Alternative to Gmail

originally posted by: AdAstra
a reply to: Restricted

That's what I heard, yes.

I've had an account for a couple of months now. You can always request an account and use version 2.0, but it's very limited.

They've got some work to do.

Why alternatives should be sought.
Nothing will be safe from them, but there are serious reasons for not using the likes of google etc. Google etc scan all your emails for keywords for the purpose of advertising. This leaves it open for abuse! I wrote a thread about why stored data is a risk, look HERE.

StartPage also offer a good secure email.

CEO Robert Beens attributes StartMail's early success to Ed Snowden's revelations about government surveillance, along with concerns that Hotmail, Yahoo, and Gmail are scanning people's private communications for marketing purposes. “Consumers are ready for a change. They're fed up with dragnet government surveillance and the 'stalker economy,'” he said.

StartMail is based outside of U.S. jurisdiction in Europe, where it is not directly subject to U.S. mass surveillance mandates, and the company has vowed never to cooperate with programs like PRISM. StartMail was built by the team behind StartPage.com and Ixquick.com, the world’s most private search engines, which have a proven track record of protecting user privacy for nearly 10 years.

Unlike other companies, StartMail does not mine customer data for marketing revenue, and never reads people's messages. One-year StartMail subscriptions are $59.95 (€49,95), or about $5 per month and can be purchased online at www.startmail.com.

a reply to: Restricted

Thank you for the heads-up.
I think this sort of personal exchange of experiences is essential.

originally posted by: VoidHawk
Why alternatives should be sought.
Nothing will be safe from them, but there are serious reasons for not using the likes of google etc. Google etc scan all your emails for keywords for the purpose of advertising. This leaves it open for abuse! I wrote a thread about why stored data is a risk, look HERE.

StartPage also offer a good secure email.

Well, yes, exactly. Add to that the simple fact that I refuse to fatten Google's wallets any more than I have to, and you've got my reasons for a change of address.

Thank you for the tip!

originally posted by: Restricted
ProtonMail is in version 3.0 and it is full of bugs. It's fetal. It's based out of CERN in Switzerland and it's end-to-end encrypted. I don't recommend it yet.

I just noticed that a few others are saying the same thing as well, thanks...

How to spell snake oil? P-R-O-T-O-N-M-A-I-L

Browser based cryptography is conceptually no different from server side crypto. Which is snake oil for the security gullible. And if it is implemented so poorly as for Protonmail, then all it takes to "hack" the platform is a browser, see link. That's why I'm with MyKolab, for their no-bull# approach to this: mykolab.com...

First look at secure email provider ProtonMail

3) Protonmail is a (bad) joke. It is even worse than Unseen.is.

4) I strongly advise you not to use BitMessage, unless you have bandwidth to burn and are willing to face ridiculous accusations like "carrying e-mail traffic for terrorists/child molesters". Establishing a good, secure e-mail communication line is a headache enough; you don't want the additional headache of carrying other people's encrypted communications.

5) GMX is just webmail; I couldn't find anything on their site that says the e-mail is encrypted on the client - or even on their server.

6) Tutanota doesn't work well with external recipients (i.e., who are not Tutanota users). You need a separate channel to convey them the encryption key, which is a hassle. But it is insecure even between Tutanota users. They keep your secret keys for you. Yet another "trust me" service.

7) MyKolab does not provide encrypted e-mail. They suggest that you use Thunderbird+Enigmail:

8) Posteo is some German-language crap without even an English user interface. My knowledge of German is limited but it seems to be yet another "trust me" service.

Safe E-Mail Provider

a reply to: Murgatroid

Like I said, exchanging personal experience is essential.
(Keeping in mind, of course, that such technology is bound to change fairly quickly - for the better or for the worse.)

I am a little surprised to see claims that Tutanota doesn't work well with external users.
That is not my experience. So far, all of my friends' mails from other addresses have arrived.
But I haven't had it for long.

I should clarify -

ProtonMail is end-to-end encrypted IF BOTH USERS ARE USING IT.

I like the concept of PM, but we'll have to wait a while for the full benefit of what they're promising to deliver.

The UI is also primitive.

a reply to: AdAstra

Yahoo? Old AOL? Both free

Also, I don't think anything is really private from the US Government. They've proven to have their grimy paws in EVERYONE'S business, sometimes with the help of other governments.

None of the bastards can be trusted.

originally posted by: mysterioustranger
a reply to: AdAstra

Yahoo? Old AOL? Both free

Both suck. You have to provide a phone number to sign up as well.

a reply to: Restricted

But at least we can stop feeding Google.

P.S. I agree regarding Yahoo & al.
If you have to give ANY piece of personal information - forget it.

a reply to: mysterioustranger

It's not about being free (in fact, I chose to pay - albeit just 1 euro per month : ) - for the premium account).
It's about privacy - which Yahoo doesn't offer (not to mention some other grievances I have against it) - and it's about principles. Principles rate very high in my book.

originally posted by: AdAstra
a reply to: Restricted

But at least we can stop feeding Google.

