Are private email providers worth it?
from notarobot@lemmy.zip to privacy@lemmy.ml on 03 Sep 21:19
https://lemmy.zip/post/47834525
from notarobot@lemmy.zip to privacy@lemmy.ml on 03 Sep 21:19
https://lemmy.zip/post/47834525
I think I know the answer, bit maybe I’m missing something
Since proton only sends and receives encrypted emails to other proton accounts, that means that when you get or send an email to someone else, they have to send / receive unencrypted and there is no way for us to verify what they are doing. Right?
Also if most accounts are google Microsoft, they still get 90% of my emails. By switching to proton I think I’ve gained nothing, while losing convenience , added another trust point, and having two different companies have my data instead of just one
Proton drive, calendar and VPN I think are fine
Sorry for the poor syntax. I’m at work working on email related things, and this topic kept distracting me. I might correct it later
threaded - newest
Mail transport these days is usually encrypted over the wire, but once it lands at the receiving server (i.e. gmail) it is stored in the clear, or at least in a way that the host can read it.
Exactly. It has to be sent unencrypted. So there is no way to know what either of the providers are doing and is just a big “trust me bro”
It’s usually sent encrypted (by TLS) so it can’t be read by external entities monitoring internet traffic. Then the host decrypts it and stores it and can access it. Yes it’s trust me bro. Email is fundamentally not all that private, because of that.
I think Proton mail is worth it just to diversify off Google but I don’t lend much faith in how effective privacy will be with email. The free service is enough for that. If I wanted more faith in encrypted communications, encrypted chat applications. I sub to proton for drive and VPN. ProtonPass has all the email aliases for throwaway websites
Proton does offer what is essentially a self-contained PGP portal. You send anyone an email and they get a “hey, this is me, open the message below” thing and then a link to a message that’s hosted on Proton servers. So your Granny doesn’t need to set up a public/private key pair, you can just send the encrypted portal option.
No idea of Tuta or others do this.
Plus, no matter who you chose, you personally aren’t feeding the Google algo. You can do what I do, which is you leave all the hyper data hungry services in the data eating world, just feeding on each other alone. Then you have real conversations over email or fediverse.
Yeah. I chose proton over tuta because of this option to send the link to the encrypted message. I think tuta does have it, but it didn’t show the entire conversation. If you wanted to see the entire chain I think you and to either find the mates email to get the latest URL, or open each URL by itself.
The problem with those is that you have to exchange the password by some other means than the email itself, so it’s really not practical for the other person
Signal message should be good enough. Though I think part of the Proton version is that by virtue of opening the email you are validated to open the message. Not sure if that means it can be forwarded or what.
No.
No. Email is just a non-centralized protocol. While not everyone uses it the same way, most normal people never use email to communicate with companies, who are increasingly forcing people to use chatbots anyway. So it’s not even a reasonable point to make. Password protected emails are meant to be between people who have an established relationship. If a company needs someone to send them encrypted message, they’ll have a platform for that, just like Wikileaks or ProPublica, so you’re not making a valid argument about that.
If some Youtuber is someone that does anything privacy-related enough that they should be receiving encrypted emails, their public PGP key should be on their YT profile and you can send them an encrypted message anyway with that. Protocols and methods exist already to accomplish what you’re talking about. You need to complain to the Youtuber for not practicing good security and privacy, not to Proton for not creating some mind-reading Diffie-Hellman scenario. Really, do you think that you can just send some random person a message that says “click link to open secret message!” and not expect it to just look like phishing?
