Regarding PGP being used between 2 providers, eg Google and Proton, what prevents Google from viewing the messages client side after they’ve been decrypted?
I don’t think that googles mail Client supports pgp. And if you use a client you trust with Google mail, the content of your mail is encrypted.
They will still use metadata to track who you are talking to and about what. The Mail subject is metadata and therefore not encrypted.
So to keep your conversations private, dont use gmail, and probably don’t use mail at all, use something build with encryption in mind.
If you’re connecting to gmail over pop/imap, no problem.
If you’re using the native gmail webmail or google chrome… They could.
The thing that stops google (or proton for that matter) is that you don’t give them the keys.
Don’t worry, your email to requests@luigifanclub.cc with the subject line of “next target” is safe. /s
h-hey dont leak me ~
If you’re using a third-party email client, but using a gmail email address, then PGP would stop Google from reading your emails (assuming the private keys aren’t compromised).
If you’re using their email client, then nothing stops them from decrypting your emails if they really wanted to. IIRC, gmail doesn’t natively support PGP anyways though, so you’d have to use a third-party client.
There are extensions that let you encrypt/decrypt messages right in your Gmail inbox. I’m not sure whether that would let Google grab the decrypted messages using JavaScript, though.
Thank you. This was my understanding too.
