Email
I've used anonaddy/addy.io since launch and highly recommend a paid account once you've realized the benefits of the free package alone.
I've used Tutanota similarly since inception but mostly just because I like the "tuta.io" domain. Many people experience some sort of mental break when you share such a foreign sounding email handle.
"So, I'm gonna repeat this back to you: at t-u-t-a?"
"Yes, ma'am."
"...ok, so then dot i-o dot com??"
"No, ma'am...just dot io. No dot com."
".............."
Both Tutanota and addy.io have very low-entry, paid plans...couple bucks per mo, IIRC. Tuta's basic plan allows for 5 or 6 aliases and a handful of available domains.
raccoondad It just so happens email is not private or secure, but some mail services handle it better than others.
For an example of doing it worse than others. Sadly he didn't name and shame. https://infosec.exchange/@briankrebs/111898308899679153
Each inbox -- whether for company customers or employees of those companies -- was viewable just by visiting a link with a web browser and clicking links. Everything was exposed in basically one big file index.
minxes0v Sounds like something id implement NGL, I tried running a mail server, did NOT end well...
ezlover Tuta's basic plan allows for 5 or 6 aliases and a handful of available domains.
Just to avoid confusion, you are referencing their old plans which you might be still on if you didn't cancel or upgrade. Their current paid plans allow for 15-30 aliases (unlimited if you use your own domain).
For me this was huge when they switched to unlimited, because before I could only use up to 100 aliases on a maxed out account at almost twice this price. But the new pricing is simplified and depending on your situation you might have to pay more for all the features you were using.
raccoondad great, but still not gonna switch to Gmail lol
minxes0v Write-up for this incident. https://krebsonsecurity.com/2024/02/u-s-internet-leaked-years-of-internal-customer-emails/ Lesson being, sometimes it's better to go for bigger, more established providers, with the exception of Microsoft.
SimpleLogin works well.
raccoondad No email service is going to be private/encrypted, that's not how email works.
Actually, that IS how email works, unless the email servers you are using aren't enforcing encrypted connections. You write an email, it connects to your email server using port 465 or 587 (both are encrypted). Your email server then does a DNS lookup to find the MX record for the recipient and then connects to the recipient's email server using port 465 (again, encrypted) which then stores the email. The recipient then periodically connects to their server using port 993 (imap, again encrypted) to retrieve email.
The belief that email is not secure or encrypted is rooted in the bad old days of port 25. Nothing should be using port 25 unencrypted SMTP any longer.
- Edited
IK how email works, I ran my own mail server in the past
"it connects to your email server using port 465 or 587 (both are encrypted)"
I'm referring to on server encryption not transit encryption...
'The belief that email is not secure or encrypted is rooted in the bad old days of port 25.'
This is just misinformation and the evidence is pretty clear if I open up my mail servers settings and select 'reset user password' in the admin. Or just su into a unix user as root and run mail/mutt. Please do not spread misinformation
"Nothing should be using port 25 unencrypted SMTP any longer."
Yes I know this is the standard
Transit encryption is important. So is message encryption
Guess which one email does NOT have
Its insanely easy for any sysadmin to access mail content and Google does this all the time (PhotoDNA for example)
This is one of the main reasons GPG exists and why most GPG keys include an email....
Encrypting in transit doesn't mean email is an encrypted service, it means it's doing the bare minimum
- Edited
bookreader
Disclaimer: I’m not an e-mail specialist.
Actually, that IS how email works, unless the email servers you are using aren’t enforcing encrypted connections.
The thing is, most mail servers and services out there are not enforcing in-transit encryption.
Since, in terms of e-mail, the implication of mandatory encryption means that some messages will never be delivered, opportunistic encryption has been the most widely adopted method.
Full mandatory TLS or selective mandatory TLS only represent a small part of e-mail traffic, with the former being probably rare. Delivery reliability has been the choice of most; that’s why opportunistic TLS should be considered as the main reality of e-mail.
For instance, Gmail do opportunistic TLS by default; the mandatory TLS has to be chosen by the user.
https://support.google.com/a/answer/2520500
Gmail statistics are pretty clear: for the period 2023–2024(Feb), 9.1% of outbound e-mails were not encrypted. And those statistics are only pertaining to Gmail senders.
https://transparencyreport.google.com/safer-email/overview
Moreover, from what I understand, any mail transfer agent (MTA) can read e-mails. MTAs can receive with TLS and then transfer with TLS, but in between, TLS has no power. But since those hops are part of the transit in a sense, it’s difficult to argue to the end user that his messages were fully encrypted during transit.
Also, the mail header can be falsified by any relay; the consequence is that we can’t even trust the TLS mentions inside it.
It’s pretty difficult if not impossible to be sure that a given message has been fully encrypted during transit. And for many cases, you want to be sure before and not only after reception.
So, e-mail can be encrypted, or not. AFAIK, that’s a fact.
leafnose For instance, Gmail do opportunistic TLS by default; the mandatory TLS has to be chosen by the user.
Forget about using gmail as an example. Its up to YOU to set the encryption policies that result in the security that you need. Don't like the policies set by XYZ email server? Set up your own.
bookreader
I think that it’s pretty relevant to use Gmail with its soon 2 billion users as an example in order to describe e-mail reality.
But maybe we’re not talking about the same thing.
E-mail is a collective system; most of the time, it takes at least two people for an e-mail to be transmitted, a sender and a receiver.
With in-transit encryption, even when mandatory, it’s pretty difficult to ensure that the content of a given message will stay private and unaltered. At least, as far as I understand, that is the case with the hop-by-hop transport model used by e-mail.
What are you suggesting then? To control the whole route, each hop, and even the receiver infrastructure? In this case, we’re not talking about the collectiveness of e-mail…
Mandatory encryption has a cost. It is true that you could simply blindly use mandatory TLS, and accept that some e-mails will never be received. So, yes, from this perspective, e-mail would be more secure, but also more unreliable and totally impractical regarding deliverability.
But what’s the point then? It’s easy to be secure if you’re ready to accept many messages should be sent by other means than e-mail, and that you’ll never be aware of some messages meant to you.
The reality is that people, institutions, etc., who will send you e-mails, or ask you to send them, sometimes more or less pressingly, won’t set up their own mail server, according to your preferences, if it’s not already the case.
At this point, you’re describing something else, because e-mail is inextricable from its collective nature. It’s like saying snail mail is totally secure, as long as you choose your postman and control the sorting centre. At one point, you’ll have to trust intermediaries (e.g. MTAs).
E-mail is popular because most people do not have to dedicate themselves on the technical aspects; for most people, it just works.
Most people don’t manage their own mail server, and use opportunistic TLS for their daily correspondence, even on this forum; so what’s the conclusion? That most people have poor preferences, or that e-mail is not inherently secure?
And let’s not forget that there are other risks.
Sure, e-mail can be secure, up to a certain point, but acknowledging this is not the same as saying that e-mail being insecure is a mere belief. And by secure, I mean you should use PGP, most of the time.