protonmail
Privacy
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
+1 for mailbox.org
Tutanota and Proton are often recommended services. I personally prefer Tutanota, and their encryption. Though, Proton has a nice suite of services, that is worth looking into. Namely their VPN and Drive..
what caused me to lean more towards tuta was their encryption also encrypts the email subject line, and not just the body. I read PGP doesn't allow for that
Tutanota also encrypts email folder ~~and~~ ~~labels~~ names. Last time I checked, Proton does not.
I know contacts are encrypted, but I wasn't aware tuta implemented email labels yet, and all that came up from the search was a post from the company on reddit 6 months ago stating it was planned for the future, at https://web.archive.org/web/20230114104535/https://old.reddit.com/r/tutanota/comments/10aumyg/question_on_features_in_provided/ .
And encrypted folder names sounds believable, but I can't find a link definitely stating encryption for that, specifically. If you could shoot me a link about it, I'd love to know it's true before I start stating that to others. Don't get me wrong, I really like how privacy-focused tuta is, but I jumped into a paid account knowing their frontend functionality is pretty barebones; something I was fine with supporting while they built it up, since the backend privacy focus and it being open source were the main selling points to me.
Yes, that’s my bad, with Labels. I never really use them, and wrote it without thinking. I do not have a source for my folder claim. I was told this several years ago, by support, when I was enquiring about their service, for business use. It was one of my many questions. While the end user seems their folder name, Tutanota sees a random identifier.
E-mail is not a private service by default. You can "try" to mitigate some privacy flaws using PGP for example but PGP is not widespread to be something useful.
I switched for Proton Mail paid plan a few months back. Glad I did
Throwing in Posteo for your consideration.
Seconding Posteo, highly recommended. I wouldn't really recommend Proton or Tutanota, though you could do worse of course
expired
Weird. Support was top tier when I had issues. I also own a business account for 30-35 people, and the issues we get are easily resolved by Tutanota. You most likely got a bad rep.
expired
Very valid. Hope you find a good alternative, as I understand that ass support is very frustrating to deal with.
I went with tutanota and I'm liking it so far. However I'm fully aware that email not intended for secure infirmation exchange at all.
The only way to ensure privacy is something like PGP. Encrypt before you send. Heck you could even encrypt before you put the contents into a message body.
With self hosted, the messages themselves aren’t encrypted at rest and they are clear text between hops even if those hops support TLS in transit.
Ultimately the right answer for you will hinge on what your definition and level of privacy is.
Note that PGP only encrypts the body, not the subject, sender, or recipient. So it's only partial encryption and not very private compared to modern messaging services like Matrix. This is a fundamental limitation of email. It's "Pretty Good Privacy", not "Very Good Privacy".
What's your threat level?
There's no such thing as fully private. For that, encryption where you control your keys is the way to go. If you're really paranoid then Disroot or Riseup. If you like to be able to use any clients then don't go with Proton or Tutanota. There are a lot of paid mail services, whatever you go with, you just have to read the privacy policy and know what your threat level is. Just purely paying for the services may make you feel better about your privacy but that's not always the case. If you do something the authority doesn't like, the provider gets hit with a subpoena and can hand you over. But again, encryption encryption.
This resource may help you, although the author is pretty paranoid and I don't agree with a lot of their views or writing style, but I think this might be the most comprehensive list for email providers.
This is important. Without a threat model, recommendations will always be generic. Are you important enough for the NSA to dedicate resources too? You're screwed.
-Mailbox.org
-Self hosted
I'd strongly recommend against self hosted email.
Has a team of engineers to manage emails and the company finally gave up and switched to AWS because of constantly deliverability issues. I think the commercial companies won that war.
Depends what you do with it. The average private person might never notice issues.
What exactly do you mean by private with regards to email? What is the problem you're trying to solve.?