Are your emails and attachments safe from prying eyes?
Unless you are using a secure email provider that respects your privacy, the answer is probably no.
Most large email providers, such as Gmail and Yahoo, do not respect the privacy of your inbox. For example,
- Gmail was caught giving third parties full access to user emails and also tracking all of your purchases.
- Advertisers are allowed to scan Yahoo and AOL accounts to “identify and segment potential customers by picking up on contextual buying signals, and past purchases.”
- Yahoo was also caught scanning emails in real-time for US surveillance agencies.
Another concern is where your email service is located and how this may affect your data and privacy. Some jurisdictions have laws to protect data privacy (Switzerland), while others have laws in place to erode it (United States). We’ll cover this in more detail below.
On a positive note, there is a relatively simple solution for keeping your inbox more secure: switch to a secure email provider that respects your privacy.
What is the best secure email service?
With so many different types of users, there is no single “best secure email” service that will be the top choice for everyone.
While some may prioritize maximum security and strong encryption, others may want convenience and simplicity with user-friendly apps for all devices.
Here are just a few factors to consider when switching to a secure email provider:
- Jurisdiction – Where is the service located and how does this affect user privacy? Where is your data physically stored?
- PGP support – Some secure email providers support PGP, while others do not use PGP due to its vulnerabilities and weaknesses.
- Import feature – Can you import your existing emails and contacts?
- Email apps – Due to encryption, many secure email services cannot be used with third-party email clients, but some also offer dedicated apps.
- Encryption – Are the emails end-to-end encrypted in transit? Are emails and attachments encrypted at rest?
- Features – Some features you may want to consider are contacts, calendars, file storage, inbox search, collaboration tools, and support for DAV services.
- Security – What are the provider’s security standards and policies?
- Privacy – How does the email service protect your privacy? What data is being collected, for how long, and why?
- Threat model – How much privacy and security do you need and which service best fits those needs?
The goal of this guide is to help you find the best secure email solution for your unique needs.
This list is not in rank order. (Choose the best secure email service for you based on your own unique needs!)
Here are the most secure email providers that protect your privacy.
1. Tutanota – Private and secure email in Germany
| Based in | Germany |
| Storage | 1 - 1,000 GB |
| Price | €1.00/mo. |
| Free Tier | Up to 1 GB |
| Website | Tutanota.com |
Tutanota is a Germany-based secure email service run by a small team of privacy enthusiasts, with no outside investors or owners. While their service is focused on providing you with the highest levels of email security, it still remains user-friendly and intuitive.
Rather than using PGP and S/MIME, Tutanota utilizes their own encryption standard incorporating AES and RSA. This standard encrypts the subject line, supports forward secrecy, and can be updated/strengthened if necessary against quantum-computer attacks, as they explain here. All messages in your inbox, contacts, and calendar are encrypted at rest on servers in Germany. For sending encrypted emails with Tutanota, you have two options:
- Emailing another Tutanota user, which encrypts everything automatically (asymmetric encryption)
- Emailing an external (non-Tutanota) user with a link to the message and sharing a password key for encrypting/decrypting messages (symmetric encryption).
While Tutanota uses high encryption standards and is arguably the most secure email provider, it also comes with some tradeoffs. This include no support for PGP, IMAP, POP, or SMTP. Additionally, you cannot import existing emails into your encrypted Tutanota inbox, but they’re currently working on adding a migration feature – see the roadmap.
To explain why Tutanota does not rely on PGP standards, Tutanota cofounder Matthias Pfau wrote this piece for Restore Privacy readers, Let PGP Die: Why We Need a New Standard for Email Encryption.
If you are looking for a transparent, high-security email provider run by a small team privacy enthusiasts, Tutanota is a solid choice.
+ Pros
- Messages (including Subject lines) Address Book, Inbox Rules and Filters, Search Index, encrypted at rest and stored on German servers
- Strips IP address from emails
- Open source code (including mobile apps)
- Great apps for mobile devices
- Free accounts with 1 GB of storage
- Encrypted calendar and contacts
- Discounts and additional support for non-profits
– Cons
- Does not support PGP
- Potentially delays with account approval
- Currently no way to import existing emails
https://Tutanota.com
2. ProtonMail – Secure email in Switzerland
| Based in | Switzerland |
| Storage | 5 - 20 GB |
| Price | $4.00/mo. |
| Free Tier | Up to 500 MB |
| Website | ProtonMail.com |
ProtonMail is a Switzerland-based email service that enjoys a great reputation in the privacy community. It was started by a team of academics working at MIT and CERN in 2014. Shortly thereafter, it was promoted in American media as “the only email system the NSA can’t access” – which was around the time Lavabit was shut down for not cooperating with the US government.
Looking at the service itself, ProtonMail does a lot of things right. It utilizes PGP encryption standards for email and stores all messages and attachments encrypted at rest on Swiss servers. ProtonMail has a unique feature for “self-destructing messages” and they have also added address verification and full PGP support.
Regarding encryption, however, it’s important to note that ProtonMail does not encrypt subject lines of emails, which is an inherent limitation with PGP (not ProtonMail). Additionally, the ProtonMail search function can only search subject lines within your inbox, but not the content of your emails.
ProtonMail does offer some great apps for mobile devices (Android and iOS). You can also use ProtonMail with third-party apps through the ProtonMail Bridge feature (restricted to paid users).
Overall ProtonMail is a well-regarded email provider, and should be a great secure email option for most users. Switzerland remains a strong privacy jurisdiction that is not a member of any surveillance alliances. In addition to email, the same team also offers a VPN service, ProtonVPN.
+ Pros
- Can import contacts and emails through bridge feature
- Strips IP address from emails
- Emails are encrypted at rest and stored on Swiss servers
- Officially under Switzerland jurisdiction
- Apps for mobile devices
- Can be used with email clients through the ProtonMail Bridge feature
- Open source Android app
– Cons
- Takes funding from United States VC investors and government entities
- Utilizes phone number verification
https://ProtonMail.com/
3. Mailbox.org – Private email in Germany
| Based in | Germany |
| Storage | 2 - 100 GB |
| Price | €1.00/mo. |
| Free Tier | None |
| Website | Mailbox.org |
Another Germany-based secure email provider worth considering is Mailbox.org. Unlike some of the other secure email services in this guide, Mailbox.org is fully-featured and can function as a full email and productivity suite. It offers a huge lineup of features: Mail, Calendar, Address Book, Drive (cloud storage), Tasks, Portal, Text, Spreadsheet, Presentation, and Webchat. The layout and design of Mailbox.org are also user-friendly, even with all the features and preferences.
When choosing a secure email provider, you often have to choose between features and security. With Mailbox.org, you can arguably get the best of both worlds. From the security and encryption side, Mailbox.org offers full PGP support and options to easily encrypt all your data (at rest) on their secure servers in Germany. You can also use Mailbox.org with mobile apps and third-party email clients.
Lastly, Mailbox.org is very affordable, with basic plans starting at only €1 per month and going up for more storage and features. You can pick up a free 30-day trial if you want to test-drive this privacy-focused email provider.
+ Pros
- PGP support (server-side or through third-party app)
- Company and server located in Germany with strong privacy protections
- HSTS and PFS for messages in transit
- Protected against man-in-the-middle attacks
- Message and spam filters
- Virus protection
- Full text search
- POP, IMAP, SMTP, ActiveSync support
- vCard, CardDAV, CalDav support
- Messages are encrypted at rest
- Supports custom domains
- Open source
– Cons
- No mobile clients (but can be used with third-party email clients)
- Some tracking during registration
https://Mailbox.org/
4. Posteo – Privacy-focused email in Germany
| Based in | Germany |
| Storage | 2 - 20 GB |
| Price | €1.00/mo. |
| Free Tier | None |
| Website | Posteo.de |
Posteo is (another) German email provider that offers a high level of privacy and security for its users. In some respects, it has much in common with Mailbox.org. Both are fully-featured email providers that utilize PGP encryption standards, with similar prices. But in a few key areas, Posteo is a bit different:
- Custom domains are not supported.
- There is no spam folder (all emails are either delivered to your inbox or rejected).
- There’s no trial or free tier (but still quite affordable).
In terms of privacy, Posteo really makes an effort to protect the privacy of their users. IP addresses are automatically stripped from emails, no logs are kept, and they offer strong encryption standards. They also support completely anonymous registration and anonymous payments – even allowing you to send cash in the mail for no digital trail. And if you pay with a credit card, PayPal, or some other digital method, they manually separate account details from payment info.
+ Pros
- Mail, Calendar, Contacts, and Notes are encrypted at rest with OpenPGP on secure servers in Germany
- Subject, headers, body, metadata, and attachments are encrypted
- Includes Messages, Calendar, Contacts (Address Book), and Notes
- Completely Open Source
- Strong commitment to privacy, sustainable energy, and other social initiatives
- Self-financed; good track record (operating since 2009)
- No logs, IP address stripping, secure email storage with daily backups
- Allows anonymous (cash) payments
- Supports SMTP, POP, and IMAP protocol + Two-Factor Authentication
– Cons
- Custom domains not supported; no “.com” options available
- No spam folder (spam emails are either rejected or delivered to regular inbox)
- No trial or free version
- Cryptocurrency payments not supported
https://Posteo.de/
5. Mailfence – Fully-featured secure email in Belgium
| Based in | Belgium |
| Storage | 5 - 50 GB |
| Price | €2.50/mo. |
| Free Tier | Up to 500 MB |
| Website | Mailfence.com |
Mailfence is a fully-featured secure email provider offering calendar and contacts functionality, file storage, and PGP encryption support. It is based in Belgium, which is a good privacy jurisdiction with strict data protection laws.
For those wanting full PGP control and interoperability, without plugins or add-ons, Mailfence is a solid choice. Whether you are a personal user or you need a secure email solution for your business or team, Mailfence likely has all the features and options you’d want. Similar to Mailbox.org, Mailfence is a great alternative to full email and productivity suites, such as G Suite or Office 365
In testing everything out for the Mailfence review, I found it to work very well with an intuitive design and slick layout. Mailfence also offers email and phone support, in addition to cryptocurrency payment options.
One of the main drawbacks with Mailfence, which separates it from other secure email providers, is that there’s no built-in way to encrypt your entire inbox. Instead, your only option to do this is locally with a third party client. Fortunately, they are looking to integrate a built-in encryption option sometime in 2020.
+ Pros
- Based in Belgium, with all data stored on Belgian servers
- Full OpenPGP encryption support and digital signatures
- Includes Messages, Documents, Calendar, Contacts, and Groups
- SMTP, POP, and IMAP support
- Can synchronize with other email clients
- Supports password-protected messages with expiration time
- Removes IP addresses from mail headers
- Two-Factor Authentication (2FA) support
- OpenPGP user keystore
- Great user interface (recently updated)
- Cryptocurrency payment options
– Cons
- Code is not open source
- Logging of IP address and some other data
- No built-in options for encrypting entire inbox (at rest)
https://Mailfence.com
6. Runbox – Private and sustainable email in Norway
| Based in | Norway |
| Storage | 1 - 25 GB |
| Price | $1.66/mo. |
| Free Tier | 30 day trial |
| Website | Runbox.com |
Runbox is a long-running private email service in Norway that has been operating for over 20 years. Norway is also a good jurisdiction with strong legal framework for privacy . All Runbox servers are located in secure Norwegian data centers, running on clean, renewable, hydropower energy.
One unique feature of Runbox is that it gives you 100 aliases to use with your account. Secure file storage is also included, with different pricing tiers. Runbox fully supports SMTP, POP, and IMAP protocols and can be used with third-party email clients. Currently they’re working on an updated webmail client (version 7) that should be released soon – but they do not offer custom mobile or desktop clients.
Unlike some other secure email providers, Runbox does not have a built-in option for encrypting your entire mailbox. And while you can use PGP with Runbox, it is not yet built into the platform. Another drawback is that Runbox does not offer a built-in calendar, but this feature may be included in Version 7 (when released).
Runbox offers 30 day free trials and makes importing your existing emails simple with the guides on their site. They are currently offering a discount “2 years for the price of 1” on their website here.
+ Pros
- IP addresses stripped from messages
- Includes Webmail, Contacts, and Files
- Servers run on renewable energy
- Supports SMTP, POP, and IMAP protocols
- Synchronizes with other email clients
- GDPR compliant
- Norway has strong data protection laws
- 100 email aliases per mailbox
- Custom domain names on some paid accounts
- Numerous payment methods accepted (including cash and cryptocurrencies)
– Cons
- Browser-based; no desktop or mobile apps
- Not open source (but version 7 should have open source client)
- Data not encrypted within the Runbox system or at rest
- No business-specific features
https://Runbox.com
7. CounterMail – Private and secure Swedish email service
| Based in | Sweden |
| Storage | 4 GB+ |
| Price | $4.83/mo. |
| Free Tier | 7 day free trial |
| Website | CounterMail.com |
Next up on our list is CounterMail, a secure email provider based in Sweden. CounterMail has been operating for over 10 years with a philosophy to “offer the most secure online email service on the Internet, with excellent free support.” CounterMail uses OpenPGPG encryption with 4,096-bit encryption keys along with no-logs, diskless servers to protect user privacy. Countermail anonymizes email headers and also strips the sender’s IP address. All emails and attachments are stored encrypted at rest using OpenPGP on servers in Sweden.
While CounterMail is a bit more expensive than some other secure email providers, they explain this price difference comes from using only high-quality servers and implementing strong security measures. CounterMail also protects users from identity leaks and Man-In-The-Middle attacks with RSA and AES-CBC encryption on top of SSL. It may not have all the frills, but CounterMail is a serious security-focused email provider with a 10+ year track record.
+ Pros
- Supports cryptocurrency payments
- Secure, built-in password manager
- All emails and attachments stored encrypted on no-logs, secure servers in Sweden
- Custom domain support
- Message filter and autoresponder features
- Uses RSA, AES-CBC, and SSL encryption to protect against leaks and MITM attacks
– Cons
- Design and UI feels outdated
- Slightly more expensive than other secure email options
https://CounterMail.com
8. CTemplar – A new, “armored email” service in Iceland
| Based in | Iceland |
| Storage | 1 - 50 GB |
| Price | $6.00/mo. |
| Free Tier | Up to 1 GB |
| Website | CTemplar.com |
CTemplar is a newer service in Iceland claiming to be the “The most secure & private email service in the world.” As they correctly point out, Iceland has very strong privacy laws, perhaps the best in the world. CTemplar offers some interesting security features, which you can read about here. All emails attachments, and contacts are stored encrypted at rest on bare-metal servers in Iceland.
Although it is relatively new, CTemplar seems to be a strong contender in the secure email space. You can learn how they aim to raise the bar with security standards on their website. CTemplar offers free accounts with up to 1 GB of email storage, but to get access to all features you’ll need a paid plan.
+ Pros
- Strong encryption standards with built-in support for end-to-end encrypted emails (uses OpenPGP)
- 100% open source code
- Based in Iceland, with some of the strongest privacy laws in the world
- Zero logs; IP address stripped from emails
- Anonymous signup options (no phone verification)
- Support for Bitcoin, and Monero payments
- Self-destructing emails and Dead Man’s Timer
- Can send encrypted emails to non-CTemplar users
- 2FA support
– Cons
- No email clients (Android app in beta)
- Higher prices for paid plans (and all features)
- No support for IMAP/SMTP and third-party email clients
https://CTemplar.com
9. Kolab Now – Fully-featured Swiss email
| Based in | Switzerland |
| Storage | 2 GB+ |
| Price | $4.50/mo. |
| Free Tier | 30 day trial |
| Website | KolabNow.com |
Based in Switzerland, Kolab Now is a private email service offering lots of features and full email suite functionality. A Kolab Now subscription includes email, contacts, calendar, scheduling, collaboration/sharing tools, and cloud file storage. All of the features and options make Kolab Now an excellent choice for business users, teams, and privacy-focused individuals.
While Kolab now does offer numerous features and support for all major operating systems and devices, it also does not offer as much encryption for those who want the highest levels of security. End-to-end encryption for emails is not built-in and emails are not stored encrypted at rest.
The price is also on the higher end, especially if you want access to all features and more storage. However, for those wanting a feature-rich email suite hosted in Switzerland, Kolab Now may be a good fit.
+ Pros
- Accepts cryptocurrency payments
- Full support for POP, SMTP, and IMAP
- Switzerland jurisdiction with strong privacy protection
- Full email suite with numerous features to replace Gmail, Office365, etc.
- Support for custom domains, teams, and business users
– Cons
- End-to-end email encryption is not built-in
- Email not encrypted at rest (but stored in high-security Swiss data center)
- Higher price
https://KolabNow.com
10. Startmail – Private email hosted in The Netherlands
| Based in | The Netherlands |
| Storage | 10 - 20 GB |
| Price | $5.00/mo. |
| Free Tier | 30 day trial |
| Website | StartMail.com |
StartMail is a secure email service brought to you by the team behind Startpage, a private search engine based in the Netherlands. While there was recently news about System1 investing in Startpage, StartMail is its own unique entity under StartMail B.V. – a company operating under Dutch law in The Netherlands.
The Netherlands is a good jurisdiction for privacy and StartMail aims to keep as little data as possible to run their operations (see privacy policy). Unlike most secure email providers, StartMail handles encryption server-side, rather than in the browser – see their white paper explaining why.
StartMail allows users to utilize PGP encryption with emails also being encrypted at rest on their Dutch servers. One cool feature with StartMail is they give you the ability to create temporary, disposable email addresses “on the fly” to use with different services. IMAP and SMTP are also supported if you want to use StartMail with third-party apps such as Thunderbird.
+ Pros
- Can create temporary, disposable email addresses
- Accepts cryptocurrency payment
- IMAP and SMTP support; can use custom domains
- Headers and IP address stripped from all emails
- Accounts come with 10 GB file storage
– Cons
- No custom mobile apps
- Not open source
- Interface feels a bit outdated
https://www.StartMail.com
11. Soverin – Basic private email in Netherlands
| Based in | The Netherlands |
| Storage | 25 GB |
| Price | €3.25/mo. |
| Free Tier | No |
| Website | Soverin.net |
Soverin provides a basic and private email service at a reasonable price. Plans come with 25 GB of storage and custom domains are supported. All data is stored on Soverin servers in The Netherlands. Soverin strips IP addresses from headers while also using strong encryption standards, although email is not stored encrypted at rest.
For those wanting a basic private email with lots of storage that is protected by European privacy laws, Soverin may be a good choice. It can also be used with third-party email clients and importing old emails is relatively simple.
+ Pros
- 25 GB of data storage for all plans
- Data protected under Dutch privacy laws and GDPR
- Can be used with third-party email clients
– Cons
- No custom mobile apps
- Not open source
- No built-in encryption options
https://Soverin.net
12. Thexyz – A fully-featured private email service in Canada
| Based in | Canada |
| Storage | 25 - 100 GB |
| Price | $2.95/mo. |
| Free Tier | No |
| Website | www.Thexyz.com |
Another privacy-focused email service worth noting is Thexyz. It is a secure email and web hosting business based in Canada that offers solutions for businesses and private users. The email arm of Thexyz has been operating since 2009, as explained on the about page. While Canada may not be the best jurisdiction for privacy (Five Eyes), this may not be too concerning depending on your needs and threat model.
Thexyz does offer some great privacy and security features. Accounts come with encrypted cloud storage as well as contacts, calendar, and team collaboration tools. All emails are stored encrypted at rest using AES 256-bit encryption, with double geo-location redundancy. With a basic account, you get unlimited aliases and 25 GB of storage (upgradable to 100 GB). Even with all the perks and features, Thexyz is still very affordable at $2.49/mo with the premium webmail plan.
+ Pros
- Great applications and user interface
- Email encrypted at rest with 256-bit AES
- Subscriptions include calendar, contacts, chat, and encrypted cloud storage
- Unlimited aliases; emails can include up to 50 MB attachments
- Support for custom domains
- Autoresponder, spam filters, and incoming email filtering
- Apps for iOS and Android
- Accounts come with 25 GB of email storage (upgradable to 100 GB)
– Cons
- Based in Canada (not the best privacy jurisdiction)
- Support for end-to-end email encryption is not built-in
https://www.thexyz.com
Email jurisdiction and data privacy
Where your email service is located (jurisdiction) can seriously impact the security of your data. Depending on your threat model, this could be a major consideration. For an overview on jurisdiction and privacy, you may want to read my article on the Five/9/14 Eyes surveillance alliances.
Here are some reasons to pay attention to jurisdiction.
United States (leading member of the Five Eyes)
Tech companies in the US can be forced to give government agencies direct access to their servers for “extensive, in-depth surveillance on live communications and stored information” – as explained in the PRISM surveillance program. Data requests can also be accompanied by gag orders, which forbids the company from disclosing what’s going on (see also National Security Letters).
There are a few known cases of US email providers being forced to give up data. In one prominent example, Lavabit decided to shut down the business rather than give up user data. Another US email provider, Riseup, was also forced to give up data to authorities.
After exhausting our legal options, Riseup recently chose to comply with two sealed warrants from the FBI, rather than facing contempt of court (which would have resulted in jail time for Riseup birds and/or termination of the Riseup organization).
There was a “gag order” that prevented us from disclosing even the existence of these warrants until now. This was also the reason why we could not update our “Canary” [warrant canary that warns users about these events].
Germany (member of the 14 Eyes)
While Germany has long been a rock-solid jurisdiction for privacy-focused tech companies, I’ve noticed some troubling trends recently:
- In January 2019, a German court ruled that Posteo must log IP addresses if required by a valid court order. Posteo explained they would not change their system to log all users’ IP addresses, but would comply for specific users, if ordered by a German court.
- In November 2019, a German court ruling forced Tutanota to provide real-time access to unencrypted emails for specific users targeted by a court order. As Tutanota explained, only unencrypted messages sent after the court order was received would be affected.
All email providers must comply with the law
While some of these cases may seem alarming, the truth is that all email providers must comply with legal requirements in the country they are operating in. For example, ProtonMail, a Switzerland email provider, has also been forced to log IP addresses and disable accounts by valid court orders, as they disclose in their transparency report.
(Note: If you are concerned about your email service logging your IP address, then simply use a good VPN service.)
Considering everything, some jurisdictions are much better than others, so choose wisely. As a general rule, I’d still avoid email services in the US, and perhaps other Five Eyes jurisdictions.
Want secure email? Pay for it.
The unlimited “free” email business model is fundamentally flawed. It offers a free service, which is used to collect data and thereby monetize the user and make money on ads. With these privacy-abusing “free” services, you are actually paying for the product with your data.
In contrast, here we recommend privacy-friendly, secure, ad-free email services. While some of these private email services offer limited free subscriptions, you will need to upgrade to a paid plan for more storage and premium features (the freemium business model).
Support good privacy businesses
Fortunately, you can “vote with your dollars” by supporting these privacy-respecting businesses and upgrade to paid accounts. This will help secure email providers to grow, improve, and serve more people with an ethical business model that does not rely on exploiting their users’ data.
Secure email shortcomings and PGP flaws
Most secure email solutions mentioned in this guide utilize PGP for end-to-end encrypted email. PGP, which stands for Pretty Good Privacy and was invented back in 1991 by Phil Zimmermann.
PGP flaws – While PGP is considered a trustworthy, secure encryption method, there have been some flaws in implementing PGP that have made headlines recently – see also the EFAIL vulnerabilities. While the news did attract lots of attention, the “flaws” were mainly limited to the incorrect implementation of PGP by third parties. To my knowledge, this did not affect the secure email providers mentioned in this guide.
Limited Use – Another fundamental problem with adopting secure email is that few people are willing to go through the hassle of PGP key management, encryption, decryption, etc. There are some solutions, to this, however, and by some measures encrypted email usage continues to grow.
Many providers address this issue by making encryption automatic and seamless. Tutanota, for example, uses built-in AES encryption that automatically encrypts emails between Tutanota users, including headers, subject line, body, and attachments. They also provide a secure, two-way communication contact form called Secure Connect.
