Why You Should Use End-to-End Encrypted Email to Increase your Privacy
Email is one of the most ubiquitous forms of online communication around. According to Statista, there are over 3.7 billion email users in the world currently. Unfortunately, it’s likely that the vast majority of email users do not understand email encryption. Not even five years ago, the majority of internet users did not send or receive encrypted email. Email providers have been hacked in the past. They will continue to be hacked in the future. If you care about the privacy of your email, you should use an email service that is unable to even read your emails. It doesn’t matter if you “have nothing to hide,” encrypt anyways.
“Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say.” — Edward Snowden
In the analog world, one can send a sealed letter in an envelope and have reasonable expectations that it will not be read along the way. With email, our analog privacy protections are gone, but we can still “seal” with encryption. Often times, users are unable to set up email encryption for themselves, and just use third parties that provide unencrypted email services.
The Solution: Use a Encrypted Email Provider
A good encrypted email service should allow its users to access a completely encrypted mailbox – that means both emails and contacts. The service should also allow for anonymous sign-ups, serve no ads, and be open source. Most importantly, the email service you choose should not log IP addresses or track its users in any way.
With this list of dream features in mind, Private Internet Access suggests Tutanota for users looking for encrypted email. Check it out, today:
https://secushare.org/
Comments are closed.
6 Comments
The general public is very stupid and will not understand that both sender & recipient must be using the same service. Half of them don’t even know how the browser works!
https://www.theregister.co.uk/2018/04/24/private_web_browsing_study/
Tutanota and Protonmail are temporary solutions: their security does not extend to other mail servers. The most serious security flaw of the internet is the fact that the current global standards for mail exchange do not encrypt metadata and do not support forward secrecy. We need a new open protocol and it preferably should work in a decentralized or distributed mode which does not rely entirely on fixed servers. How else can we replace the current flawed system?
A few inspiring and somewhat-related projects which you may find of interest:
http://secushare.org/
http://flowingmail.com/
http://goldbug.sourceforge.net/
https://about.riot.im/
https://en.wikipedia.org/wiki/Ricochet_(software)
https://en.wikipedia.org/wiki/Tox_(protocol)
https://en.wikipedia.org/wiki/Ring_(software)
https://en.wikipedia.org/wiki/Wire_(software)
This is slightly misleading. Just because the service has strong server-side encryption, that doesn’t mean the e-mails sent are encrypted end to end. A user of a security-friendly service e-mailing their friend or colleague on a mainstream provider still doesn’t get end to end encryption unless it’s set up between the sender and recipient. Unfortunately, e-mail is annoyingly difficult to secure and due to federation that probably will never change absent Google and Microsoft agreeing to force the roll-out of a new protocol.
Actually, both Tutanota and Protonmail fully encrypt the mail content before it’s sent from their clients, and you can verify this by checking the client source code. (Protonmail’s mobile apps are still closed source, so this only applies to their web app.)
Recipients using the same mail provider (or PGP in Protonmail) will have their message end-to-end encrypted. Recipients using an unsecured mail provider (who are also not using PGP) can still have their message end-to-end encrypted if the sender chooses to secure the message with a password before sending. This password would be passed on to the recipient through a separate channel.
You’re right in that the encrypted mail provider will have access to the contents of unencrypted incoming mail.
I’m very serious about vacating my Gmail account. I have signed up for both the free Tutanota and ProtonMail email accounts. What was your reasoning behind selecting Tutanota over ProtonMail? Everything I have seen so far with ProtonMail I like better. Their interface wins hands down, 2FA, slick mobile app. But Tutanota definitely wins on price.
Obviously, this is a big decision that I do not take lightly. I would not want to select an email provider that will not be around for many years in the future. Any thoughts?
Having used both encrypted mail providers, I see 2 factors that put Tutanota ahead of Protonmail in terms of user privacy:
1) Tutanota doesn’t require a phone number or any other type of identifiable information to create an account. Protonmail requires a mobile phone number, which is verified during signup.
2) Tutanota’s mobile apps are open source. Protonmail promised to release the source code for their moble apps when they made their open source announcement on August 13, 2015. However, it’s been over 2.5 years since that date, and Protonmail has not yet done so.
Protonmail does have a better user interface, but Tutanota will close the gap with new versions of their clients sometime this year. The beta versions are libked from their blog.
*linked