean IP and clean domain and all the necessary DNS configs then your outgoing won't go anywhere.

I often read that you shouldn't self host your own email because it's a pain making sure every possible normie email provider will accept your emails, and it's not worth your time. Once I saw a discussion about how those people lied, it's easy to self-hosted your email! ... As long as you pay someone else to handle outgoing messages. And then they pondered how much of the system needs to be under your own control in order to qualify as self-hosted.

Legend has it, Microsoft detects their own emails as spam.

The problem with spammers is they have so many more opportunities than malicious browser downloads. They send so much junk that even if the majority of it filtered out, they'll get some messages into people's inboxes. And the average person opens more emails more often than they install software. Even a success rate of a percent of a percent of a percent would be a lot of suckers.