On Thu, 30 Nov 2023, D.J.J. Ring, Jr. wrote:
I am also concerned with loosing Google html search page but one for
duckduckgo.com exists. I include everyone in my message who could
benefit by any changes that increase accessability to all.
... but at the same time reduce security for all. You see, the information
you keep in your email is not just your information, it is also mine and
belongs to everyone else that has corresponded with the person that chose
not to protect their email, and although I have no control over who you
choose as your provider and the things that your provider can do with your
email, you seems to be okay with having external people accessing
information othe people gave you. This might be in confidence, or maybe
sensitive. If all the emails in your account were your creation for your
personal use it would be different, but your email contains information
about others, which also needs to be protected from third parties.
Most of the people that I am working with that are having the most
problem are those using console line interface (CLI) and who often never
have a graphical interface (GUI) installed.
Most have changed their email program to mutt but they very much miss
the features available in alpine like its address book and ability to
access newsgroups.
I am sympathetic to the needs of people, especially people with
disabilities. I might be one of them in the future. However, my security
is more important to me than their wants. As you know David, there are
ways to remove the password from the encryption key, making the encryption
efforts useless. If someone does not want to follow the procedure to
remove that password, that is on them, not on me. There are clear
directions to do that.
I will say one thing about the method Carlos posted to remove the password
file. I was aware of this, and I have seen posts like this in the past.
Alpine has the ability to remove this password too, and I have posted in
the past how to do this. This means, there are two ways to remove the
password from the encryption key, and I will modify Alpine to force
everyone to have a password in the encryption key. Please do not
misunderstand me, I did not say that I will force everyone to enter a
master password, I said I will force the file to be be encrypted with a
password, which either the user will know or that Alpine will know, but
that key will have a password. Unfortunately, as always, the way this will
work will be in the source code and hackers will be able to figure it out.
Removing the password from the encryption key will force alpine to create
a new key with a password only known to Alpine. Today you can transfer
your password file from one machine to another and have it work smoothly
in the other machine. I do not guarantee that this will be the case for
those that choose to "remove" the password from the encryption key.
One of the problems they are having is with Gmail, they've managed to
get an application specific password, and can use alpine by using an old
version which does not have the master password, but Google has changed
the way email is displayed, what used to be the default was the INBOX of
their email, but now they have to change folders to one labeled Gmail
and inside there they have to select the folder with the new email.
I am having a hard time understanding this. This seems like a
configuration issue, not a Gmail issue. Are these people reading email by
accessing it through a collection list? or do they read their email by
configuring the inbox-path? (and maybe separately the collection list). If
you need to skip [Gmail], add it to the collection list configuration.
It seems that it would be possible when configuring alpine to have a
switch much like the one that creates the ability to use the pinepass
file.
I agree with you. This is not a technological requirement. It is a choice.
Some people like me choose to make it mandatory, some people choose to use
mutt instead, and some people choose to remove the password from the
encryption key. We can all coexist in this world and make our choices. My
choice does not force the choice of other people. I hope people that
disagree with me choose to remove the password for the encryption key, not
go to mutt, but that is their choice. After all removing the password from
the encryption key will give them the experience they are looking for, and
if they do not wish to do that, well, that is their choice too.
--
Eduardo
_______________________________________________
Alpine-info mailing list
[email protected]
http://mailman12.u.washington.edu/mailman/listinfo/alpine-info
