• Elias Griffin@lemmy.world
    link
    fedilink
    English
    arrow-up
    18
    arrow-down
    48
    ·
    edit-2
    1 year ago

    I’m seeing many people recommend Thunderbird. Let me enlightnen you.

    I personally never trust any software that is not secure and private by default. Mozilla Corp is a for-profit corporation that makes nearly a Billion dollars in cooperation with Google monetizing data about your life. Thunderbird is Mozilla and if you setup with the Wizard, it already got the basics about your email life even if you disable it later.

    Thunderbird Not Private by Default

    • Sends all interactions with it to Mozilla
      • Whether calendar is in use
      • How many filters you have
      • How many email accounts you have
    • Computer/Device Information including hardware configuration
      • Operating system
      • IP address is logged

    https://support.mozilla.org/en-US/kb/thunderbird-telemetry

    Disabling Telemetry

    1. Click the menu button Menu Button and select Settings.
    2. Select the Privacy & Security panel.
    3. Scroll to the Thunderbird Data Collection and Use section.
    4. Deselect the Allow Thunderbird to send technical and interaction data to Mozilla checkbox.

    Thunderbird Bad Security Practice of using a Primary Password

    https://support.mozilla.org/en-US/kb/protect-your-thunderbird-passwords-primary-password

    17 Criticial or High Vulnerabilies this year alone

    Conclusion

    If email security and privacy means a lot to you, or even computer security and privacy, your best options are to use BSD/UNIX/Void/Alpine and Claws-Mail. That is just the way the cookie crumbles in 2023.

      • chaospatterns@lemmy.world
        link
        fedilink
        English
        arrow-up
        45
        arrow-down
        1
        ·
        1 year ago

        It’s true that Mozilla does collect telemetry and that Mozilla Corp is for profit, however Mozilla Corp is owned by Mozilla Foundation. That ownership structure is either a way to get around limitations on non profits, or its an opportunity for the Foundation to directly influence the Corp to be better.

        However, I’ll still use Firefox/Thunderbird because: Usage stats such as number of accounts or filters is in no way comparable to my username and password. One is basic metadata and stats, the other is a massive risk. You can opt out of the telemetry, the only way to opt out of sharing your password is to not use the new Outlook.

        I take a more pragmatic approach to privacy based on my trust. I understand the value of telemetry, but change it depending on the company. Big Tech I have less trust in, Mozilla, while they have issues, are on average far better for privacy vs big tech.

        As a developer, I understand the value of telemetry and the risks that come with collecting any data. I pick Firefox because it challenges the homogeney of Google’s influence and it looks like I’m going to pick Thunderbird because I’ haven’t seen a better option.

        • Elias Griffin@lemmy.world
          link
          fedilink
          English
          arrow-up
          5
          arrow-down
          32
          ·
          1 year ago

          Whoa, 9 upvotes instantly, then a block of 11 downvotes, then another block of 8 downvotes, and then a challenger reply, very interesting! Refute this guy he says! It’s hard when someone challenges long held viewpoints, I get that. I live and breath security for decades now, there is nothing to refute, I left those parts out.

          I’m choosing to repond here because this is a typical Big-Tech marketing speak viewpoint, that somehow Mozilla is to be trusted, that Mozilla isn’t Big Tech. Well, it obviously is Big Tech to the tune of almost a Billion, what! The way they hide that massive Mozilla Corp money behind a non-profit, sketchy!

          Right there you should not trust them

          Even though you can opt-out of the Telemetry, which can be useful if done correctly, the majority of the most valuable data about your digital life is already collected when you set it up. Opting out only disables further collection.

          Mozilla is a significant part of increasing Google’s hegemony if you read the article, you have it backwards! The Internet Data search et al. valuation is vastly superior [value] to browser valuation or market share to which Firefox is only something like 7%.

          Lastly going with Thunderbird because it’s the least bad is a terrible choice to have to make, isn’t it? Do I have that wrong? Even if you are on Windows, you can determine to not play the least-bad game of Big-Tech selling the least amount of details about your life and just run your email somewhere else, even in a VM.

          I’m here for people power and not Mega-Corp power. I’m writing this at the keyboard right now willing to get flack and downvotes, for you. I gave you the viable option, Claws-Mail.

          Some may say yeah, but BSD/Linux Claws-Mail is not a shiny UX experience and those shinies are worth sale of my digital identity/me. How Gollum of you!

          Yeah, I said it Lemmy, I said it! Don’t sell yourself for free because it’s easier or “more intuitive” or “works better”!

          • Skies5394@lemmy.ml
            link
            fedilink
            English
            arrow-up
            11
            ·
            1 year ago

            Complaining about downvotes is a sure fire way to get more downvotes.

            But I don’t think there’s anything wrong with the information you’re presenting, so much as the way you’re presenting it.

            There’s tons of emotion around news and facts these days and people just want it cut straight without the fat. Don’t tell us how to feel, or why we should feel that way, tell us what the facts are and we’re grown ups, we’ll put our big people clothes on and make up how we feel about it on our own.