If you’d rather use signal, use signal and send them an attachment encrypted with their PGP public key. This isn’t hard, I don’t even know why you’re trying to argue all these weird non-existent edge cases like they’re everyday issues.
i’m not trying to argue “weird non-existent edge cases”. all i’ve ever used email for is for formal communications wit govenrments, companies, special cases like my landlady. that is also true for everyone i know. i believe if this wasn’t a general thing, then people wouldn’t me using messenger apps, they would just b eusing email. but that is not what hapens. i don’t know your case, but for me using email is non optional. i can’t “just use signal”. i need an email for my government, i need an email because i need a github account, i need an email for any site i want to use, including lemmy. i just want to be able to do it privately. i’m just trying to determine if protonmail is actually private or just one big “trust me bro. we wont read you unencrypted messages as they enter or leave”
OK. Well, respectfully, I think it would be beneficial to find out more about how encryption, email servers, and encrypted messaging works. I think you’re quite confused about the details here, and just getting a sense of the parts will help you in the long run. People use email differently - I don’t use FB, so my main means of communication with family that is not Signal messages is email.
By “just use signal” I mean for sharing a password for a password protected email. Which you should only be sending to people you know already and can coordinate with. You’re not sending password protected emails to random people or the government because it’s not necessary for the reasons I explained earlier. If someone needs an encrypted message from ANYONE they will provide the method. Otherwise, they don’t want encrypted messages and can’t be trusted with data that should be encrypted.
Proton is secure, and I know because I had an old account I wanted to get access to and lost access to the recovery email, but had one on the same domain. I spent about a week doing back and forth emails with some guy who was trying to ask me to verify aspects of the account, which was my spam shield and dummy social media account and I hadn’t used it for about a year. All he could see, when pressed, was header info: sender/receiver, date, time, ip address, sending agent. All things that are needed to route the message. It ended up being me able to confirm IP address and sending agent and access (I sent an email to my recovery address from an IP in this range on this date, last logged in on on this date, etc.). It was a pain for both of us.
OK. Let’s leave this topic here, because we are talking about different things and have different concerns. It seems I know all I need to know about the topics you described, because I started this thread asking to check if there is something I’m missing, but none of the answers have mentioned anything that I didn’t know. Proton emails are encrypted at rest, and use LTS while sending and receiving. But none of this guarantees that they are not scanning / profiling me because they do have access to the plaintext emails while they enter and while they leave. I wasn’t looking for alternatives. I was just checking if it was actually worth the switch considering there are no privacy guarantees.
Tuta does too.
Assuming that you trust what Proton says, when they receive a (possibly unencrypted) message they re-encrypt it with your key as soon as possible and they don’t log the content. So, after that point, they (or anyone else) can’t read the email contents. If it was also encrypted in transit, then there’s only a small window inside their email processing system where the plaintext was passed from one encryption to the other. It’s only decrypted again in your browser or proton mail app with the key that only you have. It’s not bulletproof, but it’s better than most providers.
Well, the way I see it is it’s like taking candy from someone who says “I put razorblades in this candy” versus somebody who says “I did not put razors in this candy.” Sure, maybe the latter is lying but are you going to pick the former? There’s really no viable way to run your own email server with actual delivery anymore, and it’s clearnet in transit anyway, so I don’t really see the downside in “trusting” Proton or another provider enough to pick that over Google. To get any benefit, you would need to move things over though. If you’re unwilling to do that work, the reality is you’re just on Google and Microsoft and training their AIsand it is what it is. If you think about it, though, even if you move half of your logins to Proton or Tuta or whatever instead of Google, you are depriving them of half of what they know about you going forward.
SMTP relays make IP reputation a complete non-issue. As long as you aren’t sending hundreds of emails a day, there are multiple free options (free tier, subsidized by paying corporate customers who send a lot of emails).
I think a Proton or Tuta is a better option for most people than dealing with a transactional SMTP provider, which is almost certainly selling all outgoing email contents for AI training at least if not even more nefarious things.
That’s a big assumption, and that kind of behavior is specifically prohibited in the privacy policy of most, if not all SMTP relay providers, as well as GDPR regulations. If you think they’re violating their own privacy policy and government regulations and doing it anyway, there’s no reason to think Proton isn’t as well, or any other email provider, so that’s kind of a non-starter argument IMO. Plus this only applies to outgoing emails, not incoming. I don’t know about you, but I send about 5-10 outgoing emails a year, there’s not much to be gleaned there. Incoming is what you’d want to protect more than anything.