P.S. I agree regarding Yahoo & al.
If you have to give ANY piece of personal information - forget it.

Yeah, Google, Hotmail, SSDD.

With Hotmail you spend more time answering security questions to get back into your account than you do sending and reading email.

Garbage.

a reply to: Restricted

Yes, it's like Tutanota, I gather.
You and the recipient have to have a shared password in order to read any encrypted email.

originally posted by: AdAstra
a reply to: Restricted

Yes, it's like Tutanota, I gather.
You and the recipient have to have a shared password in order to read any encrypted email.

Oh, I don't think I like that.

a reply to: Restricted

It's remarkably hassle-free, actually.
And of course, you can send a non-encrypted email any time.

a reply to: AdAstra

I'll look into it. Thanks.

Nice talking to you. Gotta go.

originally posted by: AdAstra

originally posted by: Esoterotica
People still use email?

That's weird.

Well, in my experience it does beat mail pigeons.

Then you haven't trained them properly, obviously.

Its probably important to note that anything that is sent through a common network backbone can be intercepted. Some encryption can help, but may also raise flags.

If a user is concerned about communicating with privacy and security, its probably best to avoid technology in general.

Enter the properly trained pigeon.. Called a "drone" in some places.

originally posted by: Restricted
a reply to: Murgatroid

ProtonMail is in version 3.0 and it is full of bugs. It's fetal. It's based out of CERN in Switzerland and it's end-to-end encrypted.

I don't recommend it yet.

I recommend it as a viable alternative to any other encrypted mail program currently available.

Secure and does not keep passwords (if you lose it the account is never reclaimable because they do not that the key).

You won't get this in the US and you can bet the NSA is very upset to try and spend valuable processing time finding out that the email was a pudding recipe....

originally posted by: notmyrealname
I recommend it as a viable alternative to any other encrypted mail program currently available. Secure and does not keep passwords (if you lose it the account is never reclaimable because they do not that the key). You won't get this in the US and you can bet the NSA is very upset to try and spend valuable processing time finding out that the email was a pudding recipe....

Something about Protonmail I just finished reading that might interest you...

"All data is stored on secure servers in Switzerland."

No.

All data is stored on SERVERS in Switzerland.

There is no such thing as a "secure server". Anywhere. By anyone. At least, not if it has any route whatsoever to the Internet or any other network.

And even a standalone machine must rely on physical protection which ultimately can always be bypassed or destroyed if the attacker has sufficient resources and motivation. Which, as ilev noted above, is indeed the case with the US vis-a-vis Switzerland. People need to stop using the word "secure". Things are "secure" only up to the exact instant that someone else with motivation and resources doesn't want them to be. There is no such thing as "secure email" and likely never will be.

Do not look to a provider to give you "email security". The only "security" your email will ever have is strong encryption which is completely controlled solely by yourself and your recipients. And unless you're a competent cryptographer who's written his own stuff AND had it tested by others, you'll still be relying on someone else' software which may have been compromised along the way. AND you and your recipients also need to control access to the keys which is a huge weak point. For MOST people, this is sufficient. If you're at actual risk of life and limb - it's not.

Look at the recent report on how US law enforcement has managed to penetrate almost EVERY encrypted communication they've tried to wiretap. It should give everyone pause to reconsider whether "secure" communication is at all feasible.

First look at secure email provider ProtonMail

How to spell snake oil? P-R-O-T-O-N-M-A-I-L

Browser based cryptography is conceptually no different from server side crypto. Which is snake oil for the security gullible. And if it is implemented so poorly as for Protonmail, then all it takes to "hack" the platform is a browser, see link. That's why I'm with MyKolab, for their no-bull# approach to this: mykolab.com...

First look at secure email provider ProtonMail

Email is not secure. Messages delivered to ProtonMail's servers are readable, even if sent with TLS, it is ultimately RFC 5321 and 5322 plain text. ProtonMail may then encrypt the message with the user’s public key before storing on it’s servers, however if the user wishes to send a message it can only be sent in clear RFC 5321 and 5322 plain text. Less than 50% of SMTP servers implement TLS, so ProtonMail has no choice but to send and receive in clear text to the majority of mail servers, irrespective of how the messages is stored.

What’s the real secure mail solution? Encrypt messages in the messaging client, like Thunderbird or Outlook using PGP and the like. The recipient can only read the message if they have the right key. The message header cannot be encrypted as it is used to route the message, but the body and any attachments are fully, privately encrypted. Then you can use Gmail, Hotmail, Yahoo, whatever, to send and receive with POP/IMAP, but not the webmail interface. Email was never designed for the security requirements of today.

First look at secure email provider ProtonMail