Nokiamies

Perhaps I went too technical there and did not get my point trough. What I try to do is help avoid people from making bad decision for their security or privacy. There are too many shills shilling too many allegedly secure or private services on the internet and unless someone does breakdown for problems with services and claims they may think they are secure to send anything, even data you you normally would not over it when using them. Point you think you are invulnerable is point you are more vulnerable than ever. I want everyone to take any promises of security or privacy with great grain of salt and not put all eggs to one basket.

I missed you guys too. I am happy you both are still here. My life will never be same as it was before but I believe that as long as blood is still pumping on my veins it is worth living and keep fighting forward.

Well then Tutonota cant send anyone not using Tutanota email messages and MXtoolbox or other tools that can check for SMTP will say no stmp found, oh wait it says there is MX record and SMTP https://mxtoolbox.com/SuperTool.aspx?action=mx%3atutanota.de&run=toolpage STMP is not just for sending emails from client it is also means which email server communicate with other email server. Just because you cant connect to SMTP to send message does not mean it wont exist. If there is email server you can send email to there is SMTP on both ends. Now STMP can (and should be) wrapped in SSL/TLS tunnel where it is encrypted similar to HTTPS traffic but if encryption is breached it is readable. And all this time I am referring to standard email, one other side will receive. There are similar commercial solutions with ability to send link to protected mail server but that mail telling you got secured mail is still sent using SMTP between two mail servers. I highly recommend you do more research on email system before you start argue about this topic. I work almost daily with email servers and know how it runs under the hood on any of them. Even Microsoft Exchange despite using MAPI protocol uses SMTP to talk with other mail servers.

I think you missed my point. Even though you send link trough email it is not standard email anymore as I cant read and answer it using email client of my choice. Tutanota and Proton while internally encrypting all still cant talk to outside world without utilising SMTP which is like sending your email on postcard. Even if over ssl it is just writing message to postcard using some secret language, if someone cracks it can read you message. Also you are relying on their server to be secured and not get compromised and even if they actually would be not storing encryption key on their server like they claim some hacker could just inject malicious javascript to steal your secret key and access all your mails. No system is hacker proof and point you become valuable enough target it is matter of time is hacked. And even if they made is hacker proof you still trust for them to run what they claim on their server. Unless you walked there without warning and scanned all server code you can only take their word for it. Showing server source code wont mean they run it on server side unless can inpsect the servers. On the other hand PGP I mentioned is standard and decryption key is only stored locally, if you try read email on server there is nothing to read. While there been exploit like Efail for PGP those been since patched and it did not affect Claws mail.

Even worse they expect you to have whatever smartphone app for something. For example if I need pay someone something they want me to use app called Mobilepay for it and look me like I am crazy when I say I will pay with bank transfer or cash as in Finland transferring money between IBAN addresses is common and does not require any mobile app, it can be done by going to bank or from their website. Or I can just go ATM and get some cash to pay it which can be instantly verified and does work even if phone battery runs out. Some people also only store their train tickets on phone app and then whine when train is on area without cellular or phone battery runs out.

Such as thing as secure email does not exist due to email nature. It was never built to be secure in first place. Even if you encrypt SMTP traffic with ssl and only access email using some client with perhaps even ip based blocking it is still not 100% secure. Solutions like that only add bandages into root issue. Point you are sending email outside "secure" provider it is as secure as on any other provider. Even if you use something like deltagon secure mail which many companies uses it does not offer full security as all i need is link for secure email and open it before original recipient does. And that email link is sent to any insecure email server. Even got SMS MFA to view secure messages there are means to intercept text messages (which i cant talk here) Closest for secure email is to use PGP to encrypt email but I just opt not send anything confidential over the email and treat it like sending postcards.

I think biggest issue is not email itself. Back in day it used to open protocol, it is companies trying lock you into their web apps these days for email access and block imap and pop3 access in name of security or atleast make it hard to access. Also many sites not allowing you to use more than few predefined email providers. I noticed that when switched into my custom email server, many sites says my email address is not allowed please use other provider. I can understand on spam standpoint maybe reduce it a bit but when been working on IT and email servers, most of spam comes from either free gmail or outlook addresses and rarely from new domains. Also big providers mark any email coming from custom email domain as spam even if SPF and DKIM records exists and are valid. It is fight against the windmills. What annoys me even more than requiring email is requiring smartphone app to verify yourself to some sites. Always asked about MFA that why do you need it everywhere, if you passwords are stored on piece of paper and are over 20 characters long. If you device where you logged in to MFA enabled service gets compromised, MFA wont help as they just use login token stolen from browser to access service. I am not saying that MFA is unneeded, in banking for example asking random number from piece of paper makes it harder for random transactions to be made but many people see using constantly internet connected spyware platform as more security option for MFA. I am lucky to be able still use what i have to use without needing smartphone and smartphone apps. If it has to go that point I will do all banking on their office.

Was he german? Usually people don't talk out from other people events unless it was something big like that person death. I am kinda happy people try avoid saying it since I don't want any rumors to be spread around

Seems this cafe is still open after all these years and there are people in here. Well now I am back (ex Mr.Scienceman2000). Why I was few years absent was because I had an accident and got injured pretty badly. Really did not feel like going to forums anymore and instead focused on slowly recovering from getting somewhat up from web with crutches to walk somewhat fine. On the other hand that time gave me time to reflect things on life I was not happy at all with and which felt like they were holding me back. Finally gotten rid of them and now I finally get to live way I want.

I understand and still would like username to be changed. I will add my previous username to my signature and to about page so board users know who i am

I would like to have my username to be changed into Nokiamies

Well I am not control over updates sadly and too many times those who do have control over updates have no idea how update properly, last time they did it task bar and start menu were hosed up. I am testing update on all possible configurations for good reason, but usually it goes that technicians are ignored until stuff break and then we get to do dirty job which could have been avoided. Well this time it seems like they finally listened me on this and things will turn into better. If I would have opinion on it i would have kept mission critical systems that were on their own network and not on office network running Windows 2000/XP/whatever tried and tested OS like they used to be. Still it does not excuse totally Microsoft on this. They do not offer cheap or easy way having non rolling release for OS like it used to be long ago.

I got perfect example of what is wrong with having rolling release forced for Windoze 10 while it is used in enteprise. One factory is running clients between Windows 10 1909 up to latest release. On this monday I had tons of tickets, printers did not work giving driver error, almost all of machines that were used to log work progress or control machines were no longer booting up. After diagnostic I found out new quality update M$ had rolled was blame. It took lot of overtime to fix those issues and by weekend new issues keep popping up . They should rename them Russian roulette updates since you can't be sure how badly it will be hosed up. Most end users have no idea how bad it is when support team need run to every workstation trying get them up and running. Sometimes even reinstall would be too slow option since 4 hours production lines stopped can cause millions on loss. Even with automated reinstall it is still too slow I can see no reason to defend Microsoft rolling updates to Windows, you cant release that type of garbage into production environment . Well atleast robots are still controlled trough Windows XP there.

i was meaning trying reinstall key it currently got in case something have caused key to be corrupted. I have had that few times.

You can try following commands from command line that helped when I had issues and Windows refused reactivation. slmgr /ato tries online activation if that fails with bad key use SLMGR /IPK <INSERT KEY HERE WITHOUT BRACKETS> to install key if that wont work try phone activation with manual command SLUI 4 then pick your area to find local MS number. it seems to be by design that Microsoft does not allow reactivate from gui when they believe Windows is not genuine. I had that with Ryzen PC and doing that fixed issue