Preferred email provider from Whonix documentation

anonymous8069xiuz · September 3, 2019, 6:10pm

Preferred email provider in Whonix documentation email overview.

Prefer email providers that:
Are free.
Do not require JavaScript or other credentials for registration.
Provide an onion service.
Support PGP encryption and key management.
Have encrypted inboxes by default.
Are outside Fourteen Eyes jurisdictions – especially the US jurisdiction.
Have desktop email compatibility with Mozilla Thunderbird.

What is an email provider that meets this requirement? I’ve been looking for it but I can’t find it.
Help me.

HulaHoop · September 3, 2019, 8:18pm

We make no endorsements of providers. The list is just a collection of data available out there. We do not assume any responsibility.

Patrick · September 4, 2019, 7:39am

Yes as mentioned here https://www.whonix.org/wiki/E-Mail#Introduction_2

madaidan · September 7, 2019, 6:14pm

Javascript is needed for client side encryption. If an email provider doesn’t use javascript then you’ll have to trust their word on encrypting your emails on their server.

This won’t help. The 14 eyes is just a group of governments that share data with each other. It doesn’t make any specific service forced to share data with those governments.

I’d recommend protonmail and tutanota as they seem to be the best imo but they don’t fit all your points.

HulaHoop · September 7, 2019, 11:24pm

Both shitty choices. Protonmail prevents you from using GPG and from connecting via IMAP. It requires solving Google’s spyware Captchas to create an account.

Tutanota was noted to cooperate with authorities to unmask users.

madaidan · September 8, 2019, 1:23am

A bridge exists although I’ve heard it’s really buggy.

No, there’s other authentication options like with email and phone numbers that can easily be faked. I’ve had a lot of luck using guerilla mail to create anonymous accounts.

Source?

Patrick_mobile · September 8, 2019, 3:59am

You can’t trust any server provided JavaScript encryption. Could be backdored for specific users.

HulaHoop · September 8, 2019, 2:05pm

The ProtonMail Bridge is an application for paid users

ProtonMail is unique because it has PGP fully integrated such that you do not need to take any additional steps to benefit from PGP encryption.

Yeah… No thanks.

released encrypted content data because of a valid German court order in 21 cases .

madaidan · September 8, 2019, 5:03pm

True but I’d rather use something that the server might be able to read my emails rather than something that the server will always be able to read my emails.

“encrypted content data”

The data isn’t very useful if it’s encrypted.

This applies to all email providers anyway. You can’t just refuse a subpoena from your own government.

This doesn’t say anything about tutanota handing over data. Just that some guy used tutanota.

HulaHoop · September 8, 2019, 5:06pm

To summarize: If you don’t hold the keys you’ve already lost. Why pick services that stop you from using your own keys and prevent you from using IMAP? It is much better for security to not have to connect over a web UI.

madaidan · September 8, 2019, 5:15pm

Protonmail doesn’t prevent you from using your own keys. See the link above. I’m not sure tutanota has built-in pgp support though.

You can just encrypt your emails locally with gpg anyway.

Tutanota and protonmail both have their own mobile clients so you don’t need a web UI.

They don’t actively try to prevent you from using IMAP. It’s just not possible to have native support with every client as the clients need to have support for the encryption and only tutanota’s or protonmail’s clients do.