|
|
#1
August 6th, 2012, 07:44 AM
|
||||
|
||||
vmail.me - SSL webmail service
__________________
XP Pro SP3: Comodo FW/D+ 5.10 ▪ Sandboxie 3.76 ▪ VT Hash Check 1.01 ▪ OpenVPN 2.2.1 ▪ VirtualBox |
|
#3
August 7th, 2012, 06:42 AM
|
||||
|
||||
|
Re: vmail.me - SSL webmail service
... because I said so.
really, It encrypts your emails with no need to use a client like Outlook/Thunderbird and thumb through settings to accomplish the same, and have the client sucking up resources real-time as well. Easier/less bulky to use. Most webmail services, like GMail & AIM won't do this, and are susceptible to that MITM. It's encrypted when you sign in, but then you'll see that goes away once you're in there. Though I guess I can't say with vmail it's "end to end" since that relies on the receiver holding down their end as well.
__________________
XP Pro SP3: Comodo FW/D+ 5.10 ▪ Sandboxie 3.76 ▪ VT Hash Check 1.01 ▪ OpenVPN 2.2.1 ▪ VirtualBox |
|
#4
August 7th, 2012, 07:03 AM
|
||||
|
||||
|
Re: vmail.me - SSL webmail service
Quote:
Thunderbird sets up secure connections to Gmail by default using its new account wizard. Browser or mail client, they will both be sucking up resources. Quote:
"Gmail is set to use the 'Always use https' setting by default" https://support.google.com/mail/bin/...n&answer=74765 Quote:
It can't do unless you provide them with a valid decryption key, e.g. using gpg or a direct SSL connection. |
|
#6
August 7th, 2012, 12:32 PM
|
||||
|
||||
|
Re: vmail.me - SSL webmail service
Quote:
Yeah, but the thinking is you'll have the browser open doing stuff already, so nothing extra added. Then when you're done, it's closed, whereas that client keeps running in the background using up resources all the time. But then again I'm not perpetually expecting emails. If your job depends on replying quickly to them... then it's the only way to go. Depends on your needs. Gmail... I just don't trust anything Google, period. There are other good privacy related things about vmail too. One can read about it all on the homepage. All traces of logs deleted within 3 months... that's something you won't get with a Google product. In fact I doubt they ever delete any piece of info. they ever obtain about you. No info. shared with 3'rd parties/no targeted adds (likewise, something you won't get elsewhere). Less header information (no IP). A virtual keyboard to login. The most private/anonymous webmail service there is, probably. And I figured such a thing would be welcome info. in a place like this.
__________________
XP Pro SP3: Comodo FW/D+ 5.10 ▪ Sandboxie 3.76 ▪ VT Hash Check 1.01 ▪ OpenVPN 2.2.1 ▪ VirtualBox |
|
#8
August 7th, 2012, 05:53 PM
|
|||
|
|||
|
Re: vmail.me - SSL webmail service
Quote:
Not true at all, I'd argue Gmail from a security standpoint is more secure than most online banking websites. It enables SSL/TLS by default, and deploys two-factor auth for clients using their webmail interface. As SSL/TLS is enabled by default, unless you are spoofing their certificates there is no MITM possible. Quote:
Google stores identifiable user data for 9 months. Email and profile data is scrubbed 60 days after deletion of account. Also why 3 months? Most privacy based webmail systems will scrub as soon as possible and only log system level information. Quote:
I do not agree. I still have not been able to ascertain how they fund themselves if they do not share information. Also from their website Code:
__________________
http://tools.ietf.org/html/rfc3514 |
|
#9
August 8th, 2012, 02:43 AM
|
||||
|
||||
|
Re: vmail.me - SSL webmail service
Okay scratch GMail as far as the SSL goes. