Privacy

31265 readers

451 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 4 years ago

MODERATORS

Can email masking be "transparent"? (lemmy.world)

submitted 1 year ago by scorchingheat@lemmy.world to c/privacy@lemmy.ml

12 comments fedilink hide all child comments

I've been trying out Firefox Relay for a couple of months, and I really like the idea of hiding my real email address. The only thing putting me off from this concept is the fact that it makes my experience significantly worse, as it's now harder to quickly understand where the email comes from.

A simple example: if I give my real email address to an online shop, I will receive a confirmation email with

From: Online Shop

Which is trivial to read.

If I give a generated Relay address, then the emails will come as

From: "noreply@onlineshop.com [via Relay]"

Which is much harder to parse off a quick glance, especially on smaller screens like a smartwatch.

When receiving emails, I don't really care if they were forwarded via Relay, and I would much rather see the original sender in the From field. Is this necessary for proper privacy, or just an issue specific to Firefox Relay? And if so, is there any other email masking platform that supports what I'm looking for?

you are viewing a single comment's thread
view the rest of the comments

[–] jet@hackertalks.com 5 points 1 year ago (3 children)

I HIGHLY recommend using custom domains and a email catch all instead of relay services.

Example Online Shop sends email to OnlineShopName@email.mydomain.com

Now in your email client you can filter by the To: line for OnlineShopName@email.mydomain.com and see everything

If you use a service like fastmail that supports dynamic from addresses, when you reply to one of this catch all emails your client's from address will be set to the address you used.

[–] lustrum@sh.itjust.works 3 points 1 year ago (1 children)

Damn I wish Proton did that! I have to create and delete aliases on the fly on the rare occasion I need them.

But yes I love the custom domain catch all option. Stuff like adding prefixes to do filtering. bills, shopping, newsletters. Then allows easy and automatic filtering to folders.

[–] Cralder@feddit.nu 3 points 1 year ago (1 children)

Proton does offer this with simplelogin right? (Unless I misunderstand what you mean) I always sign up to stuff as @..com where the alias and domain are chosen once and then all adresses to that domain forward to your proton inbox.

[–] lustrum@sh.itjust.works 1 points 1 year ago

Yeah it does. But I don't use simple login.

[–] Klystron@sh.itjust.works 2 points 1 year ago

+1 for fastmail. Been using it for over a year now with my custom domain, very happy. Synced with 1password so it can autogen masked emails.

[–] Atemu@lemmy.ml 2 points 1 year ago (1 children)

Custom domains and aliasing services have two slightly different purposes as aliasing services can serve to mask your identity aswell.

A custom domain still enables tracking across accounts.

[–] jet@hackertalks.com 1 points 1 year ago (1 children)

It would require a human to do that linking. Nobody knows how many people have emails at your domain.

You could use a anonymous domain hosting service to register the domain as well.

[–] Atemu@lemmy.ml 1 points 1 year ago* (last edited 1 year ago)

It would require a human to do that linking. Nobody knows how many people have emails at your domain.

Advancements in data science in the past 2 decades have shown the opposite.

You could use a anonymous domain hosting service to register the domain as well.

The problem is not the paper trail between domain and you but the domain being a proxy for you, the person. Let's take an example: You register the totally anonymous domain algk3oii01aslf0.com. Super duper secure and anonymous, right?
Now you use a catch-all to register your accounts using servicename@algk3oii01aslf0.com on facebook, Google, M$, Reddit and what have you.

Do you see the problem here? If those services were to collaborate (indirectly, they do on a certain level), that'd enable them to identify you as a single entity across these services. Your activity is tracked and attributed to a certain identifier. Whether that identifier is your real name or just a random UUID is of little relevance; it's still you being tracked.

For the services I listed, this discussion is probably redundant as they have thousands of other means to fingerprinting you but you don't have to make it easy for them either.