this post was submitted on 05 May 2024
89 points (93.2% liked)

Privacy

31815 readers
323 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

Like it or not, email is a critical part of our digital lives. It’s how we sign up for accounts, get notifications, and communicate with a wide range of entities online. Critics of email rightfully point out that email suffers from a significant number of flaws that make it less than ideal, but that doesn’t change the current reality. In light of that reality, I believe that an encrypted email provider is a must-have for everyone in today’s age of rampant data breaches, insider threats, warrantless police access, and targeted advertising. If I can get access to your emails, I can get a range of sensitive information including where you bank (to craft more convincing phishing attacks), information about pets (I get notifications each year from the vet for my cats’ annual checkups), calendar reminders, news announcements from family, support tickets from services you use, and more. In a worse case scenario, if I get access to the account itself, it’s trivial to simply issue password reset requests for nearly any of those accounts, have it to sent to said compromised email account, and gain access to a wide number of other accounts you use – from banking to shopping and more – for any number of reasons. So this week, let’s look into the top encrypted email providers The New Oil recommends and their features to help decide which one is right for you.

top 50 comments
sorted by: hot top controversial new old
[–] just_another_person@lemmy.world 106 points 6 months ago (4 children)
[–] clmbmb@lemmy.dbzer0.com 11 points 6 months ago* (last edited 6 months ago) (3 children)

Yes, and both have proprietary clients. I have proton and I'm in the process to moving away mainly because I can't use their calendar and contacts natively in Android. Not sure about Tuta, but I never liked them.

[–] refalo@programming.dev 4 points 6 months ago (1 children)

Well do you want privacy or do you want convenience? You can't really have both here IMO

[–] clmbmb@lemmy.dbzer0.com 2 points 6 months ago

You don't have 100% privacy as long as you send mails to people and services that don't support proton's encryption. If I wasn't privacy I can always use gpg.

[–] just_another_person@lemmy.world 2 points 6 months ago (1 children)

Didn't Proton release some kind of adapter to solve this issue and allow for IMAP?

[–] LittleBobbyTables@lemmy.sdf.org 10 points 6 months ago* (last edited 6 months ago) (1 children)

Yes, Proton Mail Bridge. I use it with KMail, works pretty well, I’d say.

Edit: I think this client is only for desktop, however. Android users will have to find another option.

[–] just_another_person@lemmy.world 1 points 6 months ago

That sucks, but good to know.

[–] Twitches@lemm.ee 1 points 6 months ago (4 children)

Same calendar doesn't give notification unless I open it. I'm just looking to replace Google.

[–] archer@lemmy.ml 8 points 6 months ago

It works for me in GrapheneOS, should work on regular Android, too? What I'm missing is a dedicated Proton contacts application including integration into the phone app.

[–] vatlark@lemmy.world 3 points 6 months ago

Huh, works fine for me for nearly a year now. The only thing I still use google calendar for are some shared calendars.

After proton adds Standard Notes. I'm hoping google maps will be the last product I'm tied to.

[–] clmbmb@lemmy.dbzer0.com 3 points 6 months ago (1 children)

I get notifications some times, but mostly I get them at totally random times. It's very annoying.

[–] Twitches@lemm.ee 2 points 6 months ago (1 children)

Check your battery optimization, so if you go to the app in your settings turn off all battery optimization. Just did this, not sure how well it's going to work, but, maybe

[–] clmbmb@lemmy.dbzer0.com 2 points 6 months ago (1 children)

I've done this. Didn't help. I'm in a Samsung S20+ and checked with my wife's pixel too and still have problems.

[–] Twitches@lemm.ee 1 points 6 months ago

I have the same phone. I'm guessing mine probably won't work either :(

[–] RiQuY@lemm.ee 7 points 6 months ago (1 children)
[–] TCB13@lemmy.world 4 points 6 months ago (1 children)

The guys who decided to block GrapheneOS for no reason and don't provide reasonable explanations nor fix the issue.. yeah right.

[–] Pantherina@feddit.de 2 points 6 months ago (1 children)

What, source?

How would you block an OS?

