Private and secure email account providers

General Tor and Anonymity Talk
1

Let’s have a discussion about email providers. The focus here isn’t so much anonymity and Tor, but rather security and privacy. Despite that I think this discussion could find its place here as there is interest. A clear distinction needs to be made for choosing short-term or disposable accounts and for long-term accounts which you’d want to be very reliable. Finally let’s not limit the discussion to Tor friendly providers. Tor is great but email should work well on the clearnet too, it’s where most people are.

Here are a few privacy oriented provider lists, please mention any others:

Whonix on Twitter, 11:05 AM - 21 Mar 2018
#ProtonMail is snake oil. Google captchas on account creation. Their “trust us” JS crypto blobs that can turn on the user and steal their passwords any time and their refusal to support IMAP makes them a BAD choice for anyone who wants secure email. ^HU

This is of interest because Protonmail has claimed (successfully) leadership in privacy oriented email. More thoughts and info?

Which email providers would you be most likely to trust and why?

Possible criteria:

  • Financing: requiring payment could be a good indicator the provider has a sustainable and privacy respecting business model. Payment options are important. Popular and seemingly privacy oriented services with free accounts will invariably come under more scrutiny as they will sadly also be more commonly used for dubious activities.

  • Third-party content: outsourced captchas and scripts at registration or any time later are probably a very bad indicator.

  • Country of origin: important, but may not be decisive. There’s hardly a place where the state isn’t able to force the provider to hand over whatever is available. Even if the state seems nice it may have powerful “allies”.

  • Transparency of code: the most trustworthy providers provide all their source code. Happily this is not unheard of for email services.

  • Transparency of authorship: It’s hard to trust a service if there are no names behind it.

  • Tor policy: allowing access through Tor and providing an onion address indicates a high degree of technical proficiency and commitment to privacy. Some understanding for complicating registration through Tor may be justified. The abusive traffic could be overwhelming and providers have limited resources.

  • Data transfer: only having webmail and not allowing emails to be downloaded is unacceptable for serious use. Mentioned because unfortunately this is not a rare problem.

2

The better question is: “Why trust any if you don’t need to?”

When picking a provider, avoid criteria that is based on “Security by Policy” - unenforceable security mechanisms based on you trusting the provider. Instead, develop better email practices that protect you under the most circumstances.

Someone (or something) is likely reading your unencrypted emails right now.

It used to be that only the tech giants automated email snooping, but now with the commoditization of machine learning agents, even the smaller players can succeed in commoditizing YOU. Unencrypted email should be written with no expectation of privacy since any intermediate mail server can read the message. Plaintext email should be limited to public destinations, ie forums and mailing lists. The only concern with unencrypted email isn’t whether it’s confidential (it’s not) but whether or not it has integrity (crypto-sign to ensure it does).

Someone (or something) will likely read your encrypted emails in the future.

If you didn’t know already, current encryption protocols have expiration dates because they depend on the scarcity of finite computer resources. When composing sensitive emails, always keep in mind that the email will only stay secret for a certain number of years. While larger providers may provide higher uptime, they’ll probably also have the resources to store your mails forever. In light of this, it might be better to use a service that goes out of business in a few years and takes all their data under with them. Or run your own mail server. But keep in mind intelligence agencies may be archiving a large portion of encrypted emails until they can decrypt them later. And don’t forget the recipient’s mail server. Your grandchildren may be able to search through all your emails with a few keystrokes.

For very sensitive communications that you need to stay secret for a longer time, use email only to negotiate the use of a better communications platform.

  • something that is decentralized so it doesn’t leak metadata. This makes it harder for an adversary to filter the list of relevant communications

  • something with forward secrecy so it adds cost to decryption efforts

The most important tip for secure communications: Don’t communicate with idiots. No amount of infosec can protect your communications if the other side leaves clients open on their screen or prints out your mails and puts it in a filing cabinet.