Vulnerabilities – Even when using a secure browser, there are still vulnerabilities to consider with browser-based email clients. Phil Zimmermann gave an interview highlighting some of these shortcomings:
“The browser is not a terribly safe place to run code. Browsers have a large attack surface,” he said.
Wherever encryption and decryption take place, though, it’s a vast improvement on no encryption. But even encrypting messages may not be enough, depending on the threat model. The very nature of email makes it vulnerable.
“Email has an enormous attack surface,” Zimmermann said. “You’ve not only got cryptographic issues but you’ve got things like spam and phishing and loading images from a server somewhere that might have things embedded inside.”
On a positive note, however, there are many options for securing and hardening your browser – see the secure browser and Firefox privacy guides. Furthermore, most secure email providers offer protection against these attack vectors by blocking email images by default while also utilizing virus filters.
Keep in mind, however, that non-browser email clients can also be problematic – potentially revealing unique information about your operating system (user agent) as well as your IP address and location.
Regardless of these limitations, using a secure email provider will help keep large tech companies from harvesting your email data for third parties.
Secure email vs secure messaging apps
Depending on your threat model, you may also want to consider using secure messaging apps, which do not have all of the vulnerabilities discussed above with email. One of my favorites is Wire, which is free for personal use. Here are three secure messaging apps worth considering:
Encrypted messaging apps generally offer a higher level of security over email, plus they are much easier to use than PGP email encryption.
Finally, encrypted messaging apps are also convenient for back-and-forth conversations, document sharing, and collaboration with others. For more information, check out the Secure Messaging section on the homepage.
Always use a good VPN with email
One fundamental problem with email is that it can expose your IP address and location to third parties, by design.
While some secure email services strip IP addresses and conceal metadata, many others do not. Even the popular Enigmail encryption plugin, which is used with Thunderbird, was found to be leaking user IP addresses. Some email services may be forced to log user IP addresses by valid court orders, without disclosing any information to the user.
There have also been many cases where email services are compelled to log user IP addresses by court orders. We’ve seen this with email providers in the US, Germany, and even Switzerland.
Finally, there’s also the fact that many email servers keep logs for security, which may include user IP addresses, connections times, etc. Of course, whenever you have logs, this data could end up with third parties (for various reasons).
To effectively conceal your IP address and location, you can simply use a good VPN service. (See the ‘What is a VPN‘ guide for more a detailed overview.)
A VPN creates a secure tunnel between your device and a VPN server, encrypting your traffic and concealing your real IP address and location. The VPN will encrypt and anonymize your internet traffic, while you carry on with business as usual. Some of the larger providers, such as ExpressVPN and NordVPN, offer apps for all major devices and large server networks around the world.
Due to the security and privacy benefits a VPN offers, it’s a smart idea to use one whenever you’re online. Internet providers in many countries are recording user browsing history (via DNS requests), which may be passed off to advertisers or government agencies (mandatory data retention laws). With a VPN, your DNS requests are encrypted and handled by the VPN server and unreadable to your ISP or other parties.
For more info, see the best VPN services.
Conclusion on secure and private email
Whatever your situation is, using a secure and private email provider is a smart step to protect your data. Gmail, Yahoo, Microsoft, and the other big email players do not place the highest priority on your privacy. Paying for a good email service that values privacy ensures you aren’t paying with your personal data.
As a brief recap, below is a table highlighting the best secure and private email providers. If you have a specific question about one of these services, you may want to reach out to them directly through their website.
See the main privacy tools guide for other privacy and security essentials.
Email Service
Storage
Price/mo.
Website
20 GB+
€1.00
(Free to 1 GB)
Up to 20 GB
€4.00
(Free to 500 MB)
50 GB+
€1.00
Up to 20 GB
€1.00
Up to 20 GB
€2.50
(Free to 500 MB)
Up to 25 GB
$1.66
4 GB+
$4.00
(Free 1 week trial)
Up to 50 GB
$6.00
2 GB+
€4.41
Up to 20 GB
$5.00
25 GB
€3.25
Up to 100 GB
$2.95
Have you used one of these secure email providers? Feel free to leave your feedback/review of the service below.
Last updated December 23, 2019.
Wow, great post but so sorry that there is no mention of sub rosa. I’ve been using them for two years and am very pleased. They are a bit on the higher side but you get what you pay for. They are based in Panama and have very strict privacy laws. If you subscribe for a year it comes out to around $2.83/mo. So they aren’t the most expensive. They also do no retain logs and they have self-destructing emails. And, because they aren’t in Europe, they aren’t subject to the prying eyes of the U.S. In fact, they are under no obligation to share any email with the U.S. And this is exactly why I chose them. I’m not hiding anything but my email is my email and I have a right to my privacy.
https://novo-ordo.com/email-services/
Ok, wait, I see there is mention of subrosa. I had no idea they had moved, at least one server to Switzerland. Hmm, this may require choosing a different email when renewal time comes up again. Now I just need to find a non-EU email/
From “About Us>News”:
“2018 March 23
Sub Rosa moves to Switzerland. In an effort to improve reliability while maintaining customer privacy, we have moved our server from Panama to Switzerland.”
There is another good email service call CRIPTEXT. It’s based on Panama and use de Signal Protocol to secure all comunication.
Plus, all the user data is store only in the smartphone. There is no information store in a server. The service it’s free, but it also has a paid version.
Sven,
Have you heard of a browser extension called Mailvelope and if so, what do you think of it?
We have not tested Mailvelope, but noted that it can be used with Mailbox.org in the review.
Please update Tutanota’s pricing: (as of October 2020)
They offer three plans each for Personal and Business.
•Personal Options:
——————————
1) Free: 100% free basic account -limited to just one email address. 1 Gb. No extras.
( A few years ago there was no limit – now they delete email accounts after six months if not accessed during that time. )
2) Premium: $12 Year – 1 Gb. Up to five additional aliases. Custom domains. Support.
3) Teams: $48 Year – 10 Gb. Up to five additional aliases. Custom domains. Support.
•Business Options:
——————————
1) Premium: $12 Year – 1 Gb. Up to five additional aliases. Custom domains. Support.
2) Teams: $48 Year – 10 Gb. Up to five additional aliases. Custom domains. Support.
3) Pro: $72 Year – 10 Gb. Up to twenty additional aliases. Custom domain+Login. Priority Support. Custom logos, colors and Contact Forms.
They also offer several extras and features:
•Larger Storage Options -All Cloud Storage and Calendars are Encrypted.
1) 10 Gb – $24
2) 100 Gb – $120
3) 1 Tb – $600
•Additional Aliases
1) 20 – $12
2) 40 – $24
3) 100 – $48
•Business Accounts can upgrade/add customizable features.
•Tutanota donates Business Accounts to Non Profit Organizations.
• If you are a developer, you can request adding your favorite feature by contributing code.
•Pricing Calculator: select your specific needs from all their various options to view yearly price.
After using Tutanota for more than six years, I can say without a doubt, it’s by far the best email service, paid or free.
Sven,
I’ve read that Swiss law requires all email providers to retain deleted emails for six months. How do Swiss secure email providers deal with this issue? It suggests a lack of security if the provider saves the emails after the client has deleted them.
No, Swiss data retention laws do not apply to Swiss email services operating there.
https://protonmail.com/blog/eu-data-collection-illegal/
I only asked because on the CTemplar site it states, “Email services in the US and Switzerland are legally required to track your IP address even if you disable IP tracking.”
Am I misreading this?
As with most laws, there are probably different interpretations of the Swiss data retention law. But I think it is clear this only applies to internet service providers.
when look at those secure email locations are all under 14 eyes, 41 eyes, Europe alliance.
Germany Switzerland Belgium Norway Sweden Iceland The Netherlands Canada
In which country (outside of Europe and North america) you can get secure email address? Panama?
Tutanota, which recommended here, is German based and all emails in Germany are reported as a text file to authorities;
There is no such thing as a secure email,not from NSA and Govt spying world wide, same thing anyway, MAYBE TO AVOID ANNOYING ADS OR USING YOUR DATA BY COORPORATES, NOT GOV.
You said “all emails in Germany are reported as a text file to authorities.”
Where is your proof for this claim? Tutanota has admitted that in certain cases when they receive a valid court order, they are required to collect data on the respective user, but this is not “all emails” from all people.
A new data law came into force in Germany about a year ago. All email providers have to perform data retention.
Source?
https://tutanota.com/blog/posts/transparency-report/
https://www.sueddeutsche.de/digital/tutanota-verschluesselung-e-mail-ueberwachung-polizei-1.4676988
Is in german but you can translate. That mean all email providers in Germany like Tutanota, Mailbox.org or Posteo.de must give the datas to the court! In future the EU will make new laws againt the email provider.
No, this is not data retention on “all emails”. Wrong context.
Once again, as I’ve said before, this is about TARGETED data collection that only affects specific people who are the subject of a valid court order in Germany. In other words, this is not blanket meta data collection on all users, like we are already seeing in the UK and Australia. But rather, if you attract the attention of the German police or government, a German court can force German email providers to target specific users with data collection. This was the case when hackers were blackmailing companies in Germany, from Tutanota email address.
But if you are using full encryption with your emails, as Tutanota recommends, the contents of your emails remain protected and encrypted. This specific case was about real-time surveillance of data on specific, targeted users named in a valid German court order.
Sven,
Thanks for the page. Interested in getting out of gmail. Cost aside, what do you recommend as the most secure across the board? (encryption type, content, location, etc…)? CTemplar?
I understand what you mean. But in Germany there is a “Bundestrojaner” (Virus) from the state, here some detail information: https://resources.infosecinstitute.com/german-trojan/
But the german state also makes secret general controls.
For examle the Whatsapp messages: https://www.computerbase.de/2020-07/whatsapp-bka-liest-mit-ohne-staatstrojaner/
That is the reason why you should find a secure mail outside of Europe, North america, Australia and New Zealand. Perhaps in South America, Panama, Asia?
Any thoughts on Inbox.eu? I do not need top security. I just want something that is not tracking me across websites and selling my data. Does anyone know if they strip IP addresses from headers? They advertise “encrypted messages” but not sure that the mailbox is encrypted at rest.
They’ve been operating in Latvia for 20 years.
Per the TOS, the do collect name, birthdate, gender and log IP and a, but do not sell it. I’m okay with this for basic online registrations etc.
https://help.inbox.eu/category/312/question/834
https://help.inbox.eu/category/323/question/998
3.7. «Inbox.eu» reserves the right to impose restrictions on the use of the Service, and can change them at its discretion without prior notice.
«Inbox.eu» collects personally identifiable information when you register in Inbox.eu system.
4.3. When you register for Inbox.eu, you are no longer unknown to us.
4.4. «Inbox.eu» automatically receives and records information from your browser on our servers including your IP address, cookie information and the page you requested.
4.5. «Inbox.eu» will not sell or rent your personally identifiable information.
4.10. Your personal data will be processed in accordance with the “Personal Data Protection Law” requirements, and will be based on personal data processing systems of Latvian Republic Data State Inspectorate.
Reply to Jackie,
You could try 33Mail and where the basic service is absolutely FREE.
Create a new e-mail address whenever you need one. Maintain complete control over active addresses. Forwards all mail to your existing e-mail address. You can even reply anonymously to emails forwarded by 33Mail.
But is 33 Mail open source? Tracking free?
Which alternative address should I give to runbox for inscription? gmail or gmx not possible.
If you loose password or any problems with the mail account then you can not get it if there is no altervative email address!
Thanks.
Is the ability to search ONLY email subject lines a limitation with PGP? Or is that a just a limitation with Protonmail?
Do you know which ones do support searching the content of the emails?
I don’t think I could live without that feature.
Great article.
PGP does not encrypt subject lines, which remain in the clear, and hence are searchable with ProtonMail, which relies on PGP. As an alternative, you can check out Tutanota. They do not use PGP, encrypt subject lines, along with the rest of your inbox being encrypted at rest, but content of emails is still searchable. The other email services in this guide, such as Mailfence and Posteo, also allow you to search content of emails.
I need a suggestion for the best free versions of paid ones or free secure email services coz I can’t afford to pay for softwares right now.
Mailfence or Tutanota
This is an excellent comparison, I found it to be very insightful.
Especially the privacy aspect of each service.
Online privacy and anonymity are two subjects that are very important to us.
We run a privacy-driven email provider: https://cyberfear.com.
It comes with end-to-end encryption, TOR support, crypto payments, no IP logging policy and many more features which you can find on our website.
I hope you will find time to review it 🙂
Thanks. We’ll test the service and consider adding it with the next update to this guide.
Where is cyberfear located?
Are you aware the Contact Us on the cyberfear doesn’t respond.
“Contact us anytime. We will answer ASAP. CONTACT US”
Servers are located in Poland, Europe.
To contact us please drop us an email, cyberfear [at] cyberfear.com
The button links to that email.
We will add a Contact Form shortly.
Hello Sven,
Please I am desperate to know if this is true-
https://tarnkappe.info/tutanota-muss-polizei-e-mails-unverschluesselt-uebermitteln/
I use Tutanota for even my most critical emails. Can you reach to root of this as fast as possible. I have to switch to another service if this is true. (And that would not be an easy task. Thanks in advance.
Yes, this is true, and we cite that exact case in this guide. See the section on Germany jurisdiction, where we commented on both this case with Tutanota and also the case with Posteo being forced to log IP addresses. So we see two cases where German courts went against privacy. Things to keep in mind…
For better security and more privacy, we recommend using an encrypted messaging service rather than email.
Summing it up, where no EU legislation reach applies, it is not possible to force an email operator to divulge it’s customer data in the 1st place.
As the two cases cited where Tutanota and Posteo must comply I’d rather see them not. Yet, dissolve or restructure their headquarters to a more privacy and data respecting local.
Bottom line, if they or any like them truly believe that their service is valuable and changes peoples lives for the betterment. They should be willing to change their life first and foremost by moving it and their cause to stay unblemished. Not just accepting a legal compromise of the moment that forever changes their business and philosophy projections going forwards.
Eek, I’ve used them both.
Yep, me too, and Iceland is looking pretty good as a safe jurisdiction, but who knows what the future holds.
I remember back when I learnt of Ctemplar. I believe they stated then, they had a legal staff employed to monitor privacy laws changes. Such changes to laws that would affect their business operations in and out of the country they operate. I wasn’t able to source it now. I did find the following, though dated it is current to the trend of times.
The term “Privacy Shield” is a deceptive name and is harmful to peoples privacy. The EU/Swiss-US Privacy Shield Frameworks were initially formed by the US Department of Commerce, the European Commission, and the Swiss government. The main objective behind the joint alliance was to provide a way for organizations and corporations to adhere to data protection when sharing peoples private data between countries. By 2016, the European Commission decided to allow the EU-US Privacy Shield Framework to monitor data transfer under the EU law. It is strongly advised that people who seek privacy should not choose a country, like Switzerland or Germany, within the privacy shield. The desire for increased profits has been the driving force for joining the Framework, and in the process, these nations/organizations end up knowingly abusing their citizens privacy.
[https://web.archive.org/web/20190217192703/https://blog.ctemplar.com/swiss-privacy-is-dead-icelandic-privacy-is-most-secure/]
Icelandic Privacy Laws
[https://ctemplar.com/icelandic-privacy-laws/]
Tutanota must transmit unencrypted e-mails to the police
https://tarnkappe.info/tutanota-muss-polizei-e-mails-unverschluesselt-uebermitteln/ (german)
I just thought I would share this data.
This is really interesting read and thought if anyone is wondering about Google, please read.
https://protonmail.com/blog/searches-increase-for-email-privacy/
Good read, thanks for sharing J.M.
@Sven,
You’re welcome. I am glad to help and share what I can.
How about Criptext? They say all your emails are stored on your device only and automatically deleted from their servers after it’s delivered to you. Do you know if this is true or better?
We will check it out with the next update.
@Sven,
Two comments,
Your con list for Tutanota should also have the following two:
1) Potential and significant down time with no email access.
2) Member of the 14 eye nations.
Your last negative on ProtonMail should reflect their change. It should be removed and a new note under Pro as follows:
1) All apps and software are now open sourced.
Thanks Sven.
Good points J.M.
I removed the con with ProtonVPN about closed source apps, and noted the open source Android app under the Pros.
With Tutanota, we’ll keep an eye on the downtime issue. Yes, it is in Germany, but my stance right now is 5 Eyes are a bigger issue to worry about, and Germany is pretty good in comparison. But we discuss this issue more in the Tutanota review.
@Sven,
Thanks. I do understand about the 5 vs 14 eyes.
There was an article on the PIA blog (not that I would trust them for security) but they pointed out a bill that will change Germanys law and make ISPs spy as well.
I appreciate the help on this and I will watch for your updates. Thanks again.
When we over at Coventry League wrote a blogentary about the Vivaldi browser, we mentioned ProtonVPN (ProtonMail). What’s interesting is that Vivaldi’s co-founder, Jon Stephenson von Tetzchner, is from Iceland. He has incorporated some decent privacy into the browser (native ad- and tracker-blocking, etc.). So, it’s refreshing to see that Iceland-based CTemplar made your list.
By the way, we noticed you mentioned Lavabit but didn’t include it in the list. A quick search revealed that Lavabit is back in business. Apparently it offers consumers a plan at $2.50/month (free for limited period) and 5GB storage (end-to-end DIME encryption; one may use own domain name; access it via POP or IMAP, etc.). It also offers a free open source email client called Volcano, which supports Lavabit’s Dark Internet Mail Environment (“DIME”).
Any thoughts about viability of setting-up encryption-at-rest on a NextCloud instance, since NC offers an email platform?
Here’s the link to CL’s article (we need to update it since Vivaldi has new features since Feb. 2020!): [https://coventryleague.com/blogentary/vivaldi-artistic-beauty-and-technology/]
Sven, thanks a lot for all your informative reviews on the field. I found them extremely helpful!
I have done quite a bit of reading on the matter and I’m leaning towards Mailbox.org, even though I like ProtonMail a lot more than Mailbox. It’s just this significant difference in price, however, that doesn’t really let me go with ProtonMail. Mailbox isn’t bad at all (at least for me), especially since all I want is to “simply” escape from gmail. But other than this, Protonmail has a better webmail, it has a mobile app, and as far as I saw from other comments here, a relatively good customer support (i.e. not too many complaints compared to other providers).
So, as you can see, I’m torn between them two! I’m thinking that maybe the lower cost of Mailbox will cause me headaches down the road (with downtime, customer support, etc). Or is it just that ProtonMail being swiss, is consequently expensive, but otherwise offers the same features as e.g. German-based providers?
Any insights are very welcome!
Thanks a lot!
Panos
You can also test each out for a few weeks and request a refund if you don’t like it.
Why would protonmail use the Google recaptcha spyware device as part of the sign up process ?, the people behind protonmail are US educated CERN insiders which is a globalist stronghold . After two years Protonmail caused a sneeze in my sniff test (yes i have an account there& yes two years in is absurdly late for my curiosity ) , many so called privacy applications are gooooooogle honey trap spywares. And proton is now offering me VPN as my PIA account is due to expire YES YES i know i should have killed that account years ago & i did SEVN but they got me back with a ridiculously low please stay offer. I have since come to the conclusion that if you’re not paying for the product you are the product.. Yes i am probably over paranoid im aware of that still, profile pictures now eh? (if that’s the real you?) i expected the site of old where there was no face to the infamous SVEN TAYLOR.. for whatever reason i still prefer privacy gurus remain private. that said …that is a fine byrd your sportin there capitan, top knot is a bit shinny tho 😛 .. what say you sir am i being overly paranoid? does ProtonMail still deserve to fondle my private parcels?
Choosing privacy tools all comes down to trust, which only you can decide. ProtonMail is open source and has a good reputation in the privacy community, but there are lots of alternatives to consider as well.
Any thoughts on Criptext? Is it worth getting?
I want to get a VPN immediately, but I’ll need to register with an email of course, so I’m trying to figure out which. It seems difficult to find one out of the 5/9/14 eyes alliance jurisdiction (though I believe CTEMPLAR is). Two questions:
1. May I ask which email provider you use/trust, Sven?
2. I’ve just recently become a privacy enthusiast, so how is the interaction between secure email services like these and regular big brother providers like gmail/yahoo/etc? Will correspondence work normally, or will there be issues?
(Sorry if this answer was in the comments; I tried to scan them.)
p.s. Wish that I knew what I know now, when I was younger.
Hi Penny.
1. We test and use a few different providers. I like Mailfence for the features. Tutanota and ProtonMail are also great, but more limited with the encrypted mailbox.
2. Yes, correspondence works normally, but now you have control over the inbox and your data, but remember that most people still use Gmail. For more security and encrypted communications, I’d recommend a secure messaging service over email anyway.
Thank you! Since you said “remember that most people still use Gmail”, does that mean that in that specific scenario (my secure email sent to Gmail/other standard provider), having the secure email provider is pointless (since any encryption will be unencrypted in the recipients account?), or does it still help privacy in some way?
For example, with sending sensitive information like SS number, etc.
@Penny Lane,
I highly suggest ProtonMail.
No issues in emails, solid security and a great VPN as well.
Been using them almoat a year now and it has been rock solid for me and my NPO.
[https://digdeeper.neocities.org/ghost/email.html#ProtonMail]
They finally admit to direct surveillance – In addition to the items listed in our privacy policy, in extreme criminal cases, ProtonMail may also be obligated to monitor the IP addresses which are being used to access the ProtonMail accounts which are engaged in criminal activities. And you will never be told you’re being watched. So, what we have here is a provider that does not support mail clients, requires personal info to sign up while claiming otherwise, spies on you on their website, stores your e-mail metadata (and IP in certain cases) forever and immediately gives it up whenever government knocks on the door and shouts “terrorism!”. Its encryption is also lacking according to researchers, and cannot be used for non-ProtonMail accounts without paying. And then – after all that – it claims to be a champion of privacy.
Appreciate the thoughts. Here are the issues.
1) the website itself looks chintzy at best.
2) Most if not all, the authors “issues” have been answered and solved. Yet he rejects it.
3) Out of date. He claims several times that ProtonMail does not have client support (false. Called a bridge). There are a few other things that he is not straight forward on such as the info collected, etc.
4) The very source (OpenPGP, and other libraries) which aid in encryption (which providors such as CTemplar use) is maintained by and owned by ProtonMail.
5) He points out flaws in the encryption. But why not point out the $50k bounty that is offered to ANY hacker who can find a flaw? I find it hard to believe that this offer was ignored. Yet the sites author acts as though it is hushed up.
6) The author encourages PaleMoon and Vivaldi browsers! Either he is a) really out of touch with what these browsers do and then why trust him on anything else? B) He is not really sure what he is saying so he is just repeating what he heard. C) He is bought and paid for by these companies. D) he has a bur against Protonmail. E) he wrote the site and just left it.
So, I would again say that ProtonMail has been proven solid. I have followed up with the issues of requests. I have looked at the MLAT treaty (the author doesn’t touch that…wonder why?), and I have asked the hard questions to the point of being obnoxious rom PM directly.
7) Look at his recommendations for Email: Riseup and Disroot. Really? Riseup was forced to hand over docs and did (Lavabit chose to shut down), and disroot? Who is that? Then he recommends posteo, Countermail, and one other as secondary. Ok. Fine. But why pass over Tutanota?
8) lastly, all apps and resources are Open Source. You can read their codes.
Look at this site for the pros and cons. I will not say that for everyone ProtonMail is the “best” as that is subjective. But I can recommend what I do based on what I see and read.
Even on this site, Sven only has two marks against ProtonMail and NONE of them have to deal with Privacy and security. The biggest mark was funding but that too has been answered publicly as well. You can see this on the proton mails own review here.
The “evidences” on the linked site is…sketchy at best.
But I appreciate the link. Thank you.
Just one more note. Digging on his site, the guy seems to be a loony. I will just leave it as that.
Hey I’m neither for or against it and only sharing info found.
1) I thought it was a hip looking site with the dark theme shown.
Could be limited in the offering being neocities produced.
The information on Proton seemed through enough.
2) Can’t comment here.
