What To Do About Email? *UPDATED*


I have had several colleagues of late that are complaining of issues with the privacy centric email provider Unseen. I myself have been witnessing sporadic issues from failed logins to delayed sending of messages. Frustrating indeed.

I think its safe to say that the most alluring thing that Unseen brings to the table is that it sits in one of the world's most privacy respecting legal jurisdictions, Iceland. While a jurisdiction that has laws favorable to personal privacy with respect to data is certainly a good thing, it is not the only factor for consideration. As far as jurisdictions go, a good starting point is to be cautious doing business with companies in the Five Eyes (USA, UK, Canada, Australia, New Zealand) for reasons we have already addressed in the past I should also point out that this is a much more important factor with a VPN service than with an email service.

Bear in mind though that if you setup your email account anonymously (use a throwaway contact email and obfuscate your IP with TOR and/or VPN) and use GPG/PGP encryption, even if some authority or bad guys grab those email servers they really have nothing useful on you.

Here are some providers I have been studying that are worth consideration:

1. Bitmessage.ch
          - Free
          - can be used with your mail client
          - hybrid of normal email and the Bitmessage decentralized network
          - setup can be a little confusing for newcomers
          - based in Switzerland (good jurisdiction)

2. Disroot.org
          - Free
          - can be used with email client
          - offers several other privacy services like secure chat & cloud
          - setup is pretty straight forward
          - based in the Netherlands (fair jurisdiction)

3. Protonmail
          - Free and paid versions
          - can be used with client on Windows/Mac, Linux still waiting
          - offers VPN service as well
          - simple setup
          - based in Switzerland (good jurisdiction)

4. Tutanota
          - Free
          - not email client compatible at this time
          - simple setup
          - based in Germany (fair jurisdiction)

5. Novo-ordo.com (Sub Rosa Email)
          - Paid
          - can be used with email client
          - offers numerous and fairly unique services
          - one of the only providers to use Mixmaster service
          - simple setup
          - based in Switzerland and Panama


Here are some others that look promising (some are US based):

1. Mailfence

2. VFEmail

3. Scryptmail

4. Confidesk

5. Lockbin

6. Lavabit (back in business with some new tricks)


There are, of course, non-email "email" services out there that offer much more anonymity, security and privacy; such as Confidantmail, Retroshare, Keybase, Riot, Bitmessage and Tox just to name a few. Usage of these services is covered in the GroundRod courses.

** UPDATE **

I should probably include the I2P based emails, I2P-Bote and Susimail.

- I2P-Bote
          - Unique "email like" system (uses key hash as address)
          - can be used with email client
          - must be running I2P router backend
          - can only communicate with other Bote users
          - encryption by default
          - can be tricky to setup
          - can be setup multi-hop with timing obfuscation
          - Free

- Susimail
          - I2P based
          - communicates with normal SMTP email
          - can be used with email client
          - can be used with your PGP keys
          - can talk to I2P based addresses or clearweb addresses
          - scrubs metadata
          - Free











Comments

Popular posts from this blog

The Insecurity of "Push Notifications" and What to Do About It

Winter 2024 Courses (Updated FEB 29)

GroundRod Level 1 in Missouri