            Any emotion you put into it is likely to undo any good points you may have made. There’s a time for that, this isn’t it.

            • Elias Griffin@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              arrow-down
              16
              ·
              edit-2
              1 year ago

              Ah, this post, it was bound to happen. Thing is I know all the internet social rules. I was on a baud modems and Netscape Navigator. I’m an expert at Psychology and many other things.

              Let me condense your rules. No judgement, no emotion, no against-the-grain, otherwise I will accumulate anonymous/secret peer pressure ostracizing. Trust me I know, any high schooler will tell you these rules. However, what does that system sound like it will conclude in, a communication expectation of no judgement, no emotion, no singular criticism?

              I’m choosing not to play by those rules because they don’t improve the human condition which is what I’m after, even if it’s only 1 person. Judgement is needed, shame is needed, they’re aren’t many grown-ups as you say, they just think they are, otherwise the state of technology and the world would not be so dismal and disasterous right now with America being the fattest and most depressed it’s ever been. Harsh words, but true.

              You might say who am I to do that? There are many responses I can give, but perhaps the best one is, that I’m anyone, someone, willing to give voice, passion, and a well-thought out and logical counter to the current group-think where people pimp themselves out to Google and Mozilla.

              You also mistake me. I didn’t post about downvotes to be contrarion against the crowd, a well known pyschological phenomena, but to hint at, make an inference to, that it was unnatural, algorithmic, let’s say.

              • Skies5394@lemmy.ml
                link
                fedilink
                English
                arrow-up
                12
                ·
                1 year ago

                So you get carte blanche to be insufferable because you consider yourself to be a holier than thou messenger with self-assigned credentials?

                • anotherandrew@lemmy.mixdown.ca
                  link
                  fedilink
                  English
                  arrow-up
                  9
                  ·
                  1 year ago

                  Pretty much my conclusion. Their writing style is completely off-putting and even if they have good points, I’m not going to endure their attitude to try to get to them anymore.

                  I’ve been online just at long, if not longer than them, and their “type” is nothing new. Nor is the solution: smiles and wave, boys, smile and wave.

                  • wols@lemm.ee
                    link
                    fedilink
                    English
                    arrow-up
                    7
                    ·
                    1 year ago

                    Honestly, their comment reads like copy pasta. That first paragraph is chef’s kiss.
                    I initially thought they weren’t being sincere, something something Poe’s law…

                    (’ v ')/

                • Elias Griffin@lemmy.world
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  arrow-down
                  10
                  ·
                  1 year ago

                  A spiteful response that misses every mark while proving my point. Thanks for the extra credit.

                  • nomadwannabe
                    link
                    fedilink
                    English
                    arrow-up
                    4
                    ·
                    1 year ago

                    The way you write is very off-putting. It seems like many people agree. I read your comments because I was interested in the information but yeah. Not trying to be mean, but I understand why you’re getting resistance while you’re trying to provide info.

          • legoshark@lemmy.world
            link
            fedilink
            English
            arrow-up
            8
            ·
            1 year ago

            I appreciate your informative post. I almost down voted it for the statement that Mozilla is big tech, but you do have a valid point that they are on Google’s leash. I wish it weren’t that way and that they were self-sustaining, but it is what it is. In my mind, they are better than the big tech companies because of their non-profit ownership, but non-profits can be corrupted. I’m still going to continue using Firefox though since the web desperately needs browser competition and it’s the only competition in town =)

      • thomask@lemmy.sdf.org
        link
        fedilink
        English
        arrow-up
        15
        arrow-down
        1
        ·
        1 year ago

        Honestly I’m glad they highlighted the telemetry. I went through the local report about what’s included and while it’s not an upsetting level of detail, it’s more comprehensive than I would have opted in to if asked.

        Still, as sibling points out it’s in a completely different league from slurping up your IMAP creds, something which has always been local-only data. This is the second time I know of recently where MS has trampled on this kind of local-only expectation - the other was Edge defaulting to sending the contents of textboxes you’re filling out on webpages to the MS cloud for spelling and grammar checks. Thunderbird is still a sound recommendation, and unlike Microsoft, I trust that if I uncheck the telemetry box they’re not going to try to get me some other way.

    • Saki@monero.town
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      Thunderbird doesn’t passphrase-protect your PGP key. Though you can set a general password… For something less important, its OpenPGP may be convenient, given that if you send/receive email normally, there is metadata problem anyway. But if you need to play it safe, you may want to use gpg offline and paste ascii.

      Increasingly more and more “phoning home” is not exactly comfortable, either: thunderbird-settings.thunderbird(.)net location.services.mozilla(.)com addons.thunderbird(.)net versioncheck.addons.thunderbird(.)net services.addons.thunderbird(.)net, etc. Perhaps people today, both users and developers, feel something like this is normal, because things were already more or less like this when they were born.

      Re: Micro$oft - It might be that after raped by Google, the society has been desensitized and stopped feeling anything about “minor details.” Why worrying now? You use a Windows 10 passport account (what is it called?) just to log on to “your own” computer and also a Gmail account anyway, right? So bad news is, your privacy is almost zero already.