3) Author meant users can’t use a 3rd party mail client for proton has no support of The Bat, eM Client, Mailbird Pro, Thunderbird, etc.
4) Maintained by and owned by ProtonMail is worrisome. If there was any flaws in the encryption proton would be first know and it might be along time before users caught winds of it. Doesn’t sound to defensive of measures for backdoor proofing or vetting. Just an observation and question meaning it’s closed source proton software? I guess you answered that in 8.
The info of that site may be dated but it’s time and efforts the author once made to understand things and any facts he found is inspiring as he looked at many. Tell me more of sites like this.
If I was shopping I would look for all the out-sourced audits done, not only for proton but any I be interested in. Preferences are like fingerprints each one unique in their own right.
@Rosemary’s baby,
I get you. I appreciate the info you shared. I, as well, was just sharing what I was seeing.
In regards to the issues of the open source, that was announced that it is fully open: https://protonmail.com/blog/android-open-source/
When dealing with the clients, such as Thunderbird, Outlook, etc. I use a Linux with Thunderbird. Granted, the bridge is a little clunky to set up and I find that if I change my password or whatnot, it messes my bridge up. However, they do offer that: https://protonmail.com/blog/bridge-security-model/
The biggest hesitation I had was with their funding. Much has been answered online, from what I have seen (I don’t have the exact link at the moment, and maybe someone can put that up for me), it has been cleared. For example, the EU gave money to help support the concepts of Privacy. Because Switzerland is not a member of the EU (https://www.americanswiss.org/resources_and_publications/switzerland-and-the-european-union/), the laws do not carry the weight that they do in such places as Germany, France, etc. However, Switzerland has, for the most part, shown themselves to be very solid when it comes to privacy. The amount given was not a controlling figure, and therefore ProtonMail is still independent.
The other concerning thought was that of the Venture Capitalist from America. What was explained to me in a private letter was that the amount given was substantially less than what would ever afford them any controlling decision as well. Which then brings us to the bigger concern, the support from Swiss government themselves.
When I asked about this, they said that the money given was a full grouping of money given to private and public entities directly to help the businesses to equip the privacy technology needed. This was left to the companies to decide what equipment and develop it themselves apart from the government control. I was still a little skeptical because the gov does not just give that away.
What helped was that they said the company is still private and owned by the employees themselves. At least the bulk ownership. This allows them to function as they do and yet keep the privacy as they have.
The owned and ran by Proton itself is, I agree, interesting, but if I may, let me explain what I can.
First, the coding used in all of their system is open sourced (as explained above). Second, the libraries used are battle hardened and tested around the world: https://protonmail.com/blog/openpgp-test-suite/.
To be completely fair to Proton, even high encrypted email services, including some that are positioning themselves to be stronger than even ProtonMail, use these libraries: https://ctemplar.com/ctemplar-recognizes-protonmails-openpgpjs-maintenance/.
I use a free CTemplar email as a backup as well, and honestly, the only thing holding me back from going to them is the cost. They have combined the amazing security of ProtonMail and Tutanota into one. But they are just so expensive. To get what I have with ProtonMail, I am paying almost $400 a year (and they do not offer discounts for NPO’s).
But I digress with that. Protonmail also offers a bounty for finding any flaws: https://protonmail.com/blog/protonmail-bug-bounty-program/
I was wrong though as I said it was $50K, the max is actually $10K with other values added as seen in the link near the bottom.
While I know it is not a lot, if there are problems, it is an easy and quick cash. If I was at least smart, I would look into it :). But I can do minor things (I do use a linux) but it is such petty stuff that I would be laughed at if I thought I saw an error. LOL!
One thing I hate about message boards, emails and texting, is that you cannot hear the voice inflection or see facial expressions in the way they are intended. So I was not trying to say you were wrong in putting that site up, I just disagree with what he is saying because, unlike restoreprivacy.com, many of the issues, have been taken care of.
The email works. That is all I can ask it to do.
The calendar is in Beta and from when it first came out to now, the improvements have been amazing! So much so that I use it. I am just waiting for there to be notifications and I will switch completely over to it.
This fall, they are unveiling the Beta for their ProtonDrive. I cannot wait to use it as I have been missing that since I left Google.
I sent in a highly suggested thought that they should work with LibreOffice, and see about setting up instances with them to have an online version (LibreOffice does already have that: https://www.collaboraoffice.com/code/)
My push was to have them re-brand it (legal to do) and integrate it with Email. I know that is a lot but then they become that much more of a competitor to places such as Google. If not, I may try to get it running myself, but then I like the connectivity with my email if I can.
Rosemary’s baby, I hope you don’t think I am attacking. I am not. I am simply here to learn and also help others to learn as well. The best way we do that is through engaging discussions such as these and with the understanding that what is read is often not how it is meant to come out. So please accept my apology if I came or come across as rude. That is not the intent.
@ Rosemary’s baby,
Leave it to me to forget one point. I don’t know how you feel about Tutanota, but they also roll out their own encryption keys as well.
I have mentioned several times that if it is set up correctly, great. But it does go back to trust and whether or not they did set it up right.
Just forgot to add that in my last message. Sorry.
at J.M. It’s all about preferences and I understand you to know that you have looked for better and held stay here in proton. Where things in where a company generates and controls your key pairs is not good privacy administered and that’s only my opinion. But read on as I try to proof the pudding.
Allow me, Encrypted Email Services Can Hack You Using JavaScript
[https://ctemplar.com/world-leading-icelandic-privacy-laws/]
If JavaScript is required for encryption, it can also be used to hack users who use end-to-end encrypted email services.
Same link above:
Does having open-source code eliminate this risk? No, because open-source code is just an act to encourage users’ trust. The audited code in GitHub might not be the same code that is sent to you from a companies private server. There is no assurance or promise that the code hosted is the same as the one is served.
NOT THE SAME CODE as audited, who might think such things if it wasn’t possible? Backdoor I don’t know but see the link. This is illustrated by Gizmodo, USENIX, Ask Leo, Stack Exchange, ITNEXT, and it is a recurring theme at the hacker conference DEFCON. JavaScript hacks are also the primary way to de-anonymize Deep Web users. In November of 2018, Professor Kobeissi revealed this knowledge [https://eprint.iacr.org/2018/1121.pdf]
CTemplar’s 4 Wall Protection
[https://ctemplar.com/ctemplars-4-wall-protection/]
Wall 2: The Only “Zero Access” End-to-End Encryption:
“End-to-End Encryption” by using javascript has flaws. The CTemplar team was the first to solve the flaws making our End-to-End encryption the very first “Zero Access” email platform.
A service that offers end-to-end encryption is worthless if they can decrypt your emails and give them to anyone who asks.
The power words here are in “End-to-End encryption and Zero Access”. These seem to be missing on proton’s platform.
Seems to me the intell you have pointed to about open source is- All ProtonMail apps are now open source. To that end, open source has long been a priority at Proton. Our web app has been open source since 2015, our iOS app is open source, our desktop Bridge app is open source, and all ProtonVPN apps are open source.
This means that all Proton apps that are out of beta are open source.
Ok I got that the apps themselves are this open for inspections. Now consider the neglect on proton’s part to mention anything about the 4) The very source (Open PGP, and other libraries) which aid in encryption (which providers such as CTemplar use) is maintained by and owned by ProtonMail.
Leads me to question is the OpenPGP encryption code open-sourced, beings it is maintained by and owned by ProtonMail?
No transparency is given on proton’s part if all users are always sent the same code hosted (and possibly audited by third-party) in this the very same code as the one in which is served to every proton user.
What if you or anyone’s account is deemed a certain case?
The e-mail service, we have access to the following email metadata: sender and recipient email addresses, the IP address incoming messages originated from, message subject, and message sent and received times. Active accounts will have data retained indefinitely. Proton does store IP logs forever in certain cases – and your IP address may be retained permanently if you are engaged in activities that breach our terms and conditions. If you use their VPN then your real IP address is known – yes?
You got a big company with outside money investments to growth. Our government is big and think of all those lost and unknown departments it has. Compare and regroup or move on.
Judge things on a micro-scale that extends your security into privacy. Leaving your mail on a server, sometimes almost forever, is like looking at the earth from mars. Nothing micro to it.
I have nothing new or more to offer, but choose wisely 🙂
Thank you for the info. I will look at it and follow the links.
I would say that no system is perfect. Some, better than most.
In the end, it does come down to trust. But I appreciate the links and will look at it. Thank you.
@Rosemary’s baby,
Thank you again for the links. I wish to leave my final remarks to finish up our discussion.
You brought out a few things about JavaScript that I was unaware of, and I really appreciate. So I have done some digging, and I would like to share just a little of what I found and then I will let the discussion drop.
First, while it is true that it can be used to breach privacy and security (https://www.makeuseof.com/tag/3-ways-javascript-can-used-breach-privacy-security/) there are ways it can be mitigated against.
It seems the biggest issues are what is called MITM (Man In The Middle) attacks. This is the danger of JavaScript, and it is up to the web developers themselves to help make sure their use of it is done right.
The question then bears of that with the systems and coding used. I have traced down the report of Professor Kobeissi, and while what he said is true, I have also tracked down several other encryptologists who have refuted his findings as well.
In a debate directly with ProtonMail, there seems to be chinks in the Professor’s arguments and backtracking on several points which resulted in deleted statements: https://www.reddit.com/r/ProtonMail/comments/9yqxkh/an_analysis_of_the_protonmail_cryptographic/
In fact, digging deeper into his paper, I have ran across several sites that have pointed out the paper is not even peer reviewed for evidence. True, it is all opinions, but ProtonMail has answered the challenge: https://protonmail.com/blog/cryptographic-architecture-response/
Even on a security website, one of which a “poster” on this site, Mirimir took part in and while I may not understand everything, it seems as though ProtonMail held its own mostly: https://www.wilderssecurity.com/threads/anyone-using-protonmail.394862/page-1.
It seems as though the Professor’s paper has several holes. Therefore, I also tried to find others that would answer this question: Here is another place I looked: https://www.reddit.com/r/ProtonMail/comments/48o6lf/is_javascript_cryptography_insecure_by_default/.
Now, I know that many will say, “REDDIT!”. I agree. I do not trust what I read there, but wish to verify. So I did the best, last thing I could. I messaged a friend.
I have referenced my friend before on here. He does programming, IT security, and development of codes. He also is what a company would hire to find weaknesses in their system (A white hacker) who is paid to find problems.
I shared with him everything that I am seeing. I am only going to paraphrase what he said. He said that what is being proposed by the JavaScript is partially true. Everything goes back to trust. Trust in the system, programming, etc. However, you must balance security with usability. You can make something most secure…but then it is not usable. Furthermore, if you are using a keyboard to type up a response on this site, and you did not code the keyboard yourself, program the structure yourself, and design and develop the keyboard yourself, even your keyboard can, if someone is malicious enough, can record keystrokes using the embedded code to make the keyboard work. This is done using the firmware.
Therefore, the concept that JavaScript itself is inherently dangerous is a misnomer. Caution should be taken and evaluated at all turns, but in the end, you must trust.
So, the professor may be right. I don’t know. I fall back on the expertise of my friend. Are there questions regarding the professor’s paper? Yes. Enough to make me doubt him? No, but not enough to have me change who I am using.
So, the search for security continues. Until said time, however, I have to balance consumer convenience to use and security, and right now, for me, ProtonMail has it. Privacy, on the side, is not a major thrust. My name, and organization are in my email address directly. There is no privacy for me on that part. So, I try to balance what I can.
Thank you again for the information, and I will keep researching this. As you said, and as I am agreeing with, I don’t really have much else to add. So, we continue on. Thanks again.
I have used Startmail for five years and was satisfied with their service.
I know they have denied any direct connection to, or influence by System1/ Privacy One Group and it’s associated companies. System1 has bought or have invested in, and therefore influence not only StartPage, which was excellent, info.com (another search engine), Waterfox browser, as well as MapQuest. So they know what you search, which websites you visit, and everywhere you go if you use the aforementioned products. There is a reason they buy these companies, and it is not to lose money or protect your privacy.
Their history and business model tells you what you need to know.
I do not necessarily believe StartMail’s denial. I seem to remember some questionable statements made by Google and Facebook, as well as others.
Perhaps it is just a coincidence that I now cannot renew my subscription with StartMail if I am using a VPN. The purpose of using StartMail was security and privacy, but now I am unable to continue to connect the way I have for the past five years, including when I initially subscribed.
This was their reason for my inability to renew. I remain dubious and am evaluating other options. If I cannot trust my email provider I may as well use GMail and save $60 per year.
Thanks for the information Sven. Excellent as always.
Rather than Gmail, try Zoho Mail.
https://delta.chat worth checking out. No server, autocrypt, email in the form of instant messenger.
I looked at it. They are using email servers.
Depending on the email services used, you may find it is very insecure and privateless.
Just what I saw.
Would you be able to do a review on Criptext?
It’s free, open-source, encrypted and emails don’t stay on their servers.
Interesting. Email based on Signal protocol and saves messages on device? It’s like the email version of Signal.
Sven, 4-29-2020
I just read down this page and you are one amazing person to take such time to help so many people deal with the corporate crap. My hat is off to you, SIR. And seldom do I use all caps on that designation. Seriously – you are a unique and kind helpmate.
My question is for you and all of your readers – since the betterment of dealing with the lack of privacy is a disgusting legacy being left by our generation. But at least we are starting to get back on our feet with innovation to compete with the evil.
Now. I just visted == swismail.com == and did a swisscows search for reviews on this swismail service – and came up empty handed. I couldn’t even find one serious review by people who investigate this stuff. BTW == only one ‘S’ – in the .com address.
And, on the swismail website, I could not find any privacy policy or detailed account info … just the stuff on the page, which are just basic features and intents (that actually looked rather up to date and impressive). Now, it appears to be abreast of our plight, but one would think there would be more specific info. It appeared as though ‘sign-up’ was very private – as I saw no requests or fields demanding any data to be linked to an existing email or phone account. So, sign-up appears to be ‘VERY privacy friendly’ – like most email services aren’t. But, if it truly is a valid service – could you maybe try it out with a computer that has a decent firewall and other safeguards that I don’t even understand – let alone use? I would try to sign up – but what if they launch a worm that goes to read my whole hard-drive? I wouldn’t know what to do to stop it – and that assumes I would even know it was taking place. Know what I mean? Some email service privacy policies even claim they read your OS, browser used and all kinds of other stats from the internal data. I don’t know enough about this stuff to risk investigating … swismail.com … So, if you could and know how to guard yourself against their possible intrusion … I would appreciate a heads up. Maybe it’s the greatest thing since sliced bread and we could all use an account with them. Who knows…
Well, thanks again … and my hat’s off to you, SIR.
Sincerely,
Jim
Jim, I have not heard of “Swismail” before and it does not appear to be an active service, with the website footer dated 2018. I would look at alternatives.
I first thought it was trying to get a foot hold on the future offering of https://mail.swisscows.com/en
playing on the name – where people might mistake it for the cows coming mail service.
I only see one domain to choose from for an address of your mail account even though it has a drop-down arrow that opens.
I do see on the sign-up page giving the TOS, which will usually point to a sites (privacy policy). Not here – https://swismail.com/tos
Putting – /pp or /privacypolicy after it’s web address leads to – – Error
Not Found
These I find interesting from it’s TOS.
4. Your Content
In these Website Standard Terms and Conditions, “Your Content” shall mean any audio, video text, images or other material you choose to display on this Website. By displaying Your Content, you grant SwisMail Inc a non-exclusive, worldwide irrevocable, sub licensable license to use, reproduce, adapt, publish, translate and distribute it in any and all media.
[Wonder if that’s referring to your mailbox contents – ?]
12. Governing Law & Jurisdiction
These Terms will be governed by and interpreted in accordance with the laws of the State of Switzerland, and you submit to the non-exclusive jurisdiction of the state and federal courts located in Switzerland for the resolution of any disputes.
[Usually we get more here of the company address and departments titles of who to contact.]
It’s free and the ‘private secure’ evidently means the company’s business end. Jim, I’d PASS on this one for sure. Not enough said to be informative as what your getting into…
@sonar
Which one do you use or recommend at this moment (of what you know)? Because of your great knowledge I’m very interested in your opinion.
Tutanota?
Posteo?
CTemplar?
Thanks in advance!
I think the new encryption protocol they’re developing is designed so they won’t have access to the keys? And thus they won’t be capable of giving up their clients accounts or data, if such a situation were to happen again.
(I’m not an expert)
youve never done a review of novo-ordo.com an email provider that prides itself on privacy .
How do you feel about them. Not much reviews online about them.
I don’t know much about that email service.
How secure is Mailfence vs. Privatemail.com ( Which Is Torguard ). mailfence seems to log everything , log IP , Time Stamps , etc… Id like a your revew on Privatemail.com . They are USA based but claim once you delete emails they are gone forever. Id like your feedback on privatemail.com. I was reading up on protonmail , although they get allot of good press they can be hacked cuz they use a web based cryptograpy.
Private-mail from TorGuard.
Ok, we can keep that in mind for a future review.
Hey Flash,
Depends on the mail type of user based you are, what good are electronic mail services that encrypts – when people in your most as contacts of mailing don’t do any sort of encrypting likewise.
**Encrypt adds that security in the minds hype as well can be useful if the applied encryption concept is understood correctly.
It’s because using encrypted electronic mail services – as some use encryption means to protect your accounts inbox contents, not only for an encryption of your sent and received messages over the open internet. As user account enforced Encryption as controlled by each users account password to their accounts, basically refers to these encrypted services as the zero-knowledge mail services. Your user account inbox could have (most) of the departments there as well encrypted to include contacts, attachments, email body, and whatever in that a mail electronic mail service offers for users based accounts protections there.
BTW:
ENCRYPTION being used as part of an electronic mail service can mean it’s grounded in ENCRYPTION only by chosen WHY method(s) and by WHOM and WHERE as well to WHAT is it’s applied parts in trying to protect the mail services users and their accounts inbox. Some do it in an encryption WAY by the most adaptive / universal means! (Referring to accounts messages transmissions over the open web – how’s the inbox encrypted?)
Also it means there are closed off encrypted mail eco-systems to some of these offered email services. Where then others (sender-recipient) outside of it’s or a specific electronic mail service your using, possibly allows TWO means of your messages transit.
1st) All non-registered users of an email service that are sent messages to – will be send and received as clear-texts messages traffic from your email service having some encryption scheme used. (see BTW)
2nd) Symmetric Encryption – where needed & prior for your having given of the message recipient as to sharing of a password / paraphrase for this message in your receivers ability to view it’s encrypted contents. Ability they have to answering it back by their reply and it’s been encrypted by the container. Thus by just a ‘link’ as given to them in their mail service inbox. So of this one message stays on your email accounts mail server / they do not never send it out across the open web.
***Do have a look down in the comments here Flash. Real users comments, and/or questions have generally been covered as what you have asked… And they weren’t addressed by Sven – as he’s a busy man.
Both [https://torguard.net/] and [https://privatemail.com/]
https://restoreprivacy.com/email/secure/#comment-61876
Read the real replies of the proprietor of a very small secure email service, “Sub Rosa Secure Email” [novo-ordo.com] here – and downward to the whole conversation that took place…
https://restoreprivacy.com/email/secure/#comment-60492
My final drift or stance of Sub Rosa email is it’s not for long term storage and even then the only encryption they may offer on their side is on their mail server…
Quote from Rick the proprietor:
[Messages should be encrypted before being sent and should not be left on the server longer than necessary.]
Hi Sven,
Could you please review this email provider: https://www.mailo.com/
Thanks
Hey Anna,
Mailo looks interesting for a secure email provider catering a solution for everyone: adults, children, seniors. Attention to families and children’s security. Performing tools for professionals.
The service is fully hosted in France and carefully follows European and French regulations on private correspondence and data protection.
The users’ data is confidential: no backdoor is open for anyone, even authorities requesting access outside a specific legal framework.
@MarkR was just asking what good are mail services that encrypt when his contacts don’t do any encrypting likewise. I answered with kind of covering that in some of these mail services it’s not just the message(s) that gets encrypted with some of them. But, as your mailbox and departments there of. But I got his direction of point and maybe Mailo looks interesting to him and others because the way I read it-
“With Mailo, you can choose for each e-mail you send whether you want to encrypt and/or sign it with PGP. In order to use PGP when sending an e-mail, you only have to set the PGP encryption option when writing the e-mail.”
**I read you have a choice ‘for each e-mail you send’ by being given ability to ‘set the PGP encryption option’ in composing it optionally as to sending it out as encrypted otherwise. https://www.mailo.com/mailo/en/sending-pgp-e-mails.php
Dollar to features as the service offers is value that speaks loud to me also. https://www.mailo.com/mailo/en/features.php
Though France jurisdiction is questionable to some. ‘The Mailo users’ data is protected by French and European laws.’
I say it’s interesting enough and should catch Sven’s eye for a closer look to maybe making it on the list.
Mailo has some strong points for around $13.05 USD yearly.
History – https://www.mailo.com/mailo/en/history.php
Mail, contacts, calendar: configure your Mac for Mailo
https://blog.mailo.com/blog/configurer-apps-mac-pour-mailo.htm#more-2257
I have registered a test account on mailo.com and while I cannot comment about privacy, the service seems buggy.
1. All emails I sent out arrived with a delay of one hour or more. I checked that with multiple recipients and even with mail testers like mail-tester.com, I do not think they use graylisting so this is a problem with mailo.com.
2. I added an IMAP account to Thunderbird and sent an email. Now there are two copies of “Sent” folder, one used by Thunderbird, another one used by webmail. Thunderbird doesn’t see messages sent from webmail because they are in a different “Sent” folder. Webmail displays both “Sent” folders (separately). WTF?
3. No DKIM, no DMARC, spam score is quite high.
Overall, the web site looks serious but the functionality looks amateurish and buggy.
Hi Sven,
My apologies if I’ve missed the point of your general review or if there are answers in the comments, but…
I like the idea of getting away from Gmail, Outlook, Yahoo, or ISP-hosted email, and maybe that’s reason enough to go with one of these providers. But, how much good is doing that if virtually all the people I email don’t use a similar service, PGP, or something like that?
MarkR
That’s a good point. But with a secure email that respects your privacy, you have control over your own inbox without third parties collecting your email contents and profiling you for ads. You can’t control other peoples’ inboxes, but you can take control of your own.
@MarkR,
I’ll agree some of these mail services seem off in a closed eco-system to use, as encryption standards being applied across the board for mailing simplicity.
That’s not me hitting the nail on the head of your concerns though, but I’ll try.
YOUR CONCERNs:
“But, how much good is doing that if virtually all the people I email don’t use a similar service, PGP, or something like that?”
That’s a very good focused point on the nails head before driving it home as a service you’d pick and use – Sir.
As Sven has already pointed it out these mailer listed are representing mail services that don’t read and scan your email contents to selling off of that personal info, nor knowing how to profile you for any advertising. That’s your excelling privacy stance with these secure mail guys and with encryption.
That’s encryption basically done in the users account end with any encryption as being the LOCK on the account and it’s controlled by each users account password.
Not to be mistaken as some encryption principle to having been generally applied to the mails service ‘SERVER’ holding your mailbox that some of it’s employees have access – even though not knowing or needing your account password. These kind are a lesser breed to user privacy of mailbox contents…
– Thus it’s account enforced Encryption as controlled by each users account password of their accounts, basically refers to these services as the zero-knowledge mail services. Cause in your user account (most) departments are encrypted as to contacts, attachments, email body, and whatever in that a mail service offers for users accounts there.
Now hoping we can understand this, who can we use of these encrypted mail services for sending messages without any encryption applied to our message or the fact to that of all our messages -if wished- sent out as clear texts only?
I’m only giving you a couple, one mail service offers in the account contents encryption as automatically covered besides a choice of message going out as encrypted or clear texts. The other service you have to set it all up but, stands on users account privacy principles, but as both to are fair in users account pricing…
**Posteo – you have to set it all up to encrypt anything in your account – good stance and standards on Users Privacy and sends clear texts messages out by default.
