Riseup mail

N1b

Exhort14 They are a business without VC or shareholders, so paying customers are their revenue source. Personally, I'd be a lot more skeptical if they weren't focused on growth of product and customer retention.

By this logic, GrapheneOS would be less trustworthy than PixelOS. Or RiseupVPN less trustworthy than NordVPN etc.

But I think I get your point. Organizations need to make money to keep their services around and improve on them, even the Open Source spirited ones. Which is a great opportunity to remind everyone to donate to GrapheneOS if you can, they do amazing work and need every dollar (or Satoshi) they can get.

Overall we all need to make informed decisions and for some the best answer is ProtonMail, Tuta, Riseup or mailbox.org. We might have good reasons for or against each of them, but all will be better for privacy than Google, Outlook, iCloud or Yahoo.

I honestly think about giving Proton a try because of how well the mail, aliasing and password manager are integrated. Personally I'll stay at Tuta and Bitwarden for several reasons, but it'll be probably easier to convince my family and friends to use Proton when it's more convenient rather than complex compared to their current solution. Making an alias in Tuta and then creating an entry in Bitwarden takes probably 10x more time than just click two buttons in Protonpass...

Rizzler

ryrona Tbh since its not end to end encrypted unless both ends are using proton, I don't see the selling point of this specifically. I've started to take a liking to cock.li since they are honest about what they can/can't do, support third party clients, and don't require involved "human verification" (deanonimization) practices like proton. Proton doesn't let users pay for it in Monero, or privacy coins and encourage users to use Bitcoin which is anti-privacy in my opinion. In their crypto wallet, they exclusively support Bitcoin also. I've seen enough at that point. Its very clear that they are more interested in the investment side of crypto than privacy. Their users' views don't align with this Brave NFT crypto bullshit anyways, so I have only one explanation why they only want to support BTC. Proton enshitification is coming..

[deleted]

Rizzler Proton aren't about anonymity, they're about privacy.

ryrona

Rizzler Tbh since its not end to end encrypted unless both ends are using proton, I don't see the selling point of this specifically.

Almost half of everyone I ever mail are also using Proton, but yeah, we really need a standard for end-to-end encryption in email that federates between providers properly. But maybe everyone thinks email is legacy at this point for anything else than account sign-ups.

Rizzler I've started to take a liking to cock.li since they are honest about what they can/can't do

Proton is also encrypting all non-encrypted email received for your inbox, so only you can decrypt it. A very big reason for doing this is to protect themselves from law enforcement requests for data. By not having the data, they avoid being overloaded with such requests that they have to comply with, and avoid the bad publicity linked to having to hand over user data. Well mostly at least, sometimes law enforcement has been happy enough with obtaining IP logs. There used to be a very reputable email provider Lavabit, that was similar to the one you link, except no vulgar or excluding language, and always free. They were honest that emails weren't encrypted. But then suddenly US law enforcement demands them to hand out all mails belonging to an "esnowden" having an account there. Lavabit shut down their service after that, as you can probably imagine. They said they cannot protect users such as whistleblowers. Yeah, Edward Snowden revealed he was the one leaking NSA documents shortly after that. This whole event was what caused Tutanota and ProtonMail to be formed. They realized all mails need to be encrypted for the user inbox such that they cannot hand over emails on demand. And of course both of them added end-to-end encryption for mails sent between users of each provider. The reason Facebook are now introducing end-to-end encryption in Messenger is not because Facebook care about user privacy, they don't, at all. They do it to protect themselves from law enforcement. The less data they can hand over, the less of a target they will be. And now after Telegram, one of the few chat apps that was still entirely unencrypted where forced to hand over massive amounts of user data, Discord quickly decided to also start switching over to end-to-end encryption, even if they have been opposing it in the past. To protect themselves from that.

I am afraid the email provider you link aren't very secure at all. They are honest about it, but there are reasons Tutanota and ProtonMail were made.

Rizzler

[deleted] Oh, I get it, so next time you sign up to any service I bet you'll be happy to provide your SSN to them ;)

AtavisticPuma

ryrona
Email is a legacy protocol that we need to move beyond, if we are to stop encouraging the collection of huge amounts of data and metadata to the 4 big free providers.
Every email service that encrypts emails at rest has the technical ability to save a plaintext copy of those emails before encrypting them, you are just choosing to trust them when they say they will try not to.
Even Lavabit had complied with other search warrants prior to the Snowden incident.

Rizzler

ryrona Nothing stops PM or Tuta from intercepting your mails server side. I trust cock.li more than PM because they don't pretend they can do anything about this possibility. I'd say Tuta is on an equivalent level, because I don't find them as suspicious as Proton.

similar to the one you link, except no vulgar or excluding language

I don't really find trolling user testimonials concerning.

I am afraid the email provider you link aren't very secure at all. They are honest about it, but there are reasons Tutanota and ProtonMail were made.

What you wrote is very true and nice, but as you now know, they are able to read all your mail. What happens when it comes to your inbox is not important if they are able read it beforehand. The provider I linked to isn't less or more secure than proton. The backbone of email is very simple (you can run an email server yourself easily) so if you were to make a case that their infrastructure is more vulnerable - maybe. But they rely on the same tech held together by ducttape. Email is a non-private technology and I think the most important part is to minimize the data collected at signup. Proton butchers this unfortunately.

I don't think trusting their deceptive/disingenuous marketing will serve most users right.

akc3n

Wilflower
...
-riseup
Is anyone able to share with invitation code to riseup mail?

Their support knowledge base entry, How do I invite a friend?, states:

Please note that new accounts can't generate invite codes. After some time this feature gets enabled.

Despite that, long term standing accounts have this notice posted within the account holders 'Invites' section:

We were having several new accounts causing problems for others in cases that go from from sending spam to harassment. As an emergency option we reduced the amount of accounts that can create invites while we figure out a better way to proceed with this. We are sorry for the problems this could be producing, but we have not an easy problem to solve here and we need time to figure out the next steps.

akc3n

As a side note, it's worth mentioning that one of RiseUp's co-founders and board members also serves on the board of directors at calyx.

yiit

Wilflower

You may want to keep an eye on the long-form email-like messaging. I can't speak to how similar or different it will be to actual email, but it could be an option.

https://simplex.chat/blog/20240814-simplex-chat-vision-funding-v6-private-routing-new-user-experience.html

Wilflower

yiit

Thanks for the recommendations!
Thanks to everyone taking part in the discussion, for recommendations and advice :)

I think I'll choose tutamail, and cock.li.
Best regards!

« Previous Page