The thing that razorblades have real tangible consequences. I’m talking about something you can’t even verify. Sire, in principle those that claim not to do something are better, but with that logic, WhatsApp, telegram, and the Facebook messenger are perfectly valid communication platforms and all 3 claim e2ee.
I use Tuta mail and protonmail.
There is no “unencrypted” transfer between sender and receiver if you both use tuta or proton.
If you send an email to me from a Gmail account, it is unencrypted until it reaches the Tuta servers and the Proton severs, once there it is encrypted and remains so until I login to my account to access the email.
TUTA MAIL:
The entire mailbox – emails, calendar and address book – are stored end-to-end encrypted in Tuta.
Data that Tuta encrypts end-to-end:
Emails, including subject lines and all attachments
Entire calendars, even metadata such as event notifications
Entire address book, not just parts of the contacts
Inbox rules / filters
And the entire search index.
Tuta uses symmetric (AES 256) and asymmetric encryption (RSA 2048 or ECC (x25519) and Kyber-1024 as quantum-safe algorithms) to encrypt emails end-to-end. When both parties use Tuta, all emails are automatically end-to-end encrypted (asymmetric encryption).
PROTONMAIL:
Emails from non-Proton Mail users to Proton Mail users
The email is encrypted in transit using TLS. It is then unencrypted and re-encrypted (by us) for storage on our servers using zero-access encryption. Once zero-access encryption has been applied, no-one except you can access emails stored on our servers (including us). It is not end-to-end encrypted, however, and might be accessible to the sender’s email service.
All messages in your Proton Mail mailbox are stored with zero-access encryption. This means we cannot read any of your messages or hand them over to third parties. This includes messages sent to you by non-Proton Mail users, although keep in mind if an email is sent to you from Gmail, Gmail likely retains a copy of that message as well. Password-protected Emails are also stored end-to-end encrypted.
Subject lines and recipient/sender email addresses are encrypted but not end-to-end encrypted.
Note that ProtonMail actually supports automatic encryption to email accounts that publish their public keys in a Web Key Directory, which I’ve set up for mine. When you type such an email address in the To field, it’ll turn into a special color with a lock symbol.
Likewise, ProtonMail also exposed a WKD so people can send encrypted emails to ProtonMail accounts. I don’t know of any mail clients that support this though (I used the command line to pull keys)
Wow, til I learn about WKD! I used to have a key on keyservers, but hated how that was basically a spam trap and the fact that anyone could upload a key there for my own address. It was easy because I own my own domain and already have a web server there.
I set it up and tested it with help from www.webkeydirectory.com
Looks like it’s being added to clients: wiki.gnupg.org/WKD/DistributionOfWKD
I have private email for two reasons: using my own domain, and to promote it in general. Sure, everyone else is on Google/MS right now, but as they continue to enshittify things, maybe more people will want to move away from that. And the more people do that now, the faster/easier it will be for others.
Tuta lets you encrypt a message for the sender only, with a passphrase.
They’ll have to follow a link but still…
Makes me feel like I’m doing the best I reasonably can, even if it’s of limited effect. Also, built-in aliasing service.
This is the best reply so far. Probably not enough for me to stay, but at least not pretending it’s safer
GPG and mailbox.org or anothet “just” email service
There is an advantage of using a provider that suports MTA STS. This is Strict Transport Security and forces at least transport encryption.
There is an advantage to use a provider you pay for too and at least claims not to read your email.
It is also nice if they can host your domain and have good delivery.
Edit: I meant MTA STS not SMTP STS.
Haven’t heard of MTA sts. I’ll have to research it, but it probably doesn’t change the fact that when exchanging emails with another provider, they have to work with plaintext
Google is promoting MTA-STS. MS is at least testing it and some others. Proton mail might support, check. I use NameCheap shared hosting mail. They support incoming but not outgoing.