***Tutanota has an option labeled “Default Delivery” with a “Confidential” check box next to it in the “Settings” > “Email” section. Make sure that it’s check box is unchecked, and by default email will be handled as unencrypted as clear texts for sending out. You’ll know if it’s working as if you’re NOT prompted to setup a password for (symmetric encryption), for persons outside of Tutanota’s system.
I would heed of a fact that THIS is what you’ve asked for and because Tutanota uses some encryption to protect your account, nor is it only of messages sent with (symmetric encryption). But un-encrypted clear texts delivery – messages handled internally and stored – it’s had encryption applied and unlocked easy with your accounts access.
WHERE as, if it were to be emailed to an external (non-same service) user with just a link given to the message on Tutanota’s server – – and – – – prior to your having given of the recipient as sharing of a password / paraphrase with this message for your receiver to view it. The encrypting/decrypting in THAT one messages ability by an (symmetric encryption) would be applied, or again sending your messages to outside addresses beyond your particular mail services and as encrypted texts to the another persons mail service. Is offered in Tutanota but altogether different that you sought of no encryption.
Thanks
Posteo has got many informative help snips about it’s service.
Understanding encryption as helpful in their service as setting it up see:
Topics of manual selections as it’s encryption is not automatically enforced as being applied to your accounts end…
Encryption- https://posteo.de/en/help?tag=encryption
Transport route encryption- https://posteo.de/en/help?tag=transport-route-encryption
End-to-end encryption- https://posteo.de/en/help?tag=end-to-end
Inbound encryption- https://posteo.de/en/help?tag=inbound-encryption
@Kate,
I think I remember you and at this time I was answering you by the HardSell handle then, and tried to help you out. [ I’m new to VPNs and need help to understand how I can overhaul all of my devices connected to the internet that are not private at this moment. ] If so I remember you – Hi ; )
Going as @sonar now because it pleases me more than @HS – sounding like a crack of a whip. sonar sounds more perceptive, friendly and playing with sonar says, says, say as I did of the change made over.
Just seemed like the old analog sonar displayed on TV shows from the center traveling in outward circles to encompassing the field. Seem it’s close as what I try to do here listening to the core facts and finding the direction of best help I could offer.
Core fact – “But in the past 24 hours my internet has slowed dramatically,”
Although, I’m not personally in understanding OS X platform workings, Sven better. I can offer some suggestion of why the slow speed you’ve seen.
For one, is it’s being tied to this social distancing faze we all are going through, has put a high maybe very large demand. On all of the major CDN’s > ad networks > local IPS > to users speed related issues. That is the sheer amount of users online with free time to stream and other surf online than has ever been witnessed before till now of so much demand to the supplying or serving up transmission components of the web matrix. Just think of millions x10 in everybody that needs to signup for unemployment as an employee to a business to those employees of the business in supply chains to them and others. Are moreless forced to shut down in the wait out time being required till the pandemic hit’s it’s peek around the country and world for that matter.
I had gotten this:
To our customers,
We are increasing your Internet service speed by more than 60%—at no additional cost to you—to keep you connected to your families, workplaces, schools and information as our country responds to the coronavirus (COVID-19).
Your ISP to your home or phone is the first place I check with questioning of them are they at capacity causing your slow speed? Have they had daily periods where they’ve seen such a taxing demand. So great that can be a cause in your slow connections speed? Mobile ISP’s usually run prioritizing software when there is great demand on a tower – so everybody in the neighborhood get’s a usable piece of the stream available, unless it’s soft capped by amount consumed till all the towers demand eases as they get their advertised speed back.
If that’s not it, then it’s probable out of your control, if it’s not the Express VPN server network itself in someway. (ex. webs interstructure matrix bogged-taxed then encrypted tunnels toll to your speed too). Recall all VPN’s routes you through hops to it’s servers, but still you could make any number of intermediate server hops to the server you wish to get serving up that site. For that absolute anonymous IP try another server close to your surfing out of location, after that I’m not sure the intermediate hops before you get to the site server .
The Internet is a cooperative PUBLIC DATA NETWORK. Its data traffic flows around the globe freely, transported by an incredible variety of intermediate carriers. These carriers cooperate because they need each other equally: “I’ll carry your traffic if you’ll carry mine.” And the system works.
I don’t claim to understand it, but trying to understand it enough down to the packet level I wish to get.
– Then if, it can be anything like airing up a tire with an air pod, to put 30psi in the tire requires the pod to have at least a minimum of 60psi to push out 30psi till equal pressure is reach between it and the tire. Minimum of 120psi to fill 2-tires to 30psi or more thann 30psi in one tire. Looking at hdd/ssd memory, server system ram in about the same way might apply.
Hope it was informative if not a place to start = 1st your ISP, then support @Express or it’s community to see slow speed buzz talk.
Sven, I need your help. Months ago, I discovered VPNs through your site, I believe, and also signed up for a tutanota account. I even got an ExpressVPN subscription, which I love. I can now access blocked US sites when I am in Europe by using a US VPN. But in the past 24 hours my internet has slowed dramatically, and I need to run a speed test with and without the VPN engaged. The problem is that I can’t remember how or where I formatted the kill switch settings in my OS X. I did it manually. I vaguely recall following a blog post you had. Maybe not. Can you please tell me where I did can find those settings on my Macbook?
Hi Kate, the only thing I can think of is if you enabled the “Connect on demand” option when setting up an IKEv2 profile on your MacBook. I discuss that in this guide, and if that’s the problem, you can just uncheck “Connect on demand” for the IKEv2 profile you previously were using.
Hi Sven,
Any chance of a review of Vivaldi’s mail service? My understanding is it is based in Iceland with a privacy and security focus.
Sven
Just a respectful suggestion from my experience reading when I dove into the topic above here, as I’ve read this or it (3 weeks) extensively at first find of it’s offering when finding your site about a 18+mts ago.
Novice to the subject I was overwhelmed often reading here in your break down of each as offered. Scrolling between what’s offered of the emails services is there on the space given, and thank you Sven it’s of a small bit of highlights, clearly useful and helpful but, for someone trying to take it all in. The minds sponge of the first few visits gets saturated fast in all that’s offered.
I shortly learnt it takes people learning new terms, what those terms actually imply and being applied how by related means here when the word encryption comes up. Then trying to understand a difference to all of the email services that encrypts and how their encryption style/mode/means differences of all the possibilities as listed email services being used.
That can’t be done of the Novice breed (least myself easy) without lots of off-sight leg work and in focus to their minds coordination by weighting in the different facts and aspects as they relate, finding they can very much differ – by how and in what way they happen to differ comes to readers very slowly. That when visiting 2-3 email services homepage listed above.
Along with catching your in depth reviews given to most of them separately.
https://restoreprivacy.com/email/reviews/
and jumping back to their mention here of easy found – Pro’s – Con’, then to more offsite reading of what’s covered as these -/+ checks and balances, and then to sorting it against of the other on the list here as well of their short overviews.
Tough as I found it all being a novice, because maybe I had a group look for all of the listed as secure email services, and basically in my mind secure meant to me as encryption used – relating that to the ease of a VPN set go out of the box. To my general understanding as a novice of this time would of been all of these services were blended shades of just one encryption’s color to a users privacy on an email policy of standardization covering users privacy as a gated two-way street you get on.
Instead I’d realized something as more visits over time with my coming back repetitively researching most of each one of these services. Found out it’s user privacy by multiple encryption’s colors used in palette to privacy of the user on different email service in user info required, different strengths of user friendliness, compartmentalization in encrypted features of an account by concept formation in coverage, and scope to deal with metadata involved.
This still as an enlightening overall captured web resource, along with more across the site you’ve graciously offered as your email guides, had me exultant to be so lucky. As I didn’t know what I was shopping for offhand but to get away from the likes of who’ve I used and that medium there based in free rides without any users regards of privacy…respected.
Sir you do excellent job please don’t hear me wrongly or different than I’m trying to mean or be herd saying but, as an aid to you and your readers from my combing it over many times in the past.
**A suggestion is to use small Icon tiles for your readers narrowing it down for them to a quick view information assembly by visual means of icons in what makes these email services different at the core level understanding. Say having of any differences in A than F and J, to all the others on the numbered listing. I mean sure the listing of them by number is not necessarily having any particular purpose to a service merits getting numbered 2 slot over compared to 9 slot as example – you’ve told us that.
I could see your guide at any emails service numbered spot now, line up all the icon tiles as that match this email service where it covered in their business model. Then it’s possible to drop the numbers all together and list the email services from the most icons to the least. As looking from that point of perspective to an overall understanding.
Important to me as I learnt was of the encryption concepts being used here and that various methods are employed as going in different directions on the listed services.
For the encryption icon used, the icon like seen in the address bar in a SSL opened browser window on secured site. You could assign colors codes used for type or style, as closed encrypted eco-system or PGP and S/MIME. With an elongated loop of the locks hook say for the departments and storage areas covered by encryption of the service offered.
That encryption icon I see as becoming difficult to represent accurately of a service and the degree it’s covered!
**So maybe make it a generic look offering a few characteristic in purpose as the, Lock icon is there because basically encryption is used or offered, the locks view is cut in halve when encryption is limited or keys controlled by the user and not automatic handled.. Whole lock icon view, offers users a fuller encryption automatic options. Color’s used could be applicable to represent as yellow/basics, orange/intermediate and green/advanced for the different areas least to most in where the encryption use to safe guarding users privacy or exchange of encrypted messages overall.
The other icons used could represent what is also covered in the secure email service, as well what is to be understood as an icon offered can be for a users shopping list weeding tool. Giving users a tool by visual icons means to honing in quickly on their solution for their unique needs they seek by observing the icons and it’s displayed color found vs slow crawl to get that understanding.
Allowing this visual impact leads to less need for the preliminary leg work on a readers part to a point their focus becomes understood quicker in a few of email services that hit their interests and they can begin comparing them in reading about each service of interest.
That same 3 color level scale B/I/A can be applied as applicable from least to feast in any icons to category for a particular service…To you also could use the icons at the starting of the single emails reviews given in depth you’ve made on some email service, as the same readers visuals to quick takes of the service being review at their start of exploring it.
ICONS:
Globe icon – Browsers allowed access to webmail
Lightening Bolt – Company own security standards-policies
Flag icon – Jurisdiction headquarters regarding privacy
Cellphone icon – Email apps availability or open market apps
Folder icon – Calendars, file storage, collaboration tool, group space
Curved dbl head Arrow – Emailing an external users w symmetric encryption
Fort icon – Encryption in strong core user fundamentals (user controls access)
Server icon – Controlled encryption w/o user input access (server encrytion)
TV icon – Device platforms accessibility
Pin Drive icon – 2FA
Each icon shaded yellow, orange, green means something specific about it’s involvement to that service. Maybe a number after the icon of counts in that category being offered with the color shade as least to feast repersented.
Sorry as it was a long brain fa_t. Hope you could picture it and in time we get there ; )
Thanks
Thanks for the feedback Sonar.
Sven,
I noticed the other day – while study reading (= very granular look and comprehension), of the ‘NordPass’ review by Heinrich Long.
There was an image used that showed he had an account @ ctemplar, would he comment here on that service, or could you probe him to his regards toward it?
Specifically the image had this under it – “Click one of those icons and NordPass will display a LOG IN WITH list (circled in red below) with all the Logins it has stored for that particular site.”
Thanks Sven.
Hey Sonar, funny you should ask because Heinrich is working on a CTemplar review right now. It should be live later in the week. I haven’t used or tested it myself.
I would of gone better that the free I was trying, as better like (Prime) if they’d be more reasonable in price. Even 50. is a stretch for me no more than I would use it so 72. is like throwing dollars in the toilet of we deserve it cause _ _ _ we’re Special. More like special gimmicks no one else is using ! They look good on paper but, what hit me was I sent a msg to theirs support – they answered – I answered back but I stopped for the night and saved it as a draft. Finished on set it on.
– This is where it got interesting, The two way conservation as messages build on as all back and forth between the parties – – Full copies mind you were present in the inbox, sent, and drafts folder – all the time. Seemed to me your free allotment of storage would go fast.
Never did stay long enough to see how the work using alias style’s like Tutanota as this way I liked cause it complete hides your real email address better, or Proton that I didn’t cause it’s liken to mail going to a certain folder in sorting your account based. Using the real email usename as part of the alias – receiving end just drops the alias part throws the username with the domain = true account email address.
https://protonmail.com/support/knowledge-base/creating-aliases/
Pricing they’re up nosed like Proton compared to our friends at POSTEO and TUTANOTA. The twist CTemplar trying to put in the business field doing what they’re doing to advertise a Armored 4 Wall Protection, if it works out would be different. Then being anymore advantageous to privacy maybe that’s why the prices get so ridiculous after the 72. Prime tier. Still there’s a short history and their being the new player, you’d think Prime would be offered lower as a tester level to sell the others then.
Thanks Sven and Heinrich looking forward to it.
Yes and they are also hosted and store all data in Iceland, which typically has much higher server costs than other locations.
Yes,
I liked it (so other readers) don’t see what I’ve said of it otherwise.
Just didn’t know how to prove to myself of their claims they’ve made. To warrant their cost over some of the others in the same conscience given to users Privacy’s of the freermium-Paid email realm. Did notice for an “user account interface” Ctemplar’s is as close to Proton’s than any I’ve used prior. Which Proton’s was much better than the ones I’ve had as local IPS, G or Y mails – soverin email services used.
[12. Dedicated Bare-Metal Servers
Cloud servers have legal and unauthorized access risks. We use physical servers located in Iceland to protect your data. / Because we use physical servers in Iceland, we are not able to reduce our price using cheap cloud storage – (sounds to as users are helping pay for their interstructure).]
Agree with what you’ve added about their location and visited their site to see the layout has changed somewhat –
Now – [https://ctemplar.com/]
Dec 04 2019 – [https://web.archive.org/web/20191204195825/https://ctemplar.com/]
Thanks
GMX was great email back when you could still pay for their “Pro” offering in the early 2000s. Today? Stay away. While German/EU data legislation applies, they’re hardly private and they’ve had such a bad reputation for spam that many providers still block them by default (ie, messages mysteriously never arrive). You can do better.
Like to point out an annoyance of protonmail, and possibly tutanota. Crocker.com email would not accept emails from protonmail and when I asked protonmail, I was told this was an ongoing issue that Crocker refused to unblock Protonmail. For me I had been sending emails to press without anything being posted in the paper. Finally I called several and found nothing was in their inboxes, though I sent from both protonmail and tutanota. This is a huge aggravation, but I blame crocker more than tutanota and protonmail. I’d hate to see other email services do the same as crocker.
Thanks, funny how most sites are US based. So only except supposedly corporate emails. So my Gmail or other secure mails as you mentioned seemed to be on there not corporate emails. Ive seen this a few times now on a number of businesses. I am not keen on the 3rd party go between, lot of messing around … Becoming more common when signing up for things or getting information,. Like signing up for security info at ISA/IEC won’t accept any email other than my corporate one. Which I cant use as the company blocks a ton of stuff, besides I want it at my email in case I leave. So trying to find a suitable mail recognised as non Gmail, yahoo, outlook, Tutonata, ProtonMail to list a few I tried.
Agree. Third party is not the best, but I was trying to figure a work around.
Someone with better thoughts can chime in.
Hey Mike
Two methods are described here don’t know if it helpful.
https://www.wpbeginner.com/beginners-guide/how-to-create-a-free-business-email-address-in-5-minutes-step-by-step/
at Mike, I’d made a reply to you about obtaining your own domain to appearing as a business like entity to those orgs that write you off as not being one, because of the personal email choice you’d want used.
#2 It hasn’t made it to a posting yet as I see now. Maybe they will post relatively in their order, then simultaneity to each other.
(I’m thinking ST has got personal matter he’s handling about now for the reasoning of delayed replies). Note: this description uses a lot of web addresses examples and as such may be caught by some filter the site uses – so I tried as spelling out the (dot) instead of just the use of a (.) symbol.
This is then an extension too and hope for better understanding by my low/run down to your own domains use:
DNS is not just a server with records for other servers. The DNS system spans the globe , and is comprised by a hierarchy of organisational units, resembling a tree. At the end root, there is ICANN, a nonprofit organisation responsible for policy, creation and management of new top-level domains (such as .com, and .uk) as well as for operating the root name servers, and managing the IPv4 and IPv6 address space.
Then there are the top-level domain registries (companies like VeriSign) which own and sell “in bulk” top-level domains to the registrars, which organizationally fall under them. Domain registrars are the companies you go to buy a domain for your website. (note you need not make a website to use the domain service and only then occupy the use of it’s custom mail address offered.) Though if you’d want a website for any reason it’s there too.
At the final level of the organisation, there is the domain (which you are responsible for) and its records. The nameserver that you select to hold the records of your domain, is called the authoritative name server. Meaning that it is this nameserver that holds the “official” records for your domain.
The DNS protocol describes a lot of different records for different purposes but, the most common ones you will work with are the
A,
CNAME,
and MX records:
Address (A)
The Address (or simply A) record, is probably the most fundamental and widely used. It is the one that maps names to IP addresses. For an example only, the following record: yourwebsite(dot)com. In A record 23.9.62.14 will map the domain yourwebsite(dot)com to IP address 23.9.62.14. The IP address is usually given to you by your hosting provider.
Canonical Name (CNAME)
The CNAME record is used to create a host alias. This is typically used when you need to have multiple hostnames (www,ftp,mail) to point to the same domain. For an example only, the same server could also be responsible for ftp, or mail. For an example only: www – In – CNAME – yourwebsite(dot)com.
As so will create an ‘www’ alias to yourwebsite(dot)com, so that when someone connects to http://www.yourwebsite(dot)com, will be redirected to yourwebsite(dot)com.
Mail Exchange (MX)
The MX record is used to define the A record that will handle all incoming email for that domain. For an example only, if you want mail.yourwebsite(dot)com to handle all mail addressed to yourwebsite(dot)com, you’ll use the following MX records:
website.com. MX 10 mail.website(dot)com
website.com. MX 20 mail-backup.website(dot)com
The number next to the MX string corresponds to it’s priority assigned. If for some reason mail.website(dot)com becomes unavailable, then all mail will be handled by mail-backup.website(dot)com.
I’ve spent mucho time to run down this for you and others alike interested in a solution like what your up against. Hey a thanks is in order for the caring kind, I do acknowledge yours already that’s why I dug deeper to offering this up.
at mike
Your best bet I’d see is owning your own domain (leased really), as another way to get on the interesting ‘org’ sign-up mailing lists for companies that require company addresses. Using your purchased domains accounts in it’s domain management center by settings via your cPanel. Set up the email account for your domain and then forwarding it’s received email to either of your personal emails that the org’s refused to accept. It will run yearly in costs (say 13.00 for the com (TLD) and really look at the renewal price as a heads up, because sales happen all the time.
Top Level Domain with a business sounding name supposedly would pass the restriction about email ex: mike@ (your domain) mcdonaldcompany(use)com or mcdonaldsecurity(use)com
I think sven’s site here uses the namecheap domain service – might get a yea or nea from big honcho.
https://www.namecheap.com/support/knowledgebase/article.aspx/110/31/how-to-create-an-email-account-in-cpanel
Yep, I like and use Namecheap. It comes with free Who Is Guard and is very affordable.
@ Mike McDonald,
I will try to answer your question below. The reply button was not working.
If an org is rejecting an email, say Tutanota. There is a way around it but it does remove the whole concept of privacy.
Make a dummy email that does work (GMail, Yahoo, etc.) And use that for the org.
Then set the email to do an Email forwarding to tutanota and just never log on to the intermediary email.
The email will be forwarded and I would suggest using POP 3 as it downloads from the server and in theory does not store anything.
Again, it is a work around that may not be the beat but it works. Use Thunderbird as your client (or in Tutanota’s case their desktop app) and the emails are saved on your desktop rather than the servers.
Again, you still have the intermediary email but it can work. If you don’t Dox yourself, can we get the situation specifically and maybe we can help better?
Hope this works.
With comment replies, this is a bug that keeps coming back. We’re working on it…
I’m pretty sure it’s a question generally being asked as why it’s happening for Mikes McD to his understanding it.
B2B if it’s what Mike McD speaks of where, from the blockers side I find a hint described somewhat here. To the blocked personal email addressed domains, like Gmail.com and Outlook.com.
Importantly Mike should contact the support team of the blocking organization for insight and resolutions. Advise on how to be allowed and his following up there.
https://docs.microsoft.com/en-us/azure/active-directory/b2b/allow-deny-list
Odd question, but more orgs are not allowing certain email addreses unless corporate. If my own company is Gmail, outlook or whatever it’s blocked.as not being corporate..is there secure ways of creating I guess a company email alias linked back to Gmail whatever or actual.emails viewed as corporate type ?
Hi
Anyone used these?
MeSince the official version was provided to global users on December 14, 2018, MeSince® is registered in China, USA and UK.
https://www.mesince.com/download/2020_new_year_discount_en_signed.pdf
“MeSince” is the transliteration of Chinese name “密信” that means “Encrypted Letter”, “Encrypted Mail”, “Encrypted Message”, it’s pronunciation is /mi:sins/.
MeSince Technology Limited, registered in Shenzhen, Hong Kong SAR and UK. It is a wholly-owned subsidiary of WoTrus CA Limited, specializing in digital signature technology, certificate encryption technology and timestamp technology research and development, to provide PKI technology-based information encryption products, services and solutions to users around the world.
MeSince® is an encrypted communication system based on the email system. All messages are encrypted by default. All confidential information is encrypted from sending and stored in the email inbox. Your email inbox becomes a “coffer” that can safely store variety of confidential information and documents.
Even if encrypted documents are illegally obtained somehow, they are worthless because they cannot be decrypted.
A free email client that uses S/MIME standard to encrypt and digitally sign email, supports cross-platform (Windows, Android, and iOS).
https://www.mesince.com/en-us
https://www.mesince.com/en-us/Solution
Another way.
The SpiderOak team needed a secure solution for group messaging and file sharing without the risks of email or off-the-shelf collaboration tools. We made Semaphor, group messaging with private blockchain encryption.
Semaphor works on all of your computers and mobile devices. Supported platforms include Windows, macOS, Linux (beta), iOS, and Android.
Semaphor is free for teams of 5 or less. All teams include unlimited message and file retention, unlimited file sharing, a single file size limit of 2 GB, and unlimited channels and messages.
https://spideroak.com/semaphor
I looked and couldn’t find it, so I want to ask:
With Protonmail, is it more secure to use Thunderbird or direct access online?
My Thunderbird doesn’t always work as messages show they are loaded but not readable and other things.
What do you all say? @Sven, please feel free to post your thoughts because I am having a hard time justifying an email Client right now. Thanks.
I would think the desktop client with Thunderbird would be your best bet, given the vulnerabilities with browser-based email.
Thanks. So maybe some guiedance would be helpful.
I have Linux Mint and just got my Linux ProtonVPN installed. This has played with my Thunderbird more than normal.
Is Thunderbird still a strong option or is there a better and more up to date client? Thanks.
Yep, Thunderbird is a great choice, being open source and offering cross-platform support.
OK. Thanks.
@Sven,
Not to throw more on you, but maybe a good review would be with email clients. I bet there are some really good things there. Just a thought.
Thanks J.M., I’ll keep that in mind.
Dear Sven,
Here is some additional information about mailbox.org:
1. Only Inbox and Sent (?) folders are encrypted (Encrypted Mailbox option)
2. The message’s sender, recipient, and subject line are not encrypted
3. Calendar and Address Book are not encrypted
https://kb.mailbox.org/display/MBOKBEN/The+Encrypted+Mailbox
https://kb.mailbox.org/display/MBOKBEN/Encryption+of+calendar+and+address+book
Мailbox vs Posteo (Translation from German required)
https://usefulvid.com/mailanbieter-test-posteo-gegen-mailbox-org/
Thank you.
I notice lavabit (https://lavabit.com/) has relaunched, after the 2013 shutdown. You have to wonder if, with the relaunch, and despite their boilerplate mission statement, they now have an ‘arrangement’ with the NSA.
