This article is talking about what I call pseudo E2EE, not real E2EE.<p>- Pseudo E2EE is where an email or chat vendor is encrypting the contents using the keys they generated on behalf of their client of which they can control via <i>targeted ephemeral</i> updates. Most centralized platforms doing E2EE for email or chat is really just pseudo E2EE. It's probably useful for protecting against some junkie that stole your laptop or phone. Pseudo E2EE can be target-bypassed with a warrant by making subtle changes to the client via targeted ephemeral updates.<p>- Real E2EE is when the email client controlled by the sender and receiver manage key exchanges out of band and encrypt the email themselves, meaning POP/IMAP still work as expected, the server can not see the clear-text version of the body and the client can choose whether to store encrypted or unencrypted. All they get is the meta-data and if that is an issue, do not use email. To hide meta-data use anonymous SFTP on either your home router or a disposable VM instead and encrypt all the contents and zero out the contents and after delivery. Use a ram disk if the contents are small enough and reboot after delivery.<p>Thunderbird makes doing real E2EE just a few clicks. It's happy-clicky. One can exchange their public keys with friends and associates however they wish. Making local backups of the Thunderbird data folder is trivial and it can be stored offsite wherever the client wishes. Real E2EE can not be bypassed without abducting one of the recipients and putting them under duress <i>warrant and arrest plus threat of imprisonment, torture, etc...</i> There are a myriad of ways to further mitigate these attack vectors.