Compromised or forgotten private key phrase – Unfortunately, this case is quite common. If your private key phrase has been compromised (for example, due to malware, keylogger, or bad practices such as writing list of australia whatsapp phone numbers it down on a piece of paper, sending it in clearly understandable texts, etc.) or you have simply forgotten it, then you are in serious trouble and we will not be able to help you in any way, except by urging you to change your private key phrase or simply revoke that key pair and start using a new one. (See the “ How To ” section for more details).
A high-level Man-in-the-Middle (MITM) attack – A high-level Man-in-the-Middle (MITM) attack is a type of attack where an adversary (typically a state) can create an extremely sophisticated clone of Mailfence (by spoofing our certificate, which is very difficult but not impossible to do, authenticating a user’s certificate based on false premises, etc.), and somehow spoof all the services Mailfence offers, in order to trick you into confusing us with them, thereby compromising your data on a large scale. Given the complexity and difficulty of such an attack, only high-level adversaries (such as states, etc.) are considered capable of executing it. Due to our efforts to obtain a CA certificate (such as not having any company registered in the United States, etc.) and to offer you the possibility to verify our SSL/TLS certificate , we have strengthened our defenses to the maximum level possible.
State-funded attacks/APTs (DDoS, encryption cracking, backdoor deployment , etc.) – A distributed denial of service (DDoS) attack is typically intended to render an entire service (website) inaccessible, preventing its users from using it. In our 15+ years of operating cloud-based messaging systems, we have been involved in a few such situations, and have done our best to mitigate such risks. Other attacks commonly funded and executed by states, such as decryption , backdoor deployment, sending malicious JavaScript code, etc., could potentially occur; as the saying goes: Nothing is impossible. However, we have taken every conceivable precaution to mitigate the risk posed by such threats.
Before reaching our final conclusions, we would like to state very clearly that Mailfence should not be used for any illegal activity, and that we strictly comply with the legislation in force in Belgium (see our Privacy Policy for more details). Our service is therefore ideal for the protection of sensitive business communications, both private and personal data, of all types of users, both personal and professional (doctors, engineers, lawyers, journalists, teachers, students…).
Right now, Mailfence is a state-of-the-art solution that offers excellent levels of privacy and security. Of course, we are aware that there are users who have very specific adversaries, and who are capable of investing huge amounts of resources to achieve their goals, and it is in this case that even cryptography would not be able to achieve much, as the following comic illustrates.