ProtonMail Caught Lying Again
A few days ago, a poster asked the following question: “If I delete my account, does ProtonMail keep all of the data? Am I just disabling my account or deleting all data linked to it?”
https://www.reddit.com/r/ProtonMail/comments/esnw4i/if_i_delete_my_account_does_protonmail_keep_all/
The response he received from TauSigma5 was as following: “Your data will be deleted from production servers immediately. It will be deleted from backups within 14 days.”
This is a blatant lie!
Regarding data retention, the Swiss surveillance law BÜPF states as following: All metadata have to be retained for six months. Other identifying data, such as IP addresses, also will have to be retained for a period of six months after termination of a specific e-mail account. (Art. 19 Abs. 4 nBÜPF für Postverkehr und Art. 26 Abs. 5 nBÜPF für Fernmeldeverkehr, & Art. 21 Abs. 2 und Art. 22 Abs. 2 nBÜPF). However, the law does not stipulate a minimum retention period shorher than six months. In fact, ProtonMail must retain certain metadata for a period of ten years. This regulation forms part of the Swiss C.A. (Art. 957a Abs. 3 i.V.m. Art. 958f OR).
As a consequence, if TauSigma5 states that “Your data will be deleted from production servers immediately. It will be deleted from backups within 14 days.” he is either lying or ProtonMail does not comply with the Swiss C.A. nor with the BÜPF. The sum it up: From account termination onwards, PM must store metadata for a period of at least six months but – if PM elects to do so – can store that data indefinitely. Certain information pertaining to the Swiss C.A., such as credit card & other payment information, must be stored for a period of ten years.
All over Europe, above all within the E.U., there are country and E.U. specific retention periods. If you want to choose an ESP that deleted your e-mails immediately, you have to look for a U.S. based ESP. It seems the corresponding law there is much less stringent than here in Europe.
Data retention generally applies to internet service providers / telecoms. However, we’ve seen some strange court cases in Germany over the past year where judges forced email providers to give user data under certain court orders. Are you certain this 6 month data retention law applies to email? (Perhaps nobody is certain, with laws intentionally written vaguely and even judges who don’t agree on the exact application of the law…)
Well, first here my response to the PM people.
The data retention issue is twofold: On the one side, we talk about metadata plus e-mails; on the other side payment information is concerned. The first part is regulated by the new Swiss wire law and the second one by the Swiss C.A.
However, only after having written my comment, I found by chance something very interesting that confirms what I wrote:
Dutch law forces StartMail to store your invoices for “7 years, or whichever period may be prescribed under applicable tax law”.
Norway does the same to Runbox but for even longer – “as financial records must be kept for 5 years according to the Norwegian Bookkeeping Legislation”
MailFence (Belgium) keeps deleted account data for a year – “i.e. the Belgian law imposes 365 days after account closing”
Sorce: https://digdeeper.neocities.org/ghost/email.html#laws
Of course, the Companies Acts of the various countries all stipulate a minimum retention periods for accounting / payment information. And that term typically is ten years.
Now the second part: How long does an ESP store e-mails (provided he has to store them at all)?
In Europe, including Switzerland, all ESPs have to store e-mails for a certain period. According to the new Swiss wire law, that minimum period is six months. Again, the corresponding paras of the BÜPF (“wire law”) have been mentioned. However, even before that wire law came in to force, all Swiss ESPs had to store e-mails for a period of six months.
The BÜPF and the Swiss Companies Act are not that hard to understand. In fact, I learnt the C.A. during my apprenticeship, which means I learnt where to look for in the C.A.
Whether an ESP really deletes the e-mails after a certain period once you have closed your account, I do not know. Gmail definitely could NOT do that, since they got backups of a client’s e-mails in their data centres all over the world.
You make a very good point: “Perhaps nobody is certain, with laws intentionally written vaguely and even judges who don’t agree on the exact application of the law…”
For Switzerland, it is clear-cut. In theory. In practice, law enforcement – and that can be any police force – can directly and informally request information on your e-mail accounts with the following providers: Gmail, Yahoo, Outlook (formerly Hotmail) and…. yes … Yandex. Within Switzerland, in most cases requests for information are made in an informal way so no state prosecutor or subpoena is needed. That’s why no Swiss ESP has a clear-cut transparency report. The PM transparency report, to be honest, is just marketing and drivel.
To end the story, here a good example of a simple Swiss police officer (actually the one who illegally purchased “Galileo” from the former “Hacking Team”) who wrote to “Weebly” asking them to take down a website. “Weebly” did the right thing: They refused and asked for a proper U.S. court order.
Here the link:
http://frauenohnegrenzen.weebly.com/us-refuses-to-remove-website.html
http://archive.is/WnB1A
You also mention Germany. Now, Tutanota – in some reviews – is not covered anymore because of the Trump joke. There, I only can speak for encryption software. At the beginning of the 80s (around 1982), one of the best Western German encryption firms was (informally) forced to close business (no name, just that the company was located in West Berlin [the owner, by now, must have retired]), since their proprietary encryption algorithm was too strong and they did not want to co-operate (I should write “collaborate”) with the German BND in Bonn. All German encryption software must incorporate backdoors. That’s all I can tell you.
What is the conclusion? Get a small ESP in the States. They won’t make any shortcuts, even if you are not an U.S. citizen. Most of them will request a U.S. court order / subpoena. And choose one that allows you to delete e-mails so that they are gone – forever, i.e. not even backed up.
for privacy I recommend servermx.com. It is an Italian company and it is GDPR compliant.
Thanks for this article, and your whole site. I’ve been trying to survey the current landscape before setting up a new e-mail account, and the best information I’ve been finding is here. I’ve also marked a number of your non-email articles to go back to another day.
Alas, what I’m reading doesn’t leave me with many options. It’s essential for me that my mail service is free (I have no reliable income) and accessible via iMAP on third-party clients. As for security, I’d prefer encrypted e-mail but most of my correspondents are either using GMail or are staff at government agencies. So true security isn’t an option, and I try to treat all mail I send as potentially FOIA-able. Still, I don’t want to make it easy for the snoops, or the advertisers. And so far, it’s looking like I can get two out of three criteria (free, IMAP, privacy somewhere between truly secure and sitting in Big Brother’s lap) but Mailfence may be my only option for all three. If you know of any alternatives I’ve missed, I’d appreciate a pointer! But this article has certainly helped cut down on the many many hours I would have spent otherwise trying to research each provider individually.
Hello Sven,
Whats meant by ‘Warning: Inconsistent server configuration’ ?
https://www.ssllabs.com/ssltest/analyze.html?d=soverin.net
Soverin account users (usually new), in the contents of their mailbox data in Soverin’s unencrypted e-mail mailbox service is readily accessible to the mail service providers team/employees/interns/partners/associates.
Because Sir –
It’s only given their “treatment of Customer Confidential” as the strongest guarantee of trust that AnyOne’s got TO their promise – we are not gonna Look at it.
Enforcing that’s why their so good you’ll need to pay, by falsely given you this-
“Think about what’s in your inbox. It holds the most intimate details of your life, it’s like a database of your life. That personal data deserves to be protected. Data has turned into a valuable asset in our digital world. ”
OK offer encryption to us…then.
[https://soverin.net/features] I’d want any encryption used over it setting in clear texts. Real truth is that all email providers must comply with the legal requirements in the country they are operating in – as repeated here many times.
25Gb is a lot of storage not to lock it up, and simply to pretend an affixed “do not open sign” is proper enough to wart off would be lookers as good. Let’s Soverin fails your readers – at when you say no more about Soverin’s encryption than-
‘while also using strong encryption standards, although email is not stored encrypted at rest.’
Inexperienced and noobie’s users are probably looking for encryption’s term used as a barb to catch on and combined with 25Gb of storage draws them in. This Encryption’s feature as not being understood in the terms of the different areas that’s possible to ensure all mailbox contents privacy while the data is at rest…setting in your mailbox / Soverin don’t tell you of them.
I wouldn’t use encryption’s term at all associated with Soverin.
Because the only time it happens is in transit ((A+ grade SSL/TLS connection)). Account users control no encryption availed by Soverin.
Then it’s forgot by Soverin as soon as it’s passed to the end.
The industry wide use of SSL/TLS transit of message data is not deployed as evenly being enforced amongst all mail servers – unless both mail service servers (sender/receiver) has a set policy to HTTP Strict Transport Security (HSTS). https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security
Encrypted at rest which remains the highest level of protection that you could expect within an zero-knowledge hands off email provider system.
So really it’s a trust based email service that pushes a zero-knowledge platform without encrypting it’s users data is not Trust that is earned – and you can take to the bank – only user trust and data that is being surrendered by the user as well as some money.
Without the full encryption route of your messages and your mailbox at rest encryption being offered within any mail service, how can any one of them say they are secure, private and respect a users privacy ? Think breaches, or court ordered access for worst case events happening to your 25Gb account.
– Soverin also requires you provide them with Your phone-number for account starts verification purposes.
Hello Sven,
I would like to correct my over-looked fact, you have and do mention – ‘No built-in encryption options’. Missed that – Sir ; )
That’s true and with the Soverin email service offered today as what I call a “trust govern” model in where the users/account holders must surrender the most of it, as with their money to boot now.
That “trust govern” model is why I left Gmail and Ymail and they were free. Alot of differences between the 3-mailers I’ll agree – but users faith and trust are still preyed on and easily abused of these types – in a mailbox model without encryption at rest.
No guarantees given (factually-implemented) that only YOU can access your unencrypted 25Gb stored… Where encryption is a guarantee – that in ‘take our word’ is not.
If one ran their own encryption scheme on the contexts before reaching the 25Gb Soverin mailbox, then it would be a crypto-blob store to all of Soverin’s side / as well anyone but U the account holder – but then any encryption actions while signed in to your dashboard of the Soverin account are not possible…and they must be done out side the Soverin account.
– and if Soverin tried to see or to understanding the data – it’s garbled.
I’m not saying Sovein is a real bad choice – just give your readers an understanding as it presents some cautionary flags to observe… As it’s made it to your Secure eMail listing as suggested to used or being listed in choice as considered by your readers.
Maybe it would be better to break down this list and present it as by what and how their encryption schemes are working, parts covered, universal deployed, closed off accessible. Ex: Easy/Automatic – Strongest/Universal – None …
As the easy way for your RP Readers to figure out a category in what someone new doesn’t yet understand or have considered in their threat mode protections.
Thank You
Hi Sven,
Been some time since I’ve been in the body of the article above.
Nice to see your additions of Ctemplar and Soverin for considerations and user discussions. I did wonder why Ctemplar was hot in replies of late – Duh…
My suggestion when you do an update of any article/guide and it’s tiled on your homepage – run it for 3 months as a notification alert of an update.
– I see two things you could use possibly for an alert system. The home page tiles of your articles/guides have what appears like a thin bright white border around each of the backgrounds of the image tile. Then the gray shadow box the image tile sets centered over. Going with these areas then consider-
1. Suggested either the thin border -or- the shadow box change in color of the updated referenced tile.
2. Ex: 1-st month Bright, 2-nd month Dulled, 3-rd month Faint almost gone.
Note – blue and black are theme colors of the homepage and it’s tile images, this is an alert system so red, orange, and gold. Makes sense to draw readers attentions to them – subtle their not / maybe green or purple tints.
3. Use a one color fading alert system on a tile or rotate thru the ROG colors for a tile. What to do with side-by-side updated homepage tiles ?
Would it matter as two updated articles/guides would still be an indication of an update – as with the 3 step color change or one color fade system tells how long since it happened at a readers glance on it.
Thanks
Thanks HardSell.
Hi HardSell!
I have no complaints about CTemplar, they are new to this business, they need to develop. But they promise a lot, compare themselves with the established players of Tutanota, ProtonMail. The functions they offer are interesting, but the question is how competent and honest they really are. How well implemented is what they are declaring ?! Prices for services are quite high. Who is their team ?! All these are unanswered questions.
Everyone chooses for himself, I choose the responsibility and sustainability of services, combined with security. I know HardSell that you are not a fan of Proton, but for most it is very good, in fact, like many other services: Mailfence, Posteo, Mailbox.org, Countermail , Tutanota.
Mail is just mail, it is only a small part of our lives.
I learned about Ctemplar on your website and decided to try this service. I love to test various mail services for a long time, and I have a paid subscription to most of the ones you specify.
CTemplar won over me with its thoughtfulness and its interface. Everything was done concisely and very reasonably. In the end, I signed up for a paid subscription. Then I came across the fact that I could not receive letters from several addresses, because Ctemplar was in their black list. After contacting technical support, I asked for a refund, because the trial period has not yet expired. One person answered the support, but they answered pleasantly, specifically, always within 24 hours. And they offered not to be shy and directly report if there are problems.
They promised to return the money, said that they were already doing this and would let me know when everything would be settled. Of course, I didn’t receive any money back and I didn’t receive any messages either. It was unpleasant. After some time, I deleted my account.
Posteo and ProtonMail left the best impression of the services used over several years. There were minor problems with the rest.
Hi Mikhail
and thank you for your experiences with CT and sharing it with us.
Something I had noticed as I used my CT free acc. – only in my contacts to their support team.
Was with the very first message (sent-answered) was stored (replicated) in many areas of the mail box as full conversations view. – – Can’t help but think this eats up your storage space there.
Then hold an edit/draft of a message as to a working status – bam another full (both sided) conversations view has been copied to store as a draft.
WHAT I’am saying that’s a lot of full conversations views being stored on your CT account – where at 2 folders views (sent -inbox) shows them constantly till deleted.
I not an avid emailer but like to check things out as you.
Folders like inbox, sent and drafts should consists of those PARTS only of the MESSAGE as I would think, (and seems true of the others services I’ve used),
CT has these folders (up to 3) holding the full conversations view…
That the case with anyone they’ve noticed ???
Hello Mikhail
Elegantly stated that way I’ll agree mostly except in where.
“Mail is just mail, it is only a small part of our lives.”
This can be very raw damming email data no matter the size / frequency – deemed for certain eyes only in confidential material, in which we elect these mail services for their transit(s).
I to agree as their CT business learning faze has just began (public relations) amongst the other operating areas. Seems to me they tend to stretch their meanings and truth a bit far I’m thinking by what I was drawn too reading up on their site.
Like – https://ctemplar.com/security 14. Community Audited:
“Our code is openly available, and users and privacy experts continuously audit us. One time audits are not enough with the constant updates and changes email services require.”
Where are they ? LINKS OR PROOF OFFERED IN ANYWAY? I DON’T SEE ANY.
To know just about what specifically in an area they speak (webclient/OpenPGP.js).
The only connection I see to any audit they could say audited by the outside, Cure53 – as their use of OpenPGP.js.
This looks to come from Ctemplar (founder?) earlier in figuring it out – look where they had asked for advise. Could it be one person operation?
Birdman2276 [https://www.reddit.com/r/privacy/comments/a6dfhe/need_advice_on_new_anonsecure_email/]
“Yes you have good points. I’m not an expert but I think right now the best solution is building a linux environment from scratch, using a VM running Whonix, following Whonix’s guide for emails here, and using plain old PGP. If people want a simpler email solution some companies like our own offer an ‘End-to-End Encryption” email service.”
[https://www.alexa.com/siteinfo/ctemplar.com]
[https://www.reddit.com/user/Birdman2276/]
Remains though the newness of it’s startup in the vector it’s choose,
No proven business track record, system/setup/servers not proven by proper security audits, it’s encryption standards used are same vetted and used by the encryption community worldwide.
“CTemplar uses OpenPGP for end to end encryption of emails. It is the most widely used email encryption standard.”
“CTemplar uses OpenPGP.js JavaScript library in its frontend web code, it is an open source and well-maintained library and is audited by Cure53, a German cybersecurity company.
This library provides the functionality of creating keys and encryption/decryption of messages.
CTemplar uses bcrypt.js for salted hashing of passwords in its web client code.”
https://blog.ctemplar.com/ctemplar-whitepaper/
Open standards compliant. ProtonMail is the maintainer of OpenPGPjs and a driving force behind the evolution of the OpenPGP standard.
Because it is an open standard, it means there’s literally a community of hundreds of developers and companies using our cryptography code.
This also means hundreds of eyes checking and auditing it for errors, reducing the odds of a critical flaw in the cryptography.
-Does having open-source code eliminate this risk? No, because open source code is just an act to encourage users’ trust. The audited code in Github might not be the same code that is sent to you from a companies private server. They make no assurances or promises that the code they show to the public and the code you get is the same.
Which brings us to the only things different about CTemplar other than commanding a higher price tag than most.
Checksum Implementation – https://blog.ctemplar.com/ctemplar-checksum-implementation/
Subresource integrity, or SRI, [https://www.keycdn.com/support/subresource-integrity]
[https://www.smashingmagazine.com/2019/04/understanding-subresource-integrity/]
“Serving a modified index.html is the issue we are equipping our users to protect against.
All E2E companies have this vulnerability but we’re the only one doing anything to empower our users.
Yes users have to check every time. Yes it takes a few min to figure out the first time.
But this is the best security solution that any E2E email service has created to protect against malicious code.
The alternative is compiling and comparing all the code you receive against the code in Github. This takes a very long time and is difficult for non-coders to do.
We are trying to be honest and transparent with our users. Yes we do plan to add an extension that will do this automatically.
We also plan to add a downloadable inbox to give users complete control of their code and keys.”
[https://www.reddit.com/r/privacy/comments/a6dfhe/need_advice_on_new_anonsecure_email/]
Again on price I can’t see CT command the price asked for this feature alone as ‘The most secure & private email service in the world’ — merely is nothing but marketing hype to make you think it’s 100% secure which none are.
And not stated as 100% secure but implied highly throughout it’s site as being superior with terms like Armored Email.
-That’s if you could see price alone as transmitted/stored data compared to transmitted data alone – they would be close in price tiers with lopped sided data transits of volumes seen.
As we see this marketing hype a lot when VPN’s and Secure Encrypted emailers on the higher pricing tiers aline somewhat trying to justifying price to features others don’t offer.
Thanks Sir
Hey Sven, why no mention of the relaunched https://lavabit.com/ ? Will you be reviewing it in the future?
Well it’s still based in the United States (Dallas), which was the problem they had back in 2013.
TUTANOTA – it’s not encrypted. You can choose to LOCK an individual email, and set an encryption key, but if you want privacy writing to a third-party such as a library, government office, or anyone you don’t know and who can’t feasibly be given the encryption key, you have no privacy. I’ve had Tutanota and am not amused. Currently, their interface is the pitts, you can’t even PDF your own emails any more by hitting Ctl+ P (print). To frost me off, I have been gang-stalked right into Tutanota, even though I use VPN.
PROTONMAIL – again, it’s not encrypted. You can choose to LOCK an individual email, and set an encryption key, but you can’t make any general inquiries with government, private business, libraries, etc., because it’s not feasible to share a key on these kinds of contacts, and these can be crucial contacts. As for privacy: if you have a problem with a government office, and they are on the losing end of a big law suit, and the only way they can win is to cheat and follow you and intercept your emails to your lawyer, Protonmail is no protection, even with VPN.
MAILBOX.ORG – had it, and even under VPN, the account was rapidly intercepted with a typical pattern of harassment. I dumped the account.
POSTEO – I had the PAID one. After some odd outcomes to my research emails, and after noticing almost identical colors and similar setup to mailbox.org, I asked posteo directly if they have the same owner as mailbox.org. NO REPLY. I then cancelled my account inside the “refund” period, was auto-notified I’d be getting x amount back, never got a penny.
MAILFENCE – idiotic trying to get a PRIVATE account that requires you to have an EXISTING email account elsewhere, i.e., the one that you are trying to avoid because it is not private, but MAILFENCE would like to send your “KEY” to it.
RUNBOX – I had them years ago when they first came online, and they trashed my hosted files and email contents when they changed their system.
COUNTERMAIL – I’ve got them now, the PAID account. They are NOT private. I received a bizarre email one day with a massive attachment that wouldn’t open. So, I asked countermail about it. They offered to go into my inbox and delete it for me. I said, sure. Go ahead. And they did it. Ergo, inbox NOT PRIVATE.
CTEMPLAR – I’ve had it. The design of the interface is confusing, as you have to scroll all the way to the bottom of an incoming email sto hit REPLY. Currently, and for months now, each time I have tried, CTEMPLAR signups are a bust, the signup never completes the processing.
KOLAB NOW – Haven’t had it, won’t have it, because like MAILFENCE they require an existing email account, i.e., one that’s NOT private that I’m trying to get away from.
STARTMAIL – Tried their test account, couldn’t PDF my own emails, i.e. open an email and hit CTL+P to copy it for me.
SOVERIN – Big Fat Error code in Chrome browser on XP Pro when clicking on soverin.net: This site can’t provide a secure connection
soverin.net uses an unsupported protocol.
ERR_SSL_VERSION_OR_CIPHER_MISMATCH
Hide details
The client and server don’t support a common SSL protocol version or cipher suite. This is likely to be caused when the server needs RC4, which is no longer considered secure.
THEXYZ – Come on, it’s in Canada. Nothing is private here!
That’s why I’m looking offshore, maybe I will buy a domain name and add secure offshore email hosting of my own. If it works out, I’ll let you know.
Hello Private Hosting Mail,
Quite a different perspective of view from a secured encrypted emails use, and an area I’ve tried to find a sweet spot with.
Though, these types of email providers do provide better services to our inter-circle contacts than for our government, private, professional business/service entity email messages communications.
Many email providers you’ve mentioned offer an encryption means of messages sent/rec to these types of online / brick-n-mortar contacts – once it’s not a general contact but, has moved into a more private matter.
Granted they as (companies-Gov) contacts accept the preliminary requirements for an encrypted channel in any further communications over the email systems.
*Banks have a very similar secure email feature, cept you motivate it once you’ve logged in to your account and make a support contact. I’ve then been sent an email that I’d opened to a secure encrypted email channel of contact.
Not being much different although no pre-shared password/paraphrase was needed – as they replied to my registered email with them with the link.
You’ve said – “That’s why I’m looking offshore, maybe I will buy a domain name and add secure offshore email hosting of my own. If it works out, I’ll let you know.”
Please do – I’ve wondered about this – and doing it where you’d benefit from the free tiers of the secure email providers offered, as you’d be off-loading your messages. Versus hosting your own mail server route.
I’d like to see your plan / outline as you see it – thanks : )
Private Hosting Mail, you mentioned:
COUNTERMAIL – I’ve got them now, the PAID account. They are NOT private. I received a bizarre email one day with a massive attachment that wouldn’t open. So, I asked countermail about it. They offered to go into my inbox and delete it for me. I said, sure. Go ahead. And they did it. Ergo, inbox NOT PRIVATE.
Im really shocked to hear this, is there more that you can share with us?
I’m very curious about Countermail’s knowledge base article: https://support.countermail.com/kb/faq.php?id=29
Is this suggesting that emails are only encrypted as part of a periodic “sweep” process (as opposed to *never* being written in an unencrypted form — which a mandatory in-line PGP encryption layer could address)? If so, then that alone is a little concerning, but also what if the sweep doesn’t happen often enough, or if there is a glitch?
Note that it’s probably likely that full disk encryption is used in the infrastructure as a safety “layer”. But even so, I wouldn’t want emails to ever be written to a filesystem on an encrypted block device either, because global undeletion of a previously existing file might be possible on the storage medium from the raw block level if there was an OS or infrastructure security issue. Ideally I’d want the message body and its attachments to be only written to any kind of medium if they’re successfully encrypted to the public key(s) for that user. Along the pathway I’d want any intermediate “state” to live on a RAMdisk or in memory only, and purged thereafter.
Presumably if the user chooses “Disabled” then the email isn’t encrypted at all.
A side question I’d have on top of all this is what happens in the case of IMAP operations? For example if I connect a mail client to Countermail’s mail servers and move an email message to those servers, is it encrypted inline? Or does this happen by way of a “batch sweep” process?
