Topic: Safe E-Mail Provider (Read 2276 times)

http://www.wired.com/2007/11/encrypted-e-mai/     

Would not use Hushmail, there are much better email providers out there.

any thoughts on hushmail?

... and metadata. It actually makes sense to choose a provider that at least tries to protect your privacy for a number of reasons.
#1 While no company can deny a judicial requested they should instist on one.
#2 Freemailproviders in general generate data on their own because thats their bussiness model. Thus it makes sense to pay for the service which gives your provider less incentive to profile you and sell it via the marketing department.
#3 not everyone you contact might use encryption
#4 while any mailprovider should use SSL, e.g. GMX did not for ages.


GnuPG (same as PGP) is independent of the provider you use. They might not support it on their website, but one should not do encryption on a remote server anyway.


While you are correct that the location may not be relevant in certain cases, for actual law enforcement (not those creating a surveilance state hunting "torrorists") juristiction does matter. Besides OP specifically asked for providers outside the US.


Encryption can not be provided by a remote server in a meaningfull way. What are you talking about here?


I like that you think something is crap when you dont understand a word about it, makes you look like a very intelligent person.

On a more serious note, I actually thought they had an english UI by now.

Www.yandex.com dutch company servers located in a secret building in Moscow.No probs in 2 yrs

gmx?

.... bitmessage...

The "good encryption" is encryption that is located on your computer. You also need to obtain the public encryption key of the recipient in a way that you can confirm that it has been unaltered.

Encryption is not hard to do, but finding other parties that also can send and receive encrypted email is the harder part. You also must communicate with people who have the sense to decrypt and read the message where it can't be intercepted.

You can send and receive encrypted email with any provider, but it is much easier if they have POP/IMAP access so you can run your own client software instead of cutting and pasting the message to decrypt. Also note that the "metadata" of email transit and the sender/receiver info that spy agencies claim to have the warrantless right to intercept cannot be masked.


https://securityinabox.org/thuderbird_encryption

If u r looking for Disposable Temporary E-Mail Address, u might like to try guerrillamail.com.

1) The suggestion to run your own SMPT server/domain is plain ridiculous. If you do the encryption on your own computer (as you should, if you want security), then it doesn't matter where the server is and who owns it. It will see only encrypted messages anyway. So, as I said, if you don't care about compatibility with PGP users, just use Thunderbird+Enigmail+GnuPG and any e-mail carrier. I know that it will work with Yahoo! Mail. Maybe it will work with GMail, too - I just never tried configuring Thunderbird to use GMail.

2) Where the server resides is irrelevant. The Swiss cave in to US pressure and broke even their own bank secrecy laws - do you seriously think that a Swiss-based company will refuse to execute a man-in-the-middle attack (like Hushmail did) if the magic word "terrorism" is mentioned by men in suits? If you want security, choose a solution that does not require you to trust the server - not one that relies on the server being in a "trustworthy country". If you do your own encryption, it doesn't matter if the server is based in the USA or elsewhere. The worst the US authorities can do is cut your e-mail service.

3) Protonmail is a (bad) joke. It is even worse than Unseen.is.

4) I strongly advise you not to use BitMessage, unless you have bandwidth to burn and are willing to face ridiculous accusations like "carrying e-mail traffic for terrorists/child molesters". Establishing a good, secure e-mail communication line is a headache enough; you don't want the additional headache of carrying other people's encrypted communications.

5) GMX is just webmail; I couldn't find anything on their site that says the e-mail is encrypted on the client - or even on their server.

6) Tutanota doesn't work well with external recipients (i.e., who are not Tutanota users). You need a separate channel to convey them the encryption key, which is a hassle. But it is insecure even between Tutanota users. They keep your secret keys for you. Yet another "trust me" service.

7) MyKolab does not provide encrypted e-mail. They suggest that you use Thunderbird+Enigmail:

https://en.wikipedia.org/wiki/MyKolab#Email_encryption

8) Posteo is some German-language crap without even an English user interface. My knowledge of German is limited but it seems to be yet another "trust me" service.

As I said, the short answer to your question is "no". But maybe your requirements are less strict than mine.

Freemail = you are the product. GMX is no better than gmail in that regard.

Focus on small providers like mykolab [1] (take bitcoin, located in switzerland) or posteo [2] (based in germany, do not require any data, you can pay cash if you wanted to).




[1] https://mykolab.com/
[2] https://posteo.de/

you can host your own domain and setup email service on this
your own private email setup

Check out tutanota.de

You may wanna check out GMX eMail http://www.gmx.com/

Host your own mail & private smtp server (published externally of course)

This means you probably have to re-do the contract with your ISP though.

http://prxbx.com/email/

http://prism-break.org/en/categories/windows/#email-accounts

https://protonmail.ch/

I use countermail.com currently, but also have a protonmail account as well.

You can also use bitmessage, although it is experimental, and they are still working on problems with it.

https://bitmessage.org/wiki/Main_Page

The short answer is "no". But it depends what you want to do and what your needs are.

For me, it is utterly important that the message is secure (which means only encrypting it myself on a computer I fully control) and the communication is compatible with other people like me (which means using PGP and not GnuPG, for instance). But I'm just a dinosaur.

If you don't care about backwards compatibility with PGP users like me, you can use Thunderbird with the Enigmail plug-in (which uses GnuPG) and any conventional e-mail carrier.

If convenience is more important than security and compatibility, you can use a web-based service like www.unseen.is. This is not an endorsement. I've tried them. They are both incompatible (can't import my PGP key and have failed to resolve the problem for months; their customer support sucks) - and insecure (JavaScript-based encryption? Really?!).

You do realize that if you use client-based encryption, you'll be able to communicate only with people who also use that encryption, don't you?

If you are looking for transparent and secure encryption of your e-mail that even your old aunt can use and cannot be spoofed by the e-mail carrier, you are SOL.

Hi,

I am currently looking for a new E-Mail Provider.
I have used G-Mail for a while now, which is dumb, I know, but I am just a really lazy person sometimes.

Is there anything out yet, with a good client side encryption? Preferable not located in the US?

Thanks