[Cryptography] What ever happened to end-to-end email encryption?

John Levine johnl at iecc.com
Sun Aug 22 17:05:02 EDT 2021


It appears that Christian Huitema <huitema at huitema.net> said:
>Maybe. I receive lots of spam, but so far I have not received any 
>encrypted spam. That would not be hard, spammers could retrieve my PGP 
>key from a number of key databases. But they don't bother, and I wonder 
>why. ...

Because there are so few PGP users that it is not worth the effort.  Spam
is an exercise in vast volumes and very low return rates.

>that would not be profitable? But if the latter, wouldn't encrypted 
>email be a wonderful channel for a spear-phishing attack?

Yup.  I wouldn't count on it not having happened yet.  There's a whole
lot of it that never gets publicly reported.

R's,
John


More information about the cryptography mailing list