And then, if someone sends me an OpenPGP encrypted mail but names another single arbitrary recipient instead (whose credentials may be trivially available or hacked publicly), would this periodic script skip processing such a message, because it already “appears to be encrypted”? Or would it wrap that already-encrypted email by encrypting it again, deliberately to the public key on file with the account? Only something like the latter I believe would ensure security of that message; otherwise a malicious or misinformed sender could cause received emails to be stored unencrypted or be decryptable. Note that applying steganography and encoding an unencrypted payload within a subset of a benevolent-looking body (which appears to be in OpenPGP format and presumed to be sent to that user) could circumvent the measures.
And then finally I’d wonder how many email headers can in principle also be encrypted. There’s a long trail of headers nowadays. If only the minimal footprint was left and the original headers preserved as a low-priority encrypted MIME attachment that might suffice to keep that information private and restorable. But without a standard way of transforming such information, potentially personally identifying information could be left in the email headers as well.
CTemplar is a promising service. I would be tempted to switch.
However, I have sent two emails requesting info. The first was three weeks or so ago and nothing. The other was just sent today.
While they may have the security down right, what happens if I run into problems. Hopefully they respond to my note.
I’ve got responses from CTemplar’s support to all issues I’ve reported so far, but it has usually took them about 2 days to reply. Otherwise, I’m quite happy with CTemplar. IMAP support should be coming this year.
J.M. yes it’s at least 48 hours for a response – have a look at https://restoreprivacy.com/email/secure/#comment-57877 – and the 3-replys that follow.
For not many reviews of the service and with facts as I noted prior, then with it’s only their word till we see some outside vetted audits done.
– So on the prices I kept at them to offer a tier between the Free and Prime for low-end users budgets to benefit over free limits imposed.
Even to offer sales yearly at BF – CM…
It takes at min $72.00 yearly over the free trier to get these benefits of Prime not offered in the free account.
Encrypted subjects
Self destructing emails
Dead man timer
Delayed delivery
Encrypted metadata (Coming soon)
Virus detection tool (Coming soon)
https://ctemplar.com/pricing
Break down as given in the pricing page.
Best to hold off till they get pricing (Heads) out of the clouds that average folks can handle.
Tutanota and Posteo are best supplements for now at a bargains $’s.
Tally Ho ; )
@snowcat and @HardSell,
Thank you. They did respond and offered the 30% Christmas discount because I had emailed them and had not heard back. So they are making it right.
With that, I will be about .20 more a month than what I am paying now with my Proton mail.
The biggest thoughts:
1) No support for Thunderbird but not a deal breaker.
2) Not sure about FSP support but again not one hundred percent sure how vital that is but they do support MX, DKIM, DMARC and others. So I have to ask.
3) A little more expensive but I am willing to pay a tad more if I can get the NPO discount later as that would be cheaper.
4) I am using Proton VPN as well and it seems recommended on this site and I have been happy as it is more affordable than others with less features in that price point with other VPNs. I may stick with them on this point.
However the treaty is also nice. While as a NPO secrecy is not high for me (my name and org is in my address) I just want to stay away from all the interconnectivity and spying as much as I can.
So I will respond to them tomorrow to get it set up but I need to ask a few questions as well first.
Thoughts?
Or I should say the MLAT treaty that is between Switzerland and the USA would be nice to leave behind.
Hey J.M.
Actually, it was 7 messages sent that in 3 I never got answered at all (they choose when to stop a conversation cold).
All about pricing-
With my free account set up and in my contact to get Prime around $50- yearly cost – was the last part of Oct. up to 1st week Dec.
Shortly after I did told them I’ll delete the account before I’ll use it as free.
Never got a discount offered – just their attitude ‘we deserve it’.
If you don’t get it $ then you don’t deserve it.
It’s hard to line across in price CT to proton as features/allotments don’t match.
BUT the interface of the online mail clients is very similar – why?
@HardSell,
That is a good question. I am not sure why they expected you to pay $50 and not answer questions. To me, if I am going to fork over any money, I want the service to match.
I will say, even though the investment aspect of Proton makes me uneasy, they at least answered questions quickly and professionally.
As far as my accoit with CTemplar, I did create a free one. However, I went to change passwords and…in order to do so, you have to give a secondary email address as a recovery. If not, you are locked out of your account.
Guess what I cannot access 🤨? I did send the a note with five or so points but that may take a little for them to respond to so I will see how they do.
I also hit back on ProtonMail about their investments and their source code. I directed them to this site with the reviews and asked about the investors. I will see how they respond.
Here is what I have found out from talking with CTemplar.
First, PFS is not something that they have out now. However, they are willing to look at it deeper.
Second, NPO discounts is something they said they were probably not going to do.
Third, the 30% discount is only good for this year. Next year the cost jumps up to the $6 a month if paying for the year which is substantially more than what I am paying more (at least double).
Fourth, they were very quick to help me re-register my account that I lost so they do have good customer service which I am happy to see.
Here are my findings thus far.
Thanks J.M.
https://tutanota.com/blog/posts/secure-password-reset/
Tutanota – absolutely will not do a standard PW reset that sends a new password to a second email address for security reasons.
@The reset feature must not open any possibility for abuse (by us or third parties).
Quote: As far as my acc with CTemplar, I did create a free one. However, I went to change passwords and…in order to do so, you have to give a secondary email address as a recovery. If not, you are locked out of your account.
Recovery email
https://blog.ctemplar.com/faqs/
If one day you don’t remember your password, we will send a reset code to your recovery email to reset your password.
– Note that your encryption key is connected to your password. Because of this you will not be able to decrypt old emails if you reset your password.
– If you did not set a recovery email then your account is not recoverable.
***The FAQ page is no place to offer any seasonal discount Promo Codes. Banners across the top of HP and the pricing page does more justice to their shoppers.
{For Christmas, get your CTemplar account: 30% OFF on all plans with the code WINTER30. New account or upgrade from free only.
Valid until 29th of December 23h55.} That’s turned me off after my acc support contacts, THEY even failed to mention in any response answers returned…
Probably we should see the Co. teams of Ctemplar and Tutanota as the closes to each others levels in their own support vector.
Both are small Co.’s and trying new directions of encryptions that are not proven with the time needed (tested) to what it is they’re offering us.
Tutanota at least recognizes it’s developing a privacy tool and asks for a $1. a month – not the arm, hand and everything in the wallet you own.
I live for a day in results where all the bugs have been discovered and their community’s are truly happy customers.
Guess we’ll see if someone new pops up next month?
@HardSell,
The policy for free accounts is that if there is no login attempt for 12 months, the user name account will be deleted.
When I could not get my account I just asked them to delete the account early and they did.
Outside of that, they said that if I do not put a backup email I could lose my account completely.
As far as the discount goes, I can see how a second year would not be a new upgrade or service, but as you have been talking about, they act as though it is due them.
As far as Tutanota, they are ok. But I have been having issues with their servers going down…alot. there are times where I have gone two days I could not access the account.
As far as your communication goes, I am not impressed based on your experience with continued CS. They did good by me but I didn’t push for any discounts.
The amount of security and benefits that come with the service, but what is missing and the lack of some things, $6 is pretty high.
I do not paying for services but I have to be able to justify the cost to benefit ratio.
@HardSell,
I forgot to add that I also looked to see if there were any Icelandic VPN’S and couldn’t see any that actually were private. It was weird.
As always, thank you for your insight.
Most wonderfull Article, Thanks for sharing!
even if I use one of these services being Free it’s not worth it ? sorry if I didn’t understand correctly.
Hi Alan, all of these services are paid, but some do offer a free tier with limited features or less storage. This is often called the “freemium” business model, which is different from offering a (relatively) unlimited free product that collects your data for profit, such as with Gmail.
thank you for the answer , so any free of charge of these services is enough for a common user?
thanks again for your help !
Yes, if it meets your needs and you don’t run into the storage limitations of the free plan.
You guys really help me out . I really need this information.
Tutanota,
You can’t sign up using TOR. For an alleged ‘privacy focused’ email provider, this is total bullshit.
I just signed to test protonmail with Tor.
This may be a naïve question, but how does Apple Mail rate compared to the ones you review here, Sven?
I use Mail behind a VPN (PIA). I do not use my iPhone for emails or anything to do with money.
Thanks for this great write-up, too.
Well, Apple is a large US company that falls under US laws allowing data requests on demand with gag orders to prevent Apple from saying anything. One prominent example of this was with Lavabit in 2013/2014. Riseup, another US email and VPN provider has also had problems keeping user data safe and complying with the law.
Hi Sven
Here’s something very interesting for RP readers.
Both https://torguard.net/
and
https://privatemail.com/
Share in seemingly the same business features listed, especially with the Mail side (where I took Notice) and they both use the same us toll-free: 1-800-276-0433 number (scrolling to the bottom of each link) this is seen…
If you’d click on the box [Pricing options and details] from the ‘Anonymous Email’ being offered of both links you end up in the same place –
https://privatemail.com/
The Terms of Service pages on both sites looks to only have changed the business name in the TOS as is mentioned. Everything there reads and is formally structured in the same way of both TOS policies, (though I only combed over a few parts) .
https://privatemail.com/terms.php
https://torguard.net/terms.php
I’d say this is shocking (maybe two years ago) but today it’s one of the twists to take advantage in an advertising’s purpose to their bottom lines.
Thoughts ???
Sven, since Startmail is owned or at least affiliated with Startpage, could it also be considered insecure or compromised in any way? I have been seriously looking for a new email provider to get away from the ISP email provider.
Considering the encryption and privacy features, I’m inclined to believe Startmail is still a viable option.
I have been leaning toward Startmail as I like the access to the numerous aliases. I am not very interested in the E2E (PGP) encryption, however I appreciate that it strips the header, IP, encrypts in transit, etc. – and the 10GB of storage is very attractive.
Just call me old-fashioned, I guess, of just plain old, but I wish it had POP3 support. I’ve used both POP3 and IMAP in Thunderbird, and POP3 is way more responsive. I guess there is the possibility I didn’t set up IMAP correctly though.
Do you have any plans to do a review of this one?
Thanks for all of your hard work,
Dave
Hey Dave, that’s a good point and I don’t yet have an answer. I need to research the StartMail question more and basically re-write this entire guide based on new info and all the recent email reviews. My goal is to get this done in the next week or so.
UPDATE: StartMail is NOT under the same company as Startpage, and therefore it is not affected by the news with System1 investing in Startpage. This is explained more in the updated guide above.
Swisscows is about to develop a secure mail service, you might look into it too. If it’s not offered yet – lest do mention it for your readers possible options, with your updating this article.
https://mail.swisscows.com/en
Thank you Sir
@HardSell,
I looked at it. It seems as though they are still raising the first 500k to start. Would be interesting to say the least, however, and very interested if they have strong encryption.
Hi Hardsell, I took a look at Swisscows, and then I just finished taking another look. Their funding is currently chf 5’925 (6,127.20 USD). The project kicks off at 5000,000, equipment purchasing at 1,000,000 and then beta testing starts at 1,500,000. It looks like it will be a very long time before they are ready to become an email provider. However they may eventually become a good contender; the more the better! Right now they just need a lot of money.
I wish they would charge users for use of startpage …
@SubRosa novoordo,
How do you reply a subpoena? I do ask because your office seems to be located in the USA but the server offshore in Switzerland.
B. Regards
Hello Leon V.
I was wondering about the same areas to transparency reports, and warrant canary.
A year ago I brought up sub rosa here and a reader responded. At the time I questioned him as a user where their server location is because the site lists Switzerland in some places and Panama still another.
It’s still like this… right now.
Switzerland server location is called out on the page
https://novo-ordo.com/email-services/sub-rosa-private-email-features/
Down about 3/4 page under heading Off-Shore Hosting.
Again in the 2nd line of the privacy policy.
https://novo-ordo.com/about-us/privacy-policy/
Located in Panama (I see on)
https://novo-ordo.com/email-services/
Found at the end of 1st line of the large paragraph under the picture of the lady.
Then I’d to know about the host servers ‘md-crypt’ encryption-decryption scheme when and by who controls the key / key pair.
Ex only sub rosa side as users have no influence thur their password say.
So its our data encrypted on their server host by their key or password etc… details please.
hello,
Indeed novo-ordo.com looks promising, may i ask if mailnvelope browser extension can be used with their webmail portal? I prefer my own keys.
Jen,
Yes, mailvelope works with the novo-ordo webmail (roundcube) and is preferred to using roundcube’s encryption which is on the server.
hardsell,
Thank you for your comments. I have tried to address on the Sub Rosa home page (https://novo-ordo.com). Please let me know what you think. One problem though is disk allocation. Although we have never limited anyone’s disk usage, I do not want to advertise unlimited storage for fear of attracting the wrong type of customer. People concerned with privacy typically do not leave their messages on a server forever. How should I express this?
MY REPLY-
Hi Rick of the Sub Rosa Secure Email service
Thank you, for that’s an improvement to when one lands on the novo-ordo site – for sure.
* Possibly add a graph shown as the account features you’ll get – itemized.
(storage space, attachments limits, etc.. – of the basic needed info of what $34. brings to the customers) EX: https://tutanota.com/secure-email or https://posteo.de/en/site/features – for an added visual impact.
* Spell out what your logs detail of the users data in the connected accounts.
* Maybe a page face lift without a major overhaul of the site, being informational themed as in a persons first impression of the service – that you mean business and that you know your end of the business very well.
–
Simply combine your pages information of https://novo-ordo.com/email-services/ with the page https://novo-ordo.com/ in to one page of vital information to sell the shopper on your service.
@ This is the information age and peoples time is short for discovery and clicking on other required linked pages, to retrieve their need information won’t win over any new clients for your service.
Offer any good write up others have done about the novo-ordo.com / Sub Rosa Secure Email service as well.
Audits are always welcome to shoppers, as a tried and tested vetted results to inform shoppers.
–
Last, I do understand your points of why free accounts aren’t being offered, and then to your mention of not stating the allocated storage limits – is concerning for the honest type of users that you’ll want to attract.
@ How should I express this?
Split things up – if you don’t want to be labeled as a Niche (limited use) email service offering.
I’ll toss up some ideals for you to consider-
* offer free account with one cleaved clause, users must use the novoordo.com domain only, stating-
The FREE service is designed to maximize your privacy, as so we do not back up the free service emails and no record is kept. Suggest the use of a program like Outlook, Thunderbird, The Bat or Mac Mail to download the Free service emails to your computer.
Give instruction for each platform you’ll allow users to use.
.
* Paid accounts of a year or longer, stating-
all as you do now, but in precise account itemized details on the signups page.
Offering longer storage allocations up to 2-3 years as long as an account is active/paid or set your imposed gigabyte limits. Learn as you go – here…
– Require the users consent (at signup and/or later as below) for you to delete any stored messages, if an account isn’t extend before hand as the last 3-months prior to their subscriptions term ending.
– Possibly after the 3 years maximum subscription term for any account renewing / the webmails users account interface remains the same as of the users added folder structure, but all users data contained there of the prior two years back is deleted – – only in 3 year renewals, as users not renewing all their users data is deleted anyways.
***I have more but not the space here to advise you.
QUESTION:
Do you offer Black Friday – Cyber Monday discounts for the 3-year subscriptions – If not maybe consider this option as it’s not far off!
Good Luck : )
Used to have a novo-ordo email account few years ago, can’t say i was disappointed. The only feature missing was 2FA authentication via sms /email/totp-app. I dropped the service when they moved their jurisdiction from Panama to Switzerland but otherwise a decent service.
Dear Sven,
As always, I’d like to open my comment with thanks for what you do. Managing a site which not only maintains user privacy (Clicky and Pressidium, plus zero trackers, for the win!) but advocates for it must take a toll. This doesn’t even consider the fact that you moderate and reply to comments. You’re doing a service, and for that I am indebted.
Whatever the fact, I was wondering if you’d investigated CTemplar? I’ve recently learned about them and they seem to be doing some unique things. For one, they use subresource integrity in conjunction with a checksum against a Github repository to ensure that no one has hacked your inbox (https://blog.ctemplar.com/ctemplar-checksum-implementation/). I’ve never seen anything close to it before, even described. They also have a handy comparison table for email services (https://blog.ctemplar.com/ctemplar-comparison-table/), actualize a dead man’s timer (https://blog.ctemplar.com/faq/send-a-dead-mans-timer/), and run from Iceland with a detailed white paper (https://blog.ctemplar.com/ctemplar-whitepaper/). All of this seems to be legitimate, though it seems few reviewers have even noticed CTemplar’s existence. Would you be willing to do some digging, or at least to investigate their website? I’d love to hear your opinion. Accounts are even free — I recently made my own, and hope to know if it’s a good choice for privacy.
Thank you so much!
Anonymous
Hello, yes that looks like a very interesting project, but I haven’t closely examined or tested it yet. Hopefully I can get to it for a review here soon. I would agree that Iceland seems to be an ideal jurisdiction and they have some good features.
Hi ?,
What a good post : ) whoever you are ?
Courtesy of Sven’s contributions and with links to landmark your points of facts for readers discovery. Your style is more polished than mine, logic cogency on par with mine, interests of it’s value –
the same as well.
We related ? I’m more off the wall in explaining things.
This is not me posting as Anonymous – so everyone knows, though I agree in all said !
I don’t believe it’s the email services owner either as the english is greater here.
–
I learnt about CTemplar from a readers comment (for it’s review) left on this site in another topic’s comments for Sven.
I too, opened a free account there based on the merits of what’s in print on the approach and delivery establishing the Armored Email.
–
* @ I immediately contacted it’s support with a concern that it’s not going to get Tutanota, Proton, Posteo users interested if they can buy-in to additional plans or add allotments where their presently at and it all being cheaper in the end, then of the pricing seen with CTemplar.
Also to – offer some guides or knowledge base articles to help novice – new users setup and use the service. All points like your walking them through the detailed steps, the important account features to set and walking them through A-Z of everything in the 1, 2, 3 steps of a new account’s start.
– – Within 48 hours I got this response- “You have underlined really good points and we will be including some of your suggestions.
Maybe you have already read it, otherwise, please check out our article about the CTemplar price https://blog.ctemplar.com/faq/why-the-price/
Soon we will propose other plans that users can have more choice depending on their needs.
Thank you.
–
Agree wouldn’t you. Yes we need to see Sven as the strong oak tree, where it’s massive trunks strength is standing up for internet privacy avocations all being rooted in facts, experience, testing, as well being updated as new developments are understood.
As trees go, you’ll only see the ground up appearance – not the under the surface workings that glorifies the users experience or appreciation.
So why not everyone reading this donate to Sven’s site today ?
If it’s hard to understand – use a link on the site to purchase some thing and the site will benefit from using a link here – simple…
Greetings
Update:
CTemplar has added some new plans now.
Shame they are all priced north of the Prime tier which will set you back $72. yearly. I’d say that’s fast to ask for and a few days later get plans added.
I ask for a tier priced as pre-Prime, between it and Free with 2-3GB and about half the allotments as to Prime itself but greater than it’s free accounts tier. Asked why waiting answer.
–
@Anonymous – new I understand CT is to you too,but look here-
https://ctemplar.com/pricing
Notice the ‘Encrypted subjects’ isn’t offered in the free account (now?). But I think it was when only three tier boxes showed, and then it listed all that tiers offered things under each of the boxes in free, prime, and champion. Instead of off to the side as you see now.
$72. goes further at posteo and tutanota for sure when you don’t need much storage – 2/3 GB.
wow, your content is amazing I am new to computer networks and security and privacy-related aspects of the internet. what information you have provided in this article is amazing and the comment section is also filled with a lot of great info I also write articles not this good but I try recently I wrote about Huawei drama In which I tried to explained how what are the reason the US is warning against using Huawei equipment and what will be the consequences I will leave the link here.
[https://thedeadshotnetwork.blogspot.com/2019/10/Huawei-Ban.html]
if this violates the code of conduct feel free to delete it. Thanks again for the great content
I have used Posteo for a couple of years and their prices are truly reasonable and their interface clean. The big problem and that should enough to turn away any potential user is their spam filter it just does NOT work. They claim you can “train” their spam filter by sending a copy of the spam message back to them. I have done so on numerous occasions to no avail. You subscribe to this “secure” company and you run the risk of having your email flooded with messages from “wonderful Olga russian lady wants to meet you”. Such messages would be AUTOMATICALLY DETECTED by far from the safest email providers like google or MS. These spam emails may contain viruses, trojan horses, rootkits etc and not everyone excells at home security as I do. For that reason I cannot unfortunately recommend Posteo unless you believe Olga is an actual person.
Jacques,
Me to – my work around is I close and open a posteo account every year. I use the alias for a short while – like I’ve got 4 but I cycle through two that come free with my held (remembered) other two.
–
You can get in touch with support and ask them to mark it spam at the server level from it’s header info.
There is a new end-to-end encrypted email service, Secure My Email, at [https://www.securemyemail.com/]. It works a bit differently in that it claims to be able to encrypt almost any IMAP email account, so you don’t have to abandon your existing ISP or other free email to get encrypted email. Here’s the pitch:
“SecureMyEmail provides true end-to-end asymmetrical encryption with industry-leading 4096-bit keys utilizing the OpenPGP standard. This means that your email is encrypted before it leaves your device and can only be decrypted by your recipients on their device. No one, not your email provider, your ISP, a hacker, or even us, can ever access your encrypted email or attachments.”
What do you think?
Hi Chanson de Roland,
You should check out the TOS and PP it has and report back.
Jurisdiction would be another and if there’s open source being used. New – you’d probably not see many reliable reviews to find.
So ask the developer prudent questions. Is there a charge ?
– – Your existing ISP or other free email are just pimping their service for you data…
So at what cost is free, for matches you need to by something (cigs), for advise it’s given by people just wanting to argue with you, for email it for the harvesting of your complete data usage.
.
I’d looked at this one but, (as an example) to compare yours up against, never used it myself nor explored the TOS – PP attributes.
I’ve just read it’s [ how it works], seems (long ago to exactly recall), but it’s a guide or TUT explanation type of write up covering a vast amount of info on the service and seems compared to other somehow. https://easycrypt.co/how-it-works/
Could you please add our service to the list above?
ForwardEmail is a free, encrypted, and open-source email forwarding service for custom domains at [http://forwardemail.net]
Hello ForwardEmail,
Email Forwarding services are not the purpose of this list, it’s for the full (or the most complete) Secure Mail service of any company which has proven to give high respects to the users data and privacy.
Forward Email is definitely worth the mention here in comments or in the page https://restoreprivacy.com/privacy-tools/
comments too.
I see you’ve mentioned –
The current service offering for email forwarding is either extremely bloated, insecure, requires payment, has a convoluted setup with unsolved or undocumented bugs (that lead you down a rabbit hole of searching for hours to come up empty handed), or they’re closed-source.
I created this service after realizing that the only email forwarding services that exist now that are “free” are also closed-source and proprietary. This means they probably read your forwarded emails.
– I think that’s a noble quest, maybe on the page linked above ^ you can break down about how your service is to support itself, Hardening of the server used, and both – it’s and your business country of operation as regards to it’s privacy laws and your own company TOS and Privacy Policies as well – if your indeed offering encryption for a zero-access staple on your service.
All helpful to the very people in a market for the service you offer.
Greetings
Hey Sven,
Any review on this email provider :: https://www-2.mailo.com/
They do support PGP and based in French. I tested with emailprivacytester and didn’t leaked out my original IP.
Appreciate, if you can review this
Thanks
Hi Amorphous, I’ll consider adding it to the To Do List. Thanks.
Hi, thanks .
Please consider this email provider as well :: https://dismail.de/
Thanks very much
Would love to see Mailo reviewed as well
Great article, thank you! Any thoughts on Lavabit?
Well, it’s still based in the US, so I’m not sure they solved the original problem that derailed the service in 2014. https://www.theguardian.com/commentisfree/2014/may/20/why-did-lavabit-shut-down-snowden-email
Hi Sven
thanks again for excellent research – only today I saw reference to Criptext which sounds like an interesting approach. – any thoughts on this?
thx
Hi A55,
Criptext and msgsafe.io both seem like interesting approaches along the beta stage. I covered a little on msgsafe.io in comments far buried below. I got no response from it’s support or any answers.
Hard Sell DECEMBER 26, 2018
@ Victor or any other readers here.
Ever herd of msgsafe.io – out of Panama ?
.
Interesting about Criptext I noted awhile back to myself.
– Criptext is an encrypted email service that guarantees security, privacy and control over all your email communications. We don‘t have access to your emails nor do we store them in our servers.
We know that privacy isn‘t just about encryption, which is why Criptext doesn‘t store any emails in our servers.
– Is Criptext a SMTP, POP or IMAP service?
Emails sent from Criptext to Criptext stay within our ecosystem, in our servers. We use our SMTP server for sending and receiving unencrypted emails.
– If I am not signed into the app will I miss emails that were sent to me?
Emails will be lost in such a case. You must be signed into at least one device. Because of our encryption, no one would be able to access incoming emails if you don’t have any active keys.
– What will happen if I am logged in but the device is not power on?
Your emails will keep encrypted in a limbo state in our servers until you turn your device on. After 30 days of not being able to deliver the emails, the server will discard them completely.
– Why does Criptext asks to add a recovery email?
This is so that you can recover access to your account should you lose your device and forget your password. If this happens and you don’t have a recovery email then there’s no way to recover access to that account.
– Criptext for Mobile iOS, Android, Criptext for Desktop Windows, Mac, Linux.
.
– – If your like me just raises more questions as I think about it.
Regards,
Well criptext looks good, but they have too many logs:
Device And Connection Information:: ” We may automatically log information about you and your computer or mobile device when you access our Services. This includes information like hardware model, operating system information, battery level, signal strength, app version, browser information, and mobile network, connection information including mobile operator or ISP, language and time zone, and IP. This is to help us identify bugs and deliver better help to users who contacts us with support questions.”
Hi Amorphous,
Good point, I’m not shopping or I’d know more here on Criptext. But that seems like the general info to what any site records on account holders or visitors anyways – that our devices can give up.
Thing with Criptext and any account I’d open is how long any logs are kept and of what exact data, in what state that is (encrypted? by what key-who holds) and how it’s linked to me…
.
Seems Criptext is out of Panama too by it ‘s about comment copied below.
[ I don’t know with the US having a strong presents and an influence there for so long helps that log policy you’ve mentioned.]
No contact info on it’s ‘About’ page.
Criptext began in 2014 as a simple encryption extension for Gmail that enabled users to have more security in their existing inbox. However, in 2015 our company fell victim to government snooping by the government of Panama.
This, along with increased privacy breaches around the world, motivated us to build an email service like none other.
With Criptext we’re giving control back to the user. We don’t ask for trust, but rather promote people to verify, which is why we’ve made Criptext entirely open source.
With the help of the open source community we look forward to making Criptext better every day. We hope you enjoy using Criptext!
https://criptext.com/en/about/
–
An Encryption Extension to a full fledged program ?
Right now I’m not ready to jump on – only time will tell.
It looks very promising – and – if the requirement to have account owners have at least (one) of their devices turned on and be logged in for Emails not to be lost in receiving as such as the case is now.
That I guess, refers to the encryption used as no one would be able to access incoming emails if you don’t have any active keys, and with the fact that Criptext states it doesn’t store any emails in our servers.
–
This may set the company as hamstrung, and/or be a bottle-neck and meaningful inconvenience to users.
A possible work around – would be a text msg being sent prior by the service to a Criptext account holder as a heads up to ensure their device is on and logged in – (EX:text) You have msg traffic in the system.
– – I guess that only helps if you’d not logged in but your device is powered on. So a Criptext app notification would work for that – to login.
* It may be the only way to make emails secure and verified as not being stored in the Criptext eco-system – but there are people we all know outside of the Criptext eco-system.
WHAT OF their servers storing our encrypted messages till the encryption method used is broken.
WE NEED EMAIL SECURITY not eco-systems to be trapped in.
Now Tutanota has an encrypted calendar, still in beta but usable.
Automatic end-to-end encryption of all data, automatic end-to-end encryption of notifications, integrated into the Tutanota email client.
Thank you Sven for your excellent work!
Hi Sven,
Thanks for the fantastic website. Love reading your guides and have followed most of them. Would it be possible for you to make a “how-to” guide for the process of actually switching over email accounts from Gmail? I.e. email redirecting, closing the account etc.
Keep up the good work!
Well, this varies considerably depending on which email service you are switching to. For some email providers (Tutanota) this isn’t even an option (yet). With others, it only takes a few minutes. Mailfence, for example, has transition guides, such as this:
https://blog.mailfence.com/how-to-migrate-from-gmail-to-mailfence/
I just found one called Mailo.com – It’s based in France and it talks about all the same stuff these guys do. Wondering if you could do a review please.
Yeah looks to be an interesting option… Kinda hard to find reviews on this one but their chart is definitely setting things up for privacy. French Tech is working hard to create good products nowadays.
Hi, How safe is mail.com? It is not mentioned in the bad or the good lists here. I know it is based in Germany, but could not find any information about their security. Thanks, J
Me too wanted to know… as mail.com looks quite good.
I have a concern about webmail based encryption. If the encryption is done by a java script, is there a danger that the provider has put in a backdoor (possibly due to coercion) or an MTM has modified the code? Am I just paranoid?
Yes, there are some concerns with webmail and encryption. Tutanota does offer a desktop client that works well (although still in Beta): https://tutanota.com/blog/posts/desktop-clients/
Their desktop client is Electron-based, which means it’s a Chromium browser bundled with the same web-client and packaged for different OSes. Don’t hold your hopes high for that to be very different from the web-version.
Just a heads up to any potential tutanota users out there: I’ve now had two times where I was unable to complete online purchases because the sites couldn’t handle a tutanota address. Something to do with their encrypton, I suppose. Their support is evidently nonexistent (for the free account, I guess I can’t really complain about that); I’d like an actual email address to write to, not just a form. I’ll probably be ditching them for another one of the other services mentioned above. Caveat emptor.
I’m surprised that you don’t include any discussion on logging policies related to the various secure email services. A strict “no logging” policy is one of the most important aspects of email privacy considerations.
thanks! One more question: what are the practical benefits of using a service that has the IMAP, POP3, and SMTP compatibility? Sorry newbie here
You can easily use it with different email clients.
I’ve been using mail.uk for a couple years with no issues. Their android app is basic but efficient.
Why are you even listing Tutanota when there’s no import feature? What, am I supposed to just leave thousands of my emails that I’ve used over the years in gmail? Emails with important information? This is just ridiculous
Agreed that is a drawback, but it’s on their roadmap of features to add. You can always just start fresh with a new account, while also keeping access to old emails (that’s what I did).
https://blog.runbox.com/2019/05/changes-to-tls-encryption-security/
What about news on Runbox ? Anybody can explain basically ?
Hi Sven…
I happened to notice this particular secure email service yesterday. I don’t know anything about them. By any chance do you have any thoughts or any experience with them? I did a search on your site and unless I missed it, I didn’t see anything about them.
https://secureswissdata.com/
Thanks! 🙂
I’ve never heard of it before…
Thanks for your reply. If you feel inclined, it might be interesting to see a review of them. 🙂
Thanks!
Thanks for all the information you post Sven! It is really helpful for newbies like me to start digging into the privacy world.
I see the secureswissdata.com guys also offer encrypted calendar, encrypted file storage, encrypted tasks ans encrypted notes on top of encrypted email.
If this is actually true, it would cover some sections in your guide. Do you find this solution realistic privacy wise?
I haven’t looked into it yet.
I just got mailbox.org. I am new to many of the privacy concepts (unfortunately) and I would appreciate some input. So far mailbox.org seems fine. The do use PGP encryption and explain the options well. I am not quite sure how I should use secure email. I assume my financial transactions (bank,PayPal,credit cards) but what about bills like my internet provider, electricity company, etc. Should I give my address to ebay or Amazon? With every site asking for an email when you buy something or request information, where do you draw the line on email that you choose to keep private and should you use a free email or a zillion alias emails for every purchase or website admission? I feel very lame about this but I would like to know where to find some practical guidelines other than that it’s good to have. I do want to maintain my privacy and not be paying double for everything with my data, but I just need some direction…Thanks in advance…Rufus
Rufus, you can use aliases for different purposes, while keeping your main email address only for certain people/entities.
Mailbox.org collects T O N S of user data. Dig thru their website and your stomach might turn. Not the service to use if privacy is high on your list of requirements. Also too much emphasis is placed on favorable german data collection/ retention laws etc etc. They are riding the wave from the fallout of ww2 and using that hands-off-gov approach to market their privacy products- and more power to them. Though that statutory privacy is slowly eroding. Additionally germany is the epicenter for the US offshore operations of the NSA; that alone is reason enough to be weary of anything privacy related in Germany. Being a US citizen I would gladly support email/vpn service based in any of the anti-US climates such as Iran, N Korea, Russia, Egypt, Veneaulea. With the US or any of its allies being unestablished in these countries it makes them ideal for privacy.
Whew! Had to tl;dr some of that getting all the way down here.
What I really wanted to shout out about is that I am quite impressed with Posteo. I have not used them but intend to at least give a spin for a year.
– the few downsides as Sven mentioned I’m going to overlook because after reading carefully over their site this company really seems to have a synergy and clear design of how they want to (and have been for 10 years) operate. This is a good thing.
– they are do not appear greedy, they do good things for others, have designed a concise method to handle potential legal hurdles by using the law in a non adversarial way. IE: they operate lawfully and respect the law giving them an advantage that cannot perhaps be had by operating with disdain for the laws. In specific, the simple elegant way they have covered payments for all types of people (anonymous, John Smith, Grandma) by simply rethinking bookkeeping practice, separating email account/mailbox entirely from the part that need some identifying information stored (the actual transactions).
– additionally the detail of what info goes where, what info is never stored, etc is very specific and though out. EG: transaction for taxes only requires a country to calculate for VAT. All other info is not requested, given and if it appears will be discarded immediately. In a nutshell, they are using data minimization in a way that is advantageous to them and a facet of their customer base.
—
What they do seems to work very well and in a way that benefits others outside of the shop, in the local (non-internet) community, privacy for people and legislation, etc. and it shows based on what I see and read at their website. Honestly, I am wondering if I can dust off my resume and move from the US to work for this company. 🙂 I looks like a very nice place to be.
—
fwiw: I encourage anyone reading to digest posteo’s site, I found it refreshing and somewhat profound.
—
btw: I intend to write them and ask about the anti-spam setup. IIRC it used to be that a user could choose to use it or not. As a rule I never let other’s code sort my mail since I have my own methods, and I also maintain a rolling archive of spam to train bayesian based filtering I use elsewhere. However, I may make an exception if need be with posteo since they at least handle rejected email in a useful way, and I know the filtering can be very good based on header data alone (eg: technical reasons and not mere message content).
JN
If you use Protonmail, you are indirectly supporting ransomware hackers. Because PM seems to be their provider of choice, hiding their identity behind Swiss privacy. In the last few months, I’ve had to deal with several such attacks first hand, and each time the ransom note supplied a PM address for Bitcoin payment.
The bitcoin ransomware scam is well known.
https://www.theguardian.com/technology/askjack/2019/jan/17/phishing-email-blackmail-sextortion-webcam
Just because you receive an email doesn’t mean it’s true.
Hi,
it is awesome to find here such good information about emails and privacy.
I think when it comes to email it is just like choosing the right VPN provider. It’s a matter of trust, as none of the services mentioned here are bullet proof… and also maybe jurisdiction could be a key point when coosing.
I have recently switch from FastMail to Mailbox because of “that” Aussie law adopted in December 2018. I can honestly say I am not that happy: Mailbox is one of the best around, but as a non techie the first thoughts are not that good. It was a nightmare to set my own domain and on the support page I could only find an almost outdated/not good for me “how to”. And then as a user, I noticed the mailbox’s servers are waaay to slow compared to FastMail. It could be the encryption or the fact that FM use a sort of indexing that makes sending receiving and searching emails very fast indeed. Not to mention I miss the mobile app. I am now using the Mail app on iOS which sometimes doesn’t show the entire email or doesn’t open the attachment.
I am not advocating for FM, I just think I is a real problem to convince people to leave the convenient life under gmail and yahoo. Most of us will choose functionality despite “profiling” because the secure services mentioned here are still too complicated for the average consumer. On Android/iOS you log in and that’s it. Google/Apple takes care of mail, contacts and calendar. Here, with Mailbox you have to go to Settings and Import accounts, and mail and so on – stuff that nobody wants to do. And then pay for the service…
I am also considering moving away from Mailbox, but I have no option in terms of privacy. Tutanota has a soft spot here among the readers, but somehow I think they are at an early alpha stage when it comes to usability.
And there’s the UI. I mean squirell mail and round cube look like from the 90s. I don’t see People easily switching from the appealing gmail UI to countermail.
So I guess we have to hang in there and wait a little until somebody will finally mix privacy with usability the right way.
BTW I saw some comments about Soverin – which is not reviewed here. They DO offer encryption at rest (@Hard Sell).
I’ve been moving away from Fastmail for the same reason about once per year, but always end-up going back … They are good .. a lot of killer UI features that are very much missed by most other providers. For instance the ease of defining filters from messages is quite important. I carry with me 24 gig e-mail archive and being able to filter messages easily, and also to reliably be able to search are very important. I’m accessing my messages from different machines and devices so just using a special client on a desktop won’t do it. Pretty much stuck with Fastmail and I hate that I enjoy it so much 🙂
Hi Sven,
Your website has been really informative. I have just switched to Firefox from Opera.
On the mail front, I am considering Mailbox.org and Mailfence. Would you recommend one over the other? I am looking if there is a solution that combines both cloud storage and secure mail. Paying for two services can be expensive.
Many thanks for sharing your knowledge!
Nirosh
Hi Nirosh, both are good options and both offer cloud storage as well.
I’m looking for a secure email provider that, when sending encrypted email, does not ask the recipient to click on a link to open the message. Is there a product that does this? I would like to send encrypted email to my financial institution, but they state that they cannot accept any messages with “clickable links” because of concerns of malware, etc. I understand that. I have a ProtonMail account and my testing shows that it users these clickable links. Maybe a product can send an encrypted email where I can then text/call the institution and provide a PIN code to open my email. Something like that might work. Any input would be appreciated.
Hi Dano, this is the basic nature of asymmetric encrypted emails, it’s the same with Tutanota and Mailfence, when you want to send an external recipient an encrypted message. I guess one alternative would be a secure messenger service for end-to-end encryption, such as Wire, but they would have to create an account and install it.
Hi Sven,
Thank you for this article! I have been using Kolab Now for 5 years. What is your advice on a full feature email service; with calendar, mobile sync etc.. that is VERY user friendly?
I want to transition two email accounts off of Kolab Now and onto a service that has excellent customer service for someone like me. I am committed to privacy but if something has to give, it is more important I have a service that I understand how to use. I am not tech savvy, I don’t know what half of the references in this article even mean.
For years Kolab Now has given me peace of mind on the privacy front, but it has always been so buggy. Lately we have had 6 weeks of back and forth over email tickets because my calendar is dropping events and not syncing to my phone. It has been the worst customer experience. It took them a month to be able to receive a photo they asked for off my computer screen, as the form of their email kept bouncing my attachment back. This is still not resolved. They just keep asking me to do things I don’t understand. And every time they do try to fix something, something else randomly stops working. Right now all of my incoming emails have question marks instead of where the sender email is supposed to be. I mean, seeing the sender’s email address has got to be a basic expectation. Not to mention, I pay over $20 US dollars for both of these email accounts combined.
Any thought on a service that will be easier for me with a calendar I can rely on? And do any companies have actual live customer service?
Thanks!
Hi Erin, based on what you said, I’d recommend Mailfence and then upgrade to a paid plan (very cheap) for all the features you need, including mobile sync, calendar, etc.
Thank you Sven!
transitioning my current emails onto Mailfence seems confusing to me. They have not responded to an inquiry yet. How do you feel about thexyz in my case?
Mailfence does have guides explaining this process you could check out. I have not used Thexyz, can’t say for sure.
Hello Sven,
I’m a non-Techie. I have been with @hotmail.ca for about 15 years. Want to switch to Tutanota. My question is: How does one transition? I’m pretty much retired, aside from personal contacts (low quantity), but still do some business in my field. Want to eventually close off the @hotmail.ca account altogether while maintaining the contacts I wish to keep.
Any advise would be appreciated on how to pull this off! Cheers, George from Canada P.S. I’m a Mac user.
Hi George, transitioning to Tutanota may be a bit challenging right now because they don’t have any import function, so you would just have to start over from scratch.
One good alternative to consider, if you want to import everything from Hotmail, is Mailfence. Mailfence doesn’t encrypt your entire mailbox like Tutanota, so you have more options, including email clients. You could try both of them for free and see which you like best.
Another thing you may want to consider is using an email client on your Mac. This allows you to monitor/use multiple accounts while you are transitioning from one service to another, without constantly logging in to webmail. Mozilla Thunderbird is free, open source, and works well, but it’s a bit limited on UI. Postbox works well and has a great UI, but it’s closed source and you need to pay for a license. Tutanota also has a new desktop client that works well, although it’s still in Beta.
Okay… banner. I’ll give your suggestions a go! Thanks,eh! 🙂
George, I feel your pain having an aged and established email address and contemplation of transitioning to another provider. The good aspect of having hotmail is that you don’t (? ..it’s been 15+ years since I touched hotmail) need to pay to keep it around to collect potentially important emails after getting a new email address.
–
First, if you only use hotmails’ webmail interface and all your data is elsewhere that is an important detail. Similarly, if you use the Apple mail application as an IMAP or POP3 client that is important. All of those use cases influence the process of safely migration away from hotmail and how much work it will take and what percentage every detail can be retained.
–
Secondly, the way in which you continue to use email after migration is a factor.
EG: if you rely on web browser access or not, what sort of device(s) do you require access to the data and so forth..
If you read and send email only on your Mac then you can, and perhaps should shift to using the Apple mail application as a POP3 client. This would allow flexibility built into the Mac by using your localized Contacts and Calendar applications.
If you began using email with hotmail and have been using it the same way ever since, migrating is a decent time to consider how and why you use the current methods and perhaps change other aspects also.
–
Third, if you don’t own your own domain name it’s worth considering a budget for one. That way you never have to fool with a change of address after the initial transition. If you do own a domain and are paying hotmail to use it that is an important factor in your potential migration also..
–
If you have created very detailed contacts (name,addr, phone, birthday, photo, etc) which you only have on hotmail servers, there typically are ways to export that information. A good baseline to use is a so called ‘comma separated values’ text ( .CSV ) file you can save on a device you can touch. Other export formats often used are more ‘rich’ and can contain more [meta]data. Gist of it is, if the contacts you have can be useful in their primary function(s) by simply writing them down by hand, automating contact migration should be quite painless.
–
If your emails stored at hotmail are vital to keep, this can be tricky to migrate. IMO with a large store of emails on some server out in the world (webmail) it’s worth installing a email client (MUA) and turning on POP3 services at hotmail and simply download them all to your computer. You can configure the MUA to not delete the email from the server upon fetching the email. This way you have a local copy of all your email at the point in time you fetched it from hotmail via POP3.
–
While tutanota may be enticing you need to consider it’s basically an alpha state of service, incomplete. The service does and will have problems. As a work in progress it may not be suitable depending on your needs. Get a free account and try it out for a while. Use it for non critical things which will allow you to notice what it does/doesn’t do compared to hotmail and how usable for you it is.
–
Finally, if your data at hotmail is very important it’s worth looking for freelance IT help to migrate things for you once you decide on a new email host. There are many reputable services/websites around and cost could be very low ($10-20) for the peace of mind. Search using keywords like “geek nerd hire freelance IT contract migration” and look around.
Keep in mind that having answers to the various questions/options I presented above will be useful regardless of who you choose for email hosting and how you migrate from hotmail.
EG: Being able to state: here are the facts of what I have, this is my objective will save time, perhaps money, allow others to give better advice and reduce or eliminate issues.
JN
Hi!
Your opinion about KolabNow, Neomailbox? Can I trust them?(Especially KolabNow? )Who would you rather have? Or to honor Posteo?
I like to hear what you think about Lavabit?
They were forced to shut down in 2013 because they are based in the US and government authorities wanted them to provide access to all customer data (hand over the keys). They are still based in the US, so this fundamental problem has not been solved, and could easily happen again. I would not recommend them (or any US email provider) due to these risks.
Hi guys,
what do you think about gmx.com email service?
Thx,
Hans
Hi Hans, while it is based in Germany (good privacy laws), GMX is certainly not the best option, see here:
https://tutanota.com/blog/posts/gmx-tutanota-comparison/
Thanx, Sven.
In recent years I have been using most of the leading email providers listed here right away. It is very interesting to test them for a long time. My opinion is that in principle there is no perfect and safe mail.
Mailbox – after deleting a mailbox, after a while it allows you to register it again. A PIN combination + 2FA is suggested for entry, there is no traditional combination at all. Servers are sometimes slow. Password complexity weakened.
Posteo – when deleting a mailbox, after a while it allows you to register it again. Not very convenient WEB interface. Password complexity weakened.
Very stable, the speed of the servers pleases. Present mail encryption of the entire mailbox. Excellent impression of operation.
Tutanota – it is strange to release a mobile client without PIN code protection. The interface in mobile applications is underdeveloped. It is very stable, the speed of the servers pleases. Awkward WEB interface. Saves your IP when registering. users.I would like to have a desktop version, its absence is a serious drawback, for example, for less demanding users.
Mailfence – allows registration of users from Russia only through a proxy. Without a proxy, you immediately see the inscription “registration is temporarily unavailable.” Clear disrespect and selectivity. The mail-free ideal work of the mail ended after about 8 months. Posteo is always delivered.) Problems with sending mail to some well-known mail servers. Mail is returned with an error. It is a pity, because at first I considered the service also ideal. Lack of encryption at rest. Closed code.Sending emails to known services is sometimes unhurried. In general, good impressions of the interface and mail.
ProtonMail – Used for many years. Very stable, reliable. Support is great. A bug was found in the work of Apple Mail, corrected by releasing a new version in less than 24 hours. Received all the answers within 24 hours. Clear and concise. to strive. Work with setting up domains is perfectly organized. An ideal mobile client. It is very upsetting the presence of one password for both mail and VPN. (VPN application is buggy, with connection problems.) There were never any problems with delivery and dispatch. Mail delivery is slow.The service accepted funds from the OS and American investors. On the whole, a double impression, almost ideal and such a love of money …
CounterMail – I tried it twice. The first time he didn’t like it. After a while, he gave him a second chance and now he is one of my favorites. It feels that the emphasis is on security, and not on the interface and other trifles.
Very fast servers. Separate key-password for applications. WEB interface in terms of working with letters is not convenient, but you get used to it. Without logs and tracking (you feel with him feelings similar to the Perfect Privacy VPN service). Highly recommend.
My choice with an emphasis on encryption alone (without this feature, we almost have Dropbox):
CounterMail
Posteo
ProtonMail, Tutanota
For my personal experience mailbox.org server are not slow, at least here in europe.
what do you think of soverin?
Looks good, I’ll keep it in mind for the next update.
Hi TeCer,
I’ve used Soverin in the past when trying to weigh the mail services options out in my wanting to get away from Google and Yahoo.
Came to the conclusion – no matter what they put in print, without your mailbox having encryption / encryption at rest – is just type hype…
– That you’d need encryption offered to ensure you do only have access to your own data for truly your eyes only, bottom line in benefits a totally no means of eavesdropping from the mail service.
–
The users contents of their messages data in an unencrypted e-mail service is readily accessible to the mail service provider and is only given a “treatment of Customer Confidential” as the strongest guarantee of trust us.
Which is the highest level of protection that you could expect within their email system.
So really a trust based email service that pushes a zero-knowledge platform without encrypting it’s users data is not Trust that is earned – and you can take to the bank – it’s trust that is being surrendered by the user.