And btw there are some reasons why GrapheneOS may be criticised

[–] TCB13@lemmy.world 2 points 6 months ago (1 children)
[–] Pantherina@feddit.de 1 points 6 months ago* (last edited 6 months ago)

Thanks! TLDR spamhaus (a big spamlist provider) has them on their spamlist, or maybe not, and they are using some fancy CDN.

It is VERY likely just a technical error.

[–] delirious_owl 2 points 6 months ago* (last edited 6 months ago)

Wish I could signup on Tor.

I use dnmx instead

[–] Pantherina@feddit.de 14 points 6 months ago

Mailbox.org missing, pass

[–] airikr@lemmy.ml 11 points 6 months ago (2 children)

Why isn't posteo.de in the list? They are like Tuta, but with some more features like IMAP/SMTP.

[–] TheFeatureCreature@lemmy.world 8 points 6 months ago

A lot of lists for private alternative email services start and and with Proton, seemingly. Services like Posteo, Mailbox, Hushmail, Fastmail, etc are frequently overlooked. It's a shame because many of these other services are great and Proton is one of the most expensive and not suitable for everyone. I've been with Posteo for years and I have nothing but praise for it.

[–] possiblylinux127@lemmy.zip 4 points 6 months ago* (last edited 6 months ago)

I like the price tag

[–] jet@hackertalks.com 10 points 6 months ago
[–] a1studmuffin@aussie.zone 4 points 6 months ago (2 children)

Has anyone tried self-hosting on a NAS or similar? I'd be interested to hear the practicalities of it, I imagine it's not exactly set or forget, and the realities of the enshittified internet present some obstacles, like ending up in spam filters etc.

[–] myself@lemmy.ml 11 points 6 months ago (2 children)

A mail server is often mentioned as the first thing you don't wanna bother with hosting yourself

[–] possiblylinux127@lemmy.zip 1 points 6 months ago* (last edited 6 months ago)

I think it would fun to try it

[–] a1studmuffin@aussie.zone 1 points 6 months ago

I did some more research after your comment and it does indeed sound like it's not for the feint of heart.

Spam seems to be one of the biggest challenges, both incoming and outgoing. For incoming, it's a constant arms race with spammers to circumvent spam filtering techniques. But at least that's something you have control over, you can just turn off your spam filtering and ensure you receive all important email. The real problem is ending up in other people's spam filters, which you have very little control over once you've decided on your mail server domain/certificate.

The crux of the issue seems to be that SMTP is ancient insecure tech designed for an innocent era when email was for universities only. We desperately need a more secure open source email protocol designed for the modern era, but capitalism isn't having it - instead we've got corporations wrestling for control of the next big thing with proprietary protocols... Discord, Slack etc. And big tech companies that continue using SMTP (Gmail, Outlook etc.) simply treat any servers outside their sphere with a high level of suspicion.

[–] refalo@programming.dev 1 points 6 months ago

it works fine IMO as long as you don't happen to have an IP with a bad reputation, but you'll likely need a VPS or similar as most home ISPs don't allow mail server or even incoming tcp ports

[–] Jinx2756@lemmy.world 3 points 6 months ago (1 children)

Both Proton and Tuta are great choices. Of the two, I prefer Proton simply because Tuta’s UI makes my head implode.

But for my every day, general email usage, I have gone with Posteo.de. They are pretty cool and work seamlessly with any email client of your choice (no need for Bridge, or the like).

[–] possiblylinux127@lemmy.zip 0 points 6 months ago

Both Tuta and Proton make you use non free software.

[–] menas@lemmy.wtf -2 points 6 months ago (3 children)

Why people still promoting proton ? Private company will not defending your private data against States. There not Unions or independent organization, there are running for profits. If you don't see it as a safety issue, think again. Proton sold IP addresses used by XR using their services to the french intelligence.

[–] BrikoX@lemmy.zip 12 points 6 months ago

No company executive will go to jail for you. Give any company a court signed order and they will comply. Hence, the companies that orient around privacy limit the data they retain so that when they get a court order, they have nothing to give. Email is flawed by design, so some metadata always has to be stored for it to be functional.

[–] refalo@programming.dev 8 points 6 months ago

Nobody is going to defend your useless data

[–] possiblylinux127@lemmy.zip 3 points 6 months ago

Proton is full of mostly empty claims.