I’m not ignoring you I just have no idea how to respond. I’m going to study this and get back to you. Thank you for these links.
2 Likes
We have removed both those posts about Protonmail. Although we felt they were completely true, we are not the right group to show their weaknesses.
If not you, then who is the right group? If the post is accurate/true why not leave it up?
3 Likes
Github is not ideal place to compare your code to. very bad to trust github to save your real code. you should either switch to gitlab or host your own git version with e.g: Gogs.
Thats horrible, needs triage for sure. also it might help check also projects like liberapay.
why would you remove that? and if you cant put it again , please post it here.
@CTemplar i checked again ctemplar , you guys made great and brilliant improvements to your infrastructure from removing cloudflare , removing the need to JS, payment with Monero and v3 Onion Hidden services, All TLS and DNS security features implemented and hardened… just great!
Is there any notices to add?
-
Major feature needed is to allow users to use their own email clients (allowing pop/imap/smtp) and their own encryption (gpg/pgp), i asked the support they told me it maybe applied in the future.
-
Minor stuff to check out:
Missing Headers (new)
Permissions-Policy: Permissions Policy is a new header that allows a site to control which features and APIs can be used in the browser.Warnings
Content-Security-Policy: This policy contains ‘unsafe-inline’ which is dangerous in the script-src directive. This policy contains ‘unsafe-eval’ which is dangerous in the script-src directive. This policy contains ‘unsafe-inline’ which is dangerous in the style-src directive.
- Optional/Trivial stuff to checkout:
https://zonemaster.net/result/a882610509288f40
If you press on warnings and notices you will find: (if this single route go offline all nameservers gonna be offline)
CONNECTIVITY
0 CONNECTIVITY WARNING All nameservers in the delegation have IPv4 addresses in the same AS (13335).
1 CONNECTIVITY WARNING All nameservers in the delegation have IPv6 addresses in the same AS (13335).
2 CONNECTIVITY WARNING All nameservers in the delegation are in the same AS (13335).ZONE
0 ZONE NOTICE SOA ‘refresh’ value (10000) is less than the recommended minimum (14400).
1 ZONE NOTICE SOA ‘retry’ value (2400) is less than the recommended minimum (3600).
Cant wait to see your email added on my client!!
1 Like
As I read in Whonix Wiki, the only really important question about using e-mail anonymously is the question if registration over Tor possible. Every e-mail provider reads your mails so the question is about anonymity not privacy. If you don’t share your personal information about your real identity and use an anonymous e-mail account only over Tor, then it is ‘pseudonymous’ because pure anonymity doesn’t exist.
But they still don’t allow to make a registration over onion site, only log in.
Did you inspect their code?
That’s great, but unfortunately, mail from unpopular e-mail providers can be easily blocked by big services like Gmail, Outlook, Yahoo etc. because of ‘spam’ so it is a risk that your mail will never be recieved by these providers. Also many popular social networks block sending their verification messages to unpopular and ‘fraud’ e-mail mailboxes such as Protonmail, Tutanota, Lavabit etc.
So, the best variant is to use both popular and Tor-friendly e-mail provider.
Hi ,the Tor community has heavily relied on secmail for free anonymous js-less email, but sadly it is now gone. Does anyone know of a comparable service?
http://danielas3rtn54uwmofdo3x2bsdifr47huasnmbgqzfrec5ubupvtpid.onion/
fuckitalllls via Whonix Forum:
Sad to see such good services going down…
https://ctemplar.com/ctemplar-is-shutting-down/
Thanks for all the efforts and time spend on this project.