So to tie this into the topic of this thread, any email provider is fine that offers:

  1. high uptime / availability
  2. pop3/smtp access so you can keep ownership of encryption keys
  3. tor access if needed
  4. anonymous registration if needed
  5. private payment if needed

There are lots of providers that meet these criteria. The issue in the other thread that you referenced is that tempest is looking for a provider that is also free.

Also, this topic comes up from time to time. You’ll find several relevant discussions by searching - protonmail thread comes to mind.

5 Likes
3

Those are all good points. Unfortunately we are all forced to use email, even if we can avoid it sometimes. No matter how bad it is people mostly just can’t be reached by very many other means. Other communication channels they use are usually as bad or worse. Selfhosting is as much as you can do but that still solves only part of the problem. In the end we all need to choose some email provider and find an imperfect solution in an imperfect world.

4

A state of absolute security is not something anyone can ever achieve. Security has many costs. Your goal is always to have security that is “good enough” for your needs. My point wasn’t to tell people not to use email. It was to provide some information on what email is and what it isn’t so people can decide what use case is appropriate for them.

I think you are trying to find justification for using provider X. What I’m saying is that there is little difference between Google / Apple / Microsoft and Protonmail / Tutanota / etc. from a purely security standpoint. This is because their security and privacy features all depend on them doing the right thing. Maybe the latter are nicer people and they have purer motivations. But how do we know that other than faith? You were looking for “private and secure email account providers”. Faith may deliver salvation but it’s not the right path for security and privacy. :slight_smile: Strong promises are comforting but unless it’s guaranteed by design, it’s just security theater.

3 Likes
5

Sure, I agree with that too. I was wondering if there were any ardent supporters or opponents of certain email services. Here’s the thread you were probably talking about and one more. I’ve added another list of providers to the top post in case it helps someone.

6

I have been using criptext for almost a year and it never disappoints, i keep reading about stuff that how secure the criptext is.
Recently they have extra level of security is added to provide a very unique and Secure email. it is the first and only email service to offer such kind of extra layer of security.

7

@juliarobbinson not using my own pgp keys , not using my own client … = disaster email provider, not recommended.

8

very well said, In this era of technology there is no escaping online communication and emails are the most professional way to do so. we can’t escape this for sure but we can always opt for secure services to keep our chats and messages private. one of the best secure email service provider is CRIPTEXT. It is a wonderful secure email service with end-to-end encryption, open source, no cloud storage and follows signal protocol. It also give a number of awesome features like taking back emails after being sent and real time email tracking. With security features like Forward Secrecy Every email is encrypted with its own unique key. This means that if a key is compromised it cannot be used to access your entire inbox. it is multi device enabled which is useful for work as well as personal mails.And honestly I have been using criptext for a long time now and i have never felt more secure as my mails are protected and not read by any other person except one it is intended to.

9

It depends for what purpose you use email. If I use it to create accounts on forums and different websites - all emails from this websites are unencrypted so only thing you need is a email provider with no javascript.

10

Wow, how much are you getting paid to advertise for cryptext?

Whom is base in the USA. See terms of service

And does not allow users to store private keys in an offline VM. With Qubes-Whonix (split-gpg) in concert with (Encryptes Email with Thunerbird and Enigmial) coupled with the right email provider (i.e. not cryptext) you can. Meaning more secure.

Keep in mind that gpg is secure so saying that signal is more secure than gpg is rubbish.

taking back emails after being sent

Gimmick: should not be used to decide on a provider.

Awesome! As if companies like Facebook and Google tracking users wasn’t enough, now cryptext and cryptext users can track me in real time. Please sign me up!

I believe you feel more secure but that doesn’t help when someone wants to decide on an webmail provider. How long exactly have you used cryptext? I mean the website is new this year. And what were you using before? Just curious (comparison).

1 Like
11

I don’t think so. If author is known, he can be blackmailed or threatened by powerful groups to add backdoors or give them access to data.

12

If an authorship is unknown it could be run by powerful groups that have access to your data. How about don’t trust anyone with your data? Meaning use gpg to encrypt your email.

The following could also be applied to an email provider.

1 Like