

Gmail message retention bypasses Mailvelope encryption - SaintSal
https://forensic4cast.com/2013/09/gmail-and-mailvelope-leakage/

======
greenyoda
_" Email is 20 years old and has all of the same restrictions and quirks that
it had when it was first used in 1993."_

E-mail is much older than that. SMTP, the mail transfer protocol that's
standard today, became widely used in the 1980s.[1] E-mail between machines on
the ARPANET (the precursor of today's internet) dates back to 1971, and
already used the "user@host" form at that time.[2]

[1]
[https://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol](https://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol)

[2]
[https://en.wikipedia.org/wiki/Email#Rise_of_ARPANET_mail](https://en.wikipedia.org/wiki/Email#Rise_of_ARPANET_mail)

------
SaintSal
tl'dr; A couple of months back I posted an article about Gmail retention (see
here) in which I showed that Google not only saves copies of your unsent
messages, but virtually every iteration of any message you type is potentially
saved by Google. This means that it is available by subpoena to Google from
whichever entity sees fit.. [With Meilvelope] Yes, your email message is
encrypted. Yes, anyone attempting to intercept the message won’t be able to
read it while either in transit or looking in your sent folder. Yes, this
makes you feel warm and fuzzy because you’re using encryption until you
understand that, yes, Google still has the pre-encrypted message sitting on
their servers. Not only this, but they saved multiple copies while you were
typing your message.

~~~
seanieb
Mailvelope developers are aware of this, the default is to compose emails in
separate window, and not on Gmail.

[https://www.dropbox.com/s/ffidxl4u4dylsp8/Screenshot%202014-...](https://www.dropbox.com/s/ffidxl4u4dylsp8/Screenshot%202014-11-30%2013.10.57.png?dl=0)