Sure it is clear inside each org but secures between. Nice because you can secure in your org by contract. Not as good as e2ee of course.
i read the first part of google’s article about MAT-STS. it is good for secury, but does nothing to prevent providersfor reading in and out email
No but if you have a contract with a providor you pay for, those are the terms. For example Google free servicies they mine data but their paid services they do not. Sure e2ee is better but transport encryption is good.
Makes sense. I still don’t trust them though
Yes, there is that.
IMAP + GPG
Right. So back to gmail?
No private registration or payment.
Sorry. I don’t understand
Tuta has no IMAP, vendor lock-in, bad.
Proton has IMAP with extra steps, almost vendor lock-in, bad.
Gmail has IMAP, good. So, we can use it with our own libre app, with GPG, but first we need an account.
Making a new Gmail account is not private. Also, paying for paid Gmail is not private.
sh.itjust.works/comment/20802308
Good points.
what about cock.li or disroot, if you don’t like getting blackholed?
POP is better than IMAP, the emails get deleted from the servers.
IMAP can delete too. When it’s not your server, there’s no proof it’s actually deleted. So, use GPG.
yeah, just that I like the protocol design better. also GPG isn’t that great, so maybe sending files encrypted with ssh or age(or lxmf uri messages)
Email is never private, even with encrypted email, headers give away metadata. HOWEVER, Tuta & Proton are not scanning your emails to market shit to you and train AI. That’s the main advantage.
You can’t know if they are not reading you emails to do anything. That is the issue. Because of how email works, we know that they COULD. And experience tells us that tech companies profit from breaking promises and laws.
Problem is where you send emails to is.
Yeah. That’s ops whole point.
Except that proton released their LLM AI so maybe they will start doing that?
No they probably won’t, proton is not a big enough company to train it’s own large language model instead they are using already available open source models.
Hold on, am I missing something? I don’t see anyone in here talking about that time proton openly endorsed the Republican party. Did we forget about or forgive them for that? Is it just irrelevant right now? They backtracked later but like archive.ph/2yWGz
When organizations make a move like that, they usually don’t stop pushing in that direction, even if they backtrack in response to pushback. While I’m sure they’re still better than google, I have a hard time trusting them after that. It feels relevant to talk about because like you said, using proton is adding another trust point.
Their CEO did fuck up with that, so for me they are on thin ice, but I haven’t seen anything else problematic since then.
That has nothing to do with privacy
Kind of tired of beating the dead horse on that story, but part of privacy is that you need to trust the company that you’re dealing with.
He’s out there openly praising on authoritarians move to install a puppet government and open the gateway to corporate corruption. If our privacy companies are going to be sneaky and dirty, we want it done in the shadows. All he had to do was stay quiet. But he got noisy, then the PR department started gaslighting, and none of that’s a good look for a privacy company.
The thing is, Trump doesn’t give two shits about anybody, and the guy running the company should have known this.
But now it’s old news, it can die. He can prove that he can run the company by good faith measures and doing the right thing instead of by trying to gaslight people through PR.
My general opinion is that if a company requires trust, it’s not a good privacy option. We have suffered the consequences of trusting companies a lot of times. I’m not doing that again. All I care right now is the code. If we have to alternatives with the same product but one CEO is an asshole and the other not, then I’m going with the non asshole. But I’m not going to sacrifice my privacy to switch companies jus because UNTIL NOW the other provider seems nicer. That can change at any time. Email is specially a problem since switching emails is the most time consuming part
You have to trust that:
Code is good, but there’s a lot of operational information there that doesn’t get exposed by being open.
Code in the face of no malice wouldn’t be a large worry. They rolled over on a French activist and doxxed them for the French government. Those logs should not have existed in a privacy company.
Again, this is all old news now. Let’s see him make hard decisions to protect the clients and turn the PR side of things from “the empire did nothing wrong” to hey, let’s have an open dialog.
i don’t care about their VPN. the issue you describe is very real, but it’s inherit to all vpn providers. what i care right now, is their email service. you can switch vpn providers in less than 15 minutes, but email takes days. so i wouldn’t want to go around doing all of that every time some employee says something stupid.
and btw, if you use native installed apps, then the worry of them serving malicious javascript goes way down because any change they make on the complied package would be very likely to be very obvios to someone, because its open source ( i won’t go into detail here).
