For transparency sake, I’m the new maintainer of this website. Just wanted to share it here. I was thinking of creating a community for it, but I don’t know if it is worth it.

I hope someone find it useful. If you want to contribute, collaborate or just share your opinion, you’re more than welcome! The repository for the website is here https://codeberg.org/ThePrivacyRaccoon/website

  • sir_reginald@lemmy.worldOP
    link
    fedilink
    arrow-up
    7
    arrow-down
    5
    ·
    edit-2
    1 year ago

    Edit: read here https://privacy.awiki.org/fake-privacy-initiatives/thunderbird.html not as in depth as I would have liked it, but I’ll do for now

    It is easy to check by yourself by reading their privacy policy and analyzing the automatic connections that Thunderbird makes using Wireshark or mitmproxy.

    I can’t find any in depth analysis right now, I might have to write it myself. But this page, although a bit outdated, gives some information about it:

    https://spyware.neocities.org/articles/thunderbird

    Thunderbird has also been vulnerable to a lot of email attacks because it has JavaScript enabled by default. See efail for the most notable one.

    The email client that is recommended, Claws Mail, does not make any automatic connection and by default has no HTML renderer which improves security.

    Edit: forgot to mention that Thunderbird supports cookies, which IMO are totally unnecessary for a email client and just add another way of tracking the user.

    • 𝕸𝖔𝖘𝖘@infosec.pub
      link
      fedilink
      English
      arrow-up
      16
      arrow-down
      1
      ·
      1 year ago

      It would easy for a technical individual, maybe, but not to the layman, which is the person that privacytoolsio was designed for. I appreciate the link, by the way.

      A small suggestion: if you’re going to make a statement, such as “Thunderbird which is spyware and bloated”, you should add sources that helped you come to this conclusion. Making a statement without citing your sources, isn’t super helpful, as we don’t know you and whether you’re actually knowledgeable or more like those “covid shots have nanobot tracers” people. Regardless, super nice repo! It seems like a labor of love, and I really appreciate you sharing it. I look forward to how it develops.

      • sir_reginald@lemmy.worldOP
        link
        fedilink
        arrow-up
        6
        ·
        edit-2
        1 year ago

        Thank you! I do research for myself so why don’t share it with others.

        And you’re completely right, sources are needed. I’ll try to add them tomorrow to the website, for now, I’ll leave some of them here, just in case anyone is interested:

        From Thunderbirds Privacy Policy, the most interesting bit is that they share your IP with Amazon:

        Thunderbird uses Amazon Web Services (AWS) to host its servers and as a content delivery network. Your device’s IP address is collected as part of AWS’s server logs.

        source: https://www.mozilla.org/en-US/privacy/thunderbird/

        Thunderbird has had various security flaws in the past, most notably efail. A table noting the email clients affected by this vulnerability:

        efail

        source: https://efail.de

        I’m sure there’s more, this is just what I found with some fast searches.

      • sir_reginald@lemmy.worldOP
        link
        fedilink
        arrow-up
        3
        ·
        1 year ago

        I didn’t say otherwise. If the focus of the site was user friendliness and moderate privacy, Thunderbird would be the first on the list.

        But our privacy standards are higher than that and we avoid software that has telemetry especially when there are other options available.