Best Secure Email Providers

[graz_lag]

Has anyone got experience with the listed providers ?

https://restoreprivacy.com/secure-email/

Veryyyy much tired abt. the fact my Gmail' emails go thru the thousands of scanning processes ... would like to switch to a secure email provider ...

 

[ahofer]

I know a cyber security/code audit specialist whose entire phone/laptop setup reflects a highly inconvenient level of protection. He uses Proton Mail, FWIW.

 

[KozmoNaut]

ProtonMail is recommended, their ProtonVPN is also highly regarded. Mozilla has partnered with them to provide paid VPN services to Firefox users in the US.

 

[SIY]

ProtonMail is recommended, their ProtonVPN is also highly regarded. Mozilla has partnered with them to provide paid VPN services to Firefox users in the US.

This. My wife, who is a security freak, uses Proton mail exclusively.

 

[graz_lag]

Thank you!
Not the best free package among the others - however up to 500 MB of storage and up to 150 messages / day are more than enough for my private use.
Will be signing up with ProtonMail.

 

[Baphomet]

MailFence is another good option.
Here's an amazing website about privacy and all different apps and services - www.privacytools.io

 

[Blumlein 88]

I use gmx.com which is German mail exchange. Germany has somewhat better privacy laws than the USA. It is free and works nicely.

Now if you want more than just avoiding gmail data scavenging you might want something else.

I also keep a proton mail address.

Tutanota seems to be at the top of everyone's list. So much so I wonder if they are paying for the position. NordVPN was similarly suggested almost everywhere you look only to find out earlier this week its VPN was hacked over 18 months ago and only now being admitted to by NordVPN.

 

[Wombat]

MailFence is another good option.
Here's an amazing website about privacy and all different apps and services - www.privacytools.io

If Win10 and Firefox are both on the one PC does Win10 'see' what Firefox accesses?

 

[RayDunzl]

If win 10 and Firefox are both on the one PC does Win10 'see' what Firefox accesses?

Considering it is the operating system that interacts with the keyboard and screen and everything else, I'd say yes.

 

[mi-fu]

Has anyone got experience with the listed providers ?

https://restoreprivacy.com/secure-email/

Veryyyy much tired abt. the fact my Gmail' emails go thru the thousands of scanning processes ... would like to switch to a secure email provider ...

If your aim is to avoid Google to comb through your emails for advertising, rather than needing a "secure email," you could try Google G-suite service. You need to pay for it, but Google won't scan data in G-Suite for advertising purpose.

No advertising in G Suite

There is no advertising in the G Suite Core Services, and we have no plans to change this in the future. Google does not collect, scan or use data in G Suite Core Services for advertising purposes. Customer administrators can restrict access to Non-Core Services from the G Suite Admin console. Google indexes customer data to provide beneficial services, such as spam filtering, virus detection, spellcheck and the ability to search for emails and files within an individual account.

 

[PierreV]

If you just want to avoid being targeted, almost any other mail service/host will do.

If you want a bit more security, as others have said, protonmail and the like are OK to good. And yes, protonmail seems to be a bit less vulnerable than nordvpn...

The root cause of the nordvpn was probably CVE-2018-9105 btw.

but you can see that protonmail and nordvpn shared an issue that was at least as severe a month later. Whether it was not exploited, exploited, recognized and not disclosed, exploited and not recognized is an exercise left to the reader.

which brings me to the main point, if you are really interested in something seriously secure, you run it yourself (it's not that hard, especially today). While you remain vulnerable to the same attack as the services above (the 2018-04-16 vuln is shared by a dozen of products at least) you do not attract the major attention those "secure" services do.

 

[ernestcarl]

I just use protonmail and tutanota. For my microsoft/gmail/etc accounts I simply do not store any mail in there. Incoming mail is automatically downloaded and then deleted.

 

[somebodyelse]

The root cause of the nordvpn was probably CVE-2018-9105 btw.

Unlikely - that's a privilege elevation on the client end, not on the server. At best it could have been part of the chain on the way to gaining root access to the server. The claimed root cause is that the data center provider in Finland had a poorly secured management interface that they didn't tell their customers about. Whether you trust that explanation given the delay in revealing anything is another matter entirely.

 

[PierreV]

Unlikely - that's a privilege elevation on the client end, not on the server. At best it could have been part of the chain on the way to gaining root access to the server. The claimed root cause is that the data center provider in Finland had a poorly secured management interface that they didn't tell their customers about. Whether you trust that explanation given the delay in revealing anything is another matter entirely.

Yeah, part of the chain is what I mean obviously. Direct attacks against servers are almost impossible to execute these days (unless there is a gross negligence). If any of their admin users used their own products and it was exploited, they are as good as crispy toast, and even a standard user on the inside as there were several other issues that could be leveraged for escalation, just as there are on the next one (the one that impacts protonmail and a bunch of others as well).

 

[graz_lag]

Thank you all for the feedback!

@Blumlein 88 Indeed Germany applies some of the strictest protection data laws, and you're right, Tutanota seems to be at the top of everyone's list, as just confirmed by @ernestcarl. Germany is a country that shows several contradictions, they're very good on some stuffs and very bad on others ... Currently they're investing huges amount of money into the renewable energies and greener environments but keep the policy of no highway speed limits (except on some particularly but rarely highway sections in the country) or - even worst, if we look at the Volkswagen dieselgate's mess.
@Wombat @RayDunzl Currently, I am trying TOR plus Brave for my browsing activities. https://www.torproject.org It slows down a bit the data flow - however that's not a big problem to me. I am sure you're already aware of TOR.
@mi-fu Thank you - but I do not trust Google anymore, they have been saying too many times 'we're going to stop scanning your exchanges ...' but in fact they never stopped to do that ...
@PierreV Yahoo, Hotmail or AOL, or the French providers for example, are not any cleaner than Gmail, so although I am not exchanging any sensitive info via my private use of the email service, I was looking for a secure email provider to get rid of the ads tracking activities, which - as we know, get to the extent to reach all the involved recipients.

I am definitively going to try both ProtonMail and Tutanota.

I'd like to share the following link, which explains 'how to leave Google behind' : https://tutanota.com/blog/posts/how-to-leave-google-gmail

 

[RayDunzl]

I run my own SMTP server, make up email names on the fly on a per-site basis, and only use the email provided by my ISP when some distant but important destination won't accept email from a residential dynamic IP address.

If "they" are scanning mail in the backbones and can crack encryption, then just give up.

Anyway, I just don't park it with any of the services.

My inbox:

The blacked out part is @xxx.xxx.nu which resolves to the IP address of my cable modem, and the top level domain "nu" is Niue, just for grins.

 

[Ratatoskr]

Browse this link of privacy conscious email services. As mentioned you can just host your own service, with the server preferably in a non 14 eyes country.

 

[RayDunzl]

The server is under my desk, where I can keep my eye on it.

 

[Ratatoskr]

Some folks don't care to run a server at home. If you are going to set up a domain for email may as well host it in a non 14 eyes country. I never use the email address provided by my ISP nor the DNS servers.

 

[Blumlein 88]

I use Brave browser. If you haven't noticed, Firefox is one of the best privacy browsers now. Especially with yesterday's release of Firefox 70.0.

Since it was mentioned I usually use OpenDNS.