–
Without the encryption of your messages and your mailbox at rest being offered within any mail service, how can any one of them say they are secure and respect a users privacy ? Think breaches, or court ordered access for worst case events happening to your account.
– Soverin also requires you provide them with Your phone-number for verification purposes.
Sure Tutanota is not offering 25GB storage but undoubtedly the most private we have right now : )
Hope you understand now.
Hi Hard Sell,
thank you for your feedback.
I ask for soverin because i’m looking for an email provider to move my own domain from gmail.
I’m trying now mailbox.org and i’m very happy with their service, unfortunately i can’t say the same for their help desk. I opened two ticket (ok, questions was not very urgent), at first i got replied after 8 days (6 if we don’t count saturday /sunday), the second has passed 3 days without response. I don’t know … probably they are really busy in these days …
I was very interested in tutanota but they don’t offer dkim for custom domain (why?).
Hello TeCer,
Yes, Soverin could be better to offer encryption – but it doesn’t at present day. I take it of it’s big 25GB storage you’d not want to offload your messages via an installed mail client on your device. If that’s a possibility maybe look at Sub Rosa Novo Ordo secure email > https://novo-ordo.com/
Down towards the bottom here in comments I and voytek talk about it some around the Hard Sell DECEMBER 14, 2018 timeline.
–
Mailbox.org towards the tail end of last year invested 1-million euros into it’s business – sorry to hear it’s support is not as efficient and seen some of that investment. Might try their Help / FAQ or user forum for quicker facts / solutions.
https://kb.mailbox.org/display/MBOKBEN/private+clients
https://userforum-en.mailbox.org/
–
Another one Mailfence, I had emailed Patrick @ Mailfence concerning users domain and other questions. His reply – “We will release a web based self service interface for management of domain, dkim, email addresses and users”. That answer came early in Dec. 2018. I don’t find any user interface added to the site yet today in helping users not having to go through it’s supports for like help.
Though, it might be on your account’s side when logged in. See more at the link >
https://restoreprivacy.com/email/reviews/mailfence-interview/
–
Tutanota’s team is small and budget as well, so the bigger mail players on the list here have little excuse not to give good customer service.
You can ask that ‘dkim’ question and any other custom domain questions to Matthias Pfau, cofounder of Tutanota – when he comes back around again he may answer you. https://restoreprivacy.com/let-pgp-die/
–
TeCer please keep us updated with your knowledge and experiences, start a new comment instead of a reply to a burred one – people will miss. Thanks : )
Tecer, maybe this ‘admin console’ is what Patrick spoke of in answering me?
https://blog.mailfence.com/admin-console/
your own domain
https://blog.mailfence.com/create-an-email-address-with-your-own-domain/
The content in this website is amazing.
About all this mail services, why they wouldn’t be a great honeypot? They offer a strong security and privacy, and then our sensitive information arrive to them without efforts. Why should we trust?
Indeed, it all comes down to trust. Trust is a very important factor when selecting privacy tools.
With Gmail, Yahoo, Apple, and some others, you know they are explicitly cooperating with surveillance agencies, as documented in the introduction. So regardless, you still need to find an alternative.
Hi Ostinato,
Regarding – “our sensitive information arrive to them without efforts. Why should we trust?”
You’ll see a main concept of the secure mail providers – be they offer encryption as automatic or as supported – you handle your own key pairs, to what’s indeed encrypted of your account.
Truth that’s given in their Terms Of Service and Privacy Policies, and their jurisdictions regarding privacy regulations where the operate.
–
The Tutanota mailbox already encrypts all data stored there, including the entire address book.
Key management and key authentication is automated in Tutanota, which makes it very easy to use.
Tutanota encrypts and decrypts the users’ private key with the help of the users’ password. This enables the user to access their encrypted mailbox and to send encrypted emails on any device.
https://tutanota.com/blog/posts/innovative-encryption/
With Tutanota it’s known that every message stays protected as encrypted on your end in your account that you only can access.
{Even sent/received messages without encryption}…
A zero knowledge / access mail system is in place.
You own your data !
Say you want to donate to a VPN, yet also retain that open-source community say feel where the customers have a good say.
Say you pay in a donation or cryptocurrency,
an option to send it to a specific part of development
Each VPN, email, etc. company would layout their table key. What x y and z mean.
For example, lets say a bunch of people want Tutanota to develop support for cryptocurrencies.
-x = develop support for cryptocurrencies
-y = add sync option that isnt a privacy risk
-z = add convert imap ipop3 etc emails to more secure format via pro plan within encrypted enviornment.
So they simple enter -x into the encrypted text box and their money goes towards that improvement/feature in development through a secure tunnel, where it is regularly emptied into a secure offline cryptographic vault that only the VPN knows how to access. And its like blockchain so the payment is unchangable, irreversable, yet private, authenticated, untraceable and fully anonymous since they are donations and not subscriptions that are done carefully by the user in a safe enviornment.
I feel this better collaborates all three elements, you;the honest editor, the customers and the best vpns. Puts the OPEN in open source collaboration without the software needing to be open source.
Tell me your thoughts on this, I look forward to hearing from you.
@ Spread_This_Idea,
Try to develop your thoughts with a specific VPN or a Secure Encrypted Email Provider. Running both topics together, looses it’s purpose to understanding what gain and outcome your shooting for.
If you’d pin point your ideals to one and not generally to all, that would help to get you some feedback and for your ideals to expand on.
There are labeled ‘Topics and Guides’ to submit your ideals here at the Restore Privacy site.
Choose one subject that is a best fit overall to voice out to this following community. Example) Say a review of a specific VPN.
We’ll listen offering ideals but, not act – how can we?
Still your not contacting the developers of a said product – just us.
–
To ‘ear-tag’ a donation to a specific part/branch of it’s development,
the VPN, Secure Encrypted Email Provider, etc. in any other company – would need to be setup for that. Agreed : )
– Maybe this is where you’d offer a general drafted letter for contacting a said product/developer/company. To bring it home to them that while the overall product is incomplete without ____ feature, and you can not buy it because of this at the present time. You’d like the ability to ‘ear-tag’ a donation to this specific feature missing of it’s development stage at present. Only when this ____ feature is included with new releases would you consider buying in and supporting the further development of the project.
(Just an heads up ideal) …
Thanks very much for creating this very informative page!
However, one critical feature of secure emails services has not been discussed on the page or comments thus far, and is also not discussed in the ‘shortcomings’ section either:
Can you please revisit all the services and comment on how they search the secure emails, if at all?
Why is secure email search important?
Ideally you want end to end encryption so that the email service provider cannot read your emails even if they wanted to. However, if the emails are never available plain / unencrypted to the email service provider, then how do they provide a search index to search the emails? It’s a kind of catch-22 situation…
For example, for the longest time, Protonmail would store the subject lines unencrypted and Protonmail users could only search the subject lines and not the email body [1]… which is pretty useless if you are used to the luxury of searching with a non-secure email service such as gmail, etc.
After years of complaints from users, Protonmail developed a new search mechanism only for paying users whereby the search index is located on the desktop client (OSX and Windows, but not Linux, iOS, and Android), and not on the Protonmail servers:
“Because ProtonMail uses end-to-end encryption, we cannot read any of your messages or attachments, and therefore we currently cannot search through the message body. However, you can search through message bodies if you use the ProtonMail Bridge.” [1]
While better than before, this is still pretty sucky because typically if you have many emails than you’ll end up with a search index of a similar-ish size. So if you have a few GB of emails, who wants to have the hassle of a few GB of search indexes on their various client devices?
Plus if you get a new client… it takes a longer period of time to copy a few GB around. And even if it were available on cell phones, have you ever tried copying GBs of data around on a cell phone… it’s not fast.
If you like email and search (and Yahoo is on record as saying that searching is the most used email feature… even more than sending emails!) then what all this means is that moving to Protonmail will just be a very frustrating exercise. I tried it myself and gave up because of the lack of search. Other people are talking about how the Protonmail search functionality sucks here [3].
Tutanota also went for years with crummy search (like Protonmail), and then introduced its search mechanism [4] which works similar-ish to the Protonmail in that it offloads the search index to the client.
Again, Tutanota search is only available for paying users [5] if you want to index more than a month of emails. But at least it’s possible with Tutanota to have a search index on Android (unlike Protonmail) [6]. And again, it’s sucky to have a giant index on your Android phone. For example, my gmail size is currently 24.8 GB after 10 years of usage. So if I switched to Tutanota, they expect me to have a +/- 25 GB search index on my Android device?! Er, no thanks… But it’s not possible to switch anyway because “Enable import of emails” is a Tutanota ‘Upcoming Feature’.
Also, it’s not clear with Tutanota whether the search index on the client is encrypted and safe. What happens if somebody gets hold of my phone etc?
Plus, what if I want to search my emails gmail style from a browser and I don’t have a device handy? Seems like this is not going to be possible with either Protonmail or Tutanota, because their paying customers have to store the search index on their devices.
It would be great if you could look into secure email search for the other services and list all the search pros and cons. Ideally I’d like to find a service with the following: 1. Ability to import my gmail emails. 2. Ability to securely store the search index in encrypted form. 3. Ability to maintain only a single search index and use it from multiple clients (e.g. desktop, browsers, cell phone, etc). 4. Ability to securely store the search index in the cloud so that I don’t have to maintain it on one or more of my devices, and always have that device switched on, etc. 5. Ability to have better search than gmail, e.g. partial text search; searching for part of a word such as searching for ‘lace’ and finding ‘inplace’, ‘place’, ‘placement’, and ‘lace’, etc. 6. Ability to access and search my email without an own device, e.g. via a web browser. How close does the closest current secure email service get to these requirements?
Hope you also like the idea of researching secure email search, and look forward to seeing the results!
[1] https://protonmail.com/support/knowledge-base/search/
[2] https://protonmail.com/bridge/
[3] https://www.reddit.com/r/ProtonMail/comments/ad8x3h/your_search_functionality_sucks/
[4] https://tutanota.com/blog/posts/first-search-encrypted-data/
[5] https://www.reddit.com/r/tutanota/comments/7x0y9z/tutanota_search_only_for_premium_users/
[6] https://tutanota.com/blog/posts/secure-mail-android-app-beta/
[7] https://tutanota.com/blog/posts/development-feature-list/
Hi Simon, excellent points, I agree with you on the search feature, but I see it as a necessary tradeoff for more security and encryption. I also agree that Tutanota does doe better than ProtonMail with regard to the search feature, without the security tradeoff of ProtonMail not encrypting any subject lines.
I’ve been using the search feature with Tutanota on a premium account with this domain and it seems to work well. You can select the time period that you want indexed, and then search for emails in that range. It does take some time for the browser client to index your encrypted emails for search functionality. I can’t speak for mobile clients as I do not use these.
Hi Sven, Very happy to read your response and looks like we are on the same page. It maybe that that secure email status quo still involves the ‘necessary tradeoff’ as you put it, but I don’t think that this is obvious to most people who are considering switching. Therefore, it would be good to highlight what the current status quo and tradeoffs actually are. And I believe that if the tradeoffs were discussed first, at the top of the page, then most readers would not read further…
I would to switch to a secure email service that has no disadvantage or tradeoff over gmail. Maybe such a service doesn’t exist today, but then maybe that’s more of a reason to discuss and talk about the tradeoffs so that an existing email provider or a new provider might step up to the plate and provide a better service without the tradeoffs?
When you look at the billions of email users gmail, Yahoo, et al have, and the few millions of email customers that *all* of the secure email providers have, you don’t need to be a math wiz to figure out that *all* the secure email providers collectively have less than 1% of the entire email user population, and after years of trying, and even with all the widespread public news of Edward Snowden stories and shenanigans in recent years. Do you think it’s because of the tradeoffs? Or what are other reasons?
Matthias Pfau, cofounder of Tutanota offers answers on the article Let PGP Die: Why We Need a New Standard for Email Encryption
https://restoreprivacy.com/let-pgp-die/
Simon,
@Yahoo is on record as saying that searching is the most used email feature… even more than sending emails!
THAT’S HARD TO BELIEVE – without sent/received mail what’s to search for anywho?
@Tutanota search is only available for paying users if you want to index more than a month of emails.
PAYING HELPS SUPPORT IT’S DEVELOPMENT – the free version, search is limited to four weeks into the past due to heavy server load caused by the encrypted search feature. It’s cheap !
https://tutanota.com/blog/posts/premium-pro-business/
@ it’s sucky to have a giant index on your Android phone. For example, my gmail size is currently 24.8 GB after 10 years of usage.
TIME TO CLEAN HOUSE – What good is it searching past email’s to see – ex: a software license code that’s long expired, birthday wishes to aunty Rose 5 years before her passing, friends un-befriended, etc…
@So if I switched to Tutanota, they expect me to have a +/- 25 GB search index on my Android device.
WHAT MAKES YOU THINK THAT – Since ‘import of emails’ is not possible / it states that “As the search index needs to be stored in your browser, it does not work in private mode/incognito mode”.
https://tutanota.com/faq/#search
So It Would Not Seems To Occupy 25 GB Device Storage Space : )
~ It’s only the search index (reference) that is stored encrypted on your device…Not all the messages themselves…
*I then take that the clients (webmail, desktop, mobile) that was used to create the search index (reference) in turn contacts the Tutanota secure server to view the sought after message.
Webmail – https://mail.tutanota.com/login
Desktops – https://tutanota.com/faq/#desktop
Mobile – https://tutanota.com/faq/#tutanota-app
@it’s not clear with Tutanota whether the search index on the client is encrypted and safe.
LOOKS LIKE IT IS – 2. The search index is encrypted and stored locally on the client.
How does Tutanota’s secure search of encrypted data work? > https://tutanota.com/blog/posts/first-search-encrypted-data/
“Search is executed locally via an encrypted search index to guarantee security and privacy of your data as well as your search queries” https://tutanota.com/faq/#search
@What happens if somebody gets hold of my phone etc?
WHY LET THIS HAPPEN – I’m only using webmail but I’d imagine clients would need to be logged in to or a set time they automatically log out you out.
“The server only needs a fingerprint (hash) of your password. With Tutanota your hash for authentication is calculated by your browser and only the hash is being sent. Your password never travels the Internet in plain text and it is never seen by our server. As hashes are non-invertible, the server is unable to reconstruct your password from the hash. The server is not able to decrypt your message, but still able to log you in.”
https://tutanota.com/faq/#password-security
PLEASE READ THESE – What Tutanota does to guarantee maximum securtiy >
https://tutanota.com/blog/posts/open-source-email
General >
https://tutanota.com/howto/
Any questions doubtful of answers please contact the Tutanota Team.
https://tutanota.com/contact
If you’re a healthcare provider, you might give [https://www.MailHippo.com] a try. They set you up with a Business Associate Agreement and currently have a free trial available.
Here’s an interesting blog article by Amnesty International
https://www.amnesty.org/en/latest/research/2018/12/when-best-practice-is-not-good-enough/
Where a couple of campaigns, attackers were particularly going after accounts on popular self-described “secure email” services, such as Tutanota and ProtonMail.
The other campaign, the attackers have been targeting hundreds of Google and Yahoo accounts, successfully bypassing common forms of two-factor authentication.
–
Both involved stealing users credentials as the phishing attempt.
I was shocked to see as a user that Tutanota didn’t send it’s users word by email of the phishing attempt that was set up on a malicious page (tutanota.org) that’s nonworking now. Thanks to Amnesty International in contacting the Tutanota staff about the org domain.
–
The article is an interesting read how these groups continue to advance and use sophisticated means – well-designed clones of the commercial sites it impersonates, https:// prefix, two-factor authentication, even of Selenium with Chrome Driver, which is a set of tools commonly used for the automation of testing in web applications. It also lends itself perfectly to the purpose of automating login attempts into legitimate websites and streamlining the phishing attacks.
As far as encryption at rest goes, I must say just Tutanota, CounterMail and StartMail will offer something easy for the user. Mailbox.org is a pain to use if you are not experienced. You have to work with the “keys” and at the end you have no idea if you’ve got an encrypted inbox. Mailfence and Runbox – not there yet, ProtonMail – lost a lot of trust among users, Posteo – no custom domain, so I didn’t even think about using them (unfortunately, because they look quite privacy oriented)
But: Countermail didn’t work for me on the trial phase: on Safari and on our old friend Internet Explorer it failed to decrypt the test emails I sent from an other account, although they were correctly showed in the inbox. So it seems there is still a lot of work for such an old email provider who should have not have this basic issues.
Tutanota – great on paper and also price friendly, but I see no way how to import old emails
StartMail – a little on the expensive side, 5$/Month, true with 10GB
Very interesting points regarding outside investors and how this may create problems with business and users.
The Tutanota blog has a recent post where they talk about this topic and their business model not bringing in outside money, growing slow instead of fast: https://tutanota.com/blog/posts/welcome-nils/
” At Tutanota we grow our team continuously rather than extremely fast. We deliberately decline big money from big investors – particularly from American investors. Growing organically is extremely important to us as it guarantees one thing: We remain independent and can decide for ourselves what we develop next, and how.
Only by remaining independent we can make sure that no one can influence our development or ask us to integrate an encryption backdoor.
To make sure that Tutanota will remain true to what we promise – building the most secure email service to protect your right to privacy – we have published the code of our web app, Android, iOS & desktop apps as open source under GPLv3.”
Hi Sven! I use Tutanota, and very impressed with their service. However do you know which will be the best cloud storage service for sharing files that has zero-knowledge? Thank you
Hi Leroy, I need to get a guide on this published, but Tresorit in Switzerland seems to be among the best options.
Hi Sven, there is an issue with tresorit, they only have their HQ in Switzerland, most developing is done somewhere else. I found once a review about tresorit, where the author complains that all data makes u-turns through Azure servers in UK (or similar).
I prefer securesafe, it is not super user-friendly, but has a big emphasize on security.
Sven, I suggest you add two other cons of Tutanota.
You have no way to change the RSA encryption keys if they are compromised. Changing the password does not solve this problem. This is the main reason why I do not use Tutanota and advise no one to use it. ProtonMail provides such a possibility (for mailbox only but not for contacts).
Using Tutanota you are limited to five address aliases, but you cannot delete them and replace them with others. ProtonMail lets you delete aliases through the support service.
Well, what about GMX.com? Is it private enough? If not, what would you suggest for someone looking for private (enough) but not necessary anonymous free email service supporting pop3&smtp. It’s not easy task, share some suggestion, please.
Hey It’s free and has a lousy PP.
2.2 Categories and Origin of Personal Data
We process the following data categories in connection with the provision of our GMX FreeMail service:
You provided your “user data”, e.g. name and date of birth, to us on registration.
Furthermore, we process content data. This is content that you actively create or use as a user. This includes, e.g.
• your e-mails, address book contacts or
• files you store in File Storage
• data you upload, e.g. in the app.
–
If not, what would you suggest = just about anything on this list that meet your requirements. That’s not having end-to-end encryption built in or rolling some form of their own encryption.
Really you can’t spring for a around a $1.00 month up to get all your require (pop3 & smtp), then look for free smaller mailbox storage providers here.
Sven’s given a good break down that each one offers, lest enough info to interest you to check out their sites.
You email with someone who use Gmail on daily basis, so what’s the point of having “secure&paid” email account? I think it’s not about paying $1, in fact in many cases, it’s absolutely pointless. The only way out is using TB&PGP and encrypt everything what is important for you . That’s all. Having said that I’m looking for email service which can provide some secrecy of correspodence, I mean, no “share” the data with “third-parties”. That’s crucial for me. Not storing data on server (i.e. when you use POP3) is also important in such a case. For instance, ZOHO.EU/GMX.COM could be reliable solutions. Tutanota & company doesn’t support POP3/IMAP. Others, like Posteo, provide you this facilities but, in my opinion, it’s not worth paying for that.
@ The Patriot: GMX seems to be a pretty bad choice when it comes to security. See this article form Tutanota:
Security Comparison: GMX and Tutanota are German email providers. That’s as far as the similarity goes.
Great link and it’s article Sven : )
I liked the 1-6 additional parts after the ‘Security comparison of Tutanota and GMX’.
They summed it up well saying “GMX started in 1997 when email was still a very young medium. Its level of security has not much improved since then.”
Taking into consideration it’s meant for GMX as well for email communications in general, that was never meant to be secure anyways of the first place.
–
Then after the Snowden Revelations,
https://www.lawfareblog.com/snowden-revelations
email communication users must ask for much better security measures of encryption, not just because of phishing attacks on email accounts rise in sophistication. But, because everything is spying everywhere anymore…
[In as far back as 2014, NSA and GCHQ infiltrated several German and global telecom companies to build the Treasure Map program. A vast NSA campaign to map the global internet. The program doesn’t just seek to chart data flows in large traffic channels, such as telecommunications cables. Rather, it seeks to identify and locate every single device that is connected to the internet somewhere in the world—every smartphone, tablet, and computer—”anywhere, all the time,” according to NSA documents.]
–
Cyber attacks (breaches) to are becoming increasingly more sophisticated as the Government, the CIA part lost control of the majority of its hacking arsenal.
Once a single cyber ‘weapon’ is ‘loose’ it can spread around the world in seconds, to be used by rival states, cyber mafia and teenage hackers alike. https://wikileaks.org/ciav7p1/
GMX was great email back when you could still pay for their “Pro” offering in the early 2000s. Today? Stay away. While German/EU data legislation applies, they’re hardly private and they’ve had such a bad reputation for spam that many providers still block them by default (ie, messages mysteriously never arrive). You can do better.
https://www.zdnet.com/article/log-free-email-provider-posteo-you-must-log-user-ip-addresses-court-rules/
Posteo’s – First comment on the decision of the Federal Constitutional Court
https://posteo.de/blog/erster-kommentar-zur-entscheidung-des-bundesverfassungsgerichts
If your worried about – i.e., IP addresses from which you as a user connect with or in which you’ll create an Posteo account initially.
– Taken from Sven’s Mailfence Interview – [Restore Privacy note: The easy solution here is to always use a VPN with your email provider to conceal your IP address and location.]
Good find! That makes using a VPN with secure email all the more important, all the time.
Another plus for Tutanota is that it supports FIDO U2F authentication tokens. As far as I know it is the only email service to do so, aside from FastMail (which stores its emails unencrypted on servers in New York, according to a comment on this page) and Gmail.
Thank you for this excellent & informative site.
@Brice Le Blevennec – thank you
All the ones in Sven’s list do in some form or fashion.
Here’s where to see what methods are used if anyone is interested in any one email service.
-Tutanota – 2FA only available in new Tutanota client, Tutanota Android & iOS apps 2FA being added in the coming months.
https://tutanota.uservoice.com/knowledgebase/articles/1201942-how-does-two-factor-authentication-2fa-work-in-t
-Mailfence – Supports two-factor authentication (2FA)
https://mailfence.com/en/two-factor-authentication.jsp
-Posteo – Supports two-factor authentication (2FA)
https://posteo.de/en/help/what-is-two-factor-authentication-and-how-do-i-set-it-up
-StartMail – Supports two-factor authentication (2FA)
https://support.startmail.com/index.php?/Knowledgebase/Article/View/704/4/how-to-set-up-two-factor-authentication-2fa
-Runbox – Supports two-factor authentication (2FA)
https://help.runbox.com/account-security/
-Mailbox.org – Supports two-factor authentication (2FA)
https://userforum-en.mailbox.org/knowledge-base/article/is-there-a-two-factor-authentication
-CounterMail – says it does (2FA), only thing I can find / Changelog 2018-10-10 -GUI improvements for 2FA-login and a mention on 2018-07-31.
https://countermail.com/?p=changelog
-Kolab Now – Supports two-factor authentication (2FA)
https://kb.kolabnow.com/documentation/two-factor-authentication-2fa-at-kolab-now
-ProtonMail – Supports two-factor authentication (2FA)
https://protonmail.com/support/knowledge-base/two-factor-authentication/
-Thexyz – Supports two-factor authentication (2FA)
https://www.thexyz.com/account/index.php/knowledgebase/88/How-to-add-Yubikey-Authentication-to-Thexyz.html?language=estonian