Yeah, I feel you about not wanting to move your email. Email is inherently insecure. My only real problem with their email is that they give people and false sense of security that their email is secure. It’s only secure as long as it’s on their network and it’s not like it’s end-to-end. If i remember correctly, their back-end email server is one of the things that’s not open.
Got banned on their sub for criticizing that clown Andy the bootlicker.
They are happy to shill free speech when they take your money, but no free speech when they get criticized.
Tells you what you need to know about corpo.
Their email is best in class though. Other services are mid at best.
I pay the amount of maybe 10 $ a year for having my own domain hosted at a mail-hotel, and that means I control my own e-mail. I think it’s worth it. There more who switch, the better.
Could you elaborate? What is an email hotel? I’m guessing you mean an email hosting.
just like a webhotel, just for mail instead… So yeah, like you can pay someone to host your website, you can pay someone to host your e-mails with your domain name…
That sounds like the worst option of all. At least I can trust google has some protections in place to stop employees from looking at you email, because if they didn’t there would be thousands of cases all the time.
In your case, you never know who is looking. At any point a rogue admin can issue a bank password reset and just read the email
I’ve never heard of the term web hotel before. I’m guessing its web hosting
Google literally opens all your email and scans the contents to build an ad profile on you. They scan all attachments too.
Of course. But you didn’t switch to a trustless provider. You switch to a nobody that has nothing to lose by reading you email. Also my point is that google has programs reading every email, but not people. They probably have a lot of locks to stop employees form accessing users email
Sounds like you don’t know what you are talking about. :-) That’s fine, but unless you know something about the topic, you shouldn’t really be judging…
I know exactly who is looking. And I would also know if anyone tampers with the passwords. I guess you don’t have the skills, and that’s fine. You might even think that there’s anything in the world that is totally secure. There’s not a single thing that is secure.
Oh, what is this? - https://www.forbes.com/sites/zakdoffman/2025/08/25/google-warns-most-gmail-users-must-change-passwords/
Good for you
I wouldn’t say you have gained nothing. The amount of data provided to google or microsoft when using their email is significantly more. For example, your app or client is checking email all of the time, giving them telemetry on your location and activity, all your devices, 24/7. Google logs and analyzes all of your interactions with Gmail’s web pages, how long you have certain emails open for, what you don’t bother to open, what you tag as important, etc.
Much of the one-way email you sign up for from companies and organizations come from smaller outfits like sendgrid or their own infrastructure, so you are cutting google out of information about your associations and interests.
Also, in regards to that 90%, you can either be part of the problem for all your contacts, or part of the solution. The network effect is huge.
Interesting. Damm it. I was hoping to go back to gmail because its more convenient. But if it actually provides better privacy, then I guess I can stay :(
the thing with proton is you don’t really know that they’re private and they pretty much always collaborate with the police and their android vpn app collects some data that it doesn’t need to. I would suggest you:
I don’t know how old are you or where you live, but for everyone I know it’s non optional. My government requires an email. And for any site I want to use I require an email. Even Lemmy.
Privacy is multiplayer. When your government needs it, we must do more to spread these ideas.
I don’t understand what you are trying to say
that’s why I said ‘ideal’…
a corporation is a legal extension of the state, hence why all of them will always collaborate when ordered by the courts or otherwise required by law.
some will even collaborate when they are not required by law such amazon ring providing pigs access for no reason, facebook censoring content per request of US or Israel... needless bullshit but hey it helps get government contracts ;)
bottom line, expecting corpo to do anything for you for 5 bucks a month is naive, at best they should not do it for no reason and they should not sell your data.
but even that is a tall order for these parasites.
yeah, the solution is to use a provider which is not a company.
You could self host your email
Yes. But then again. If no one I know uses a private provider, my emails will still get scanned and read.but it its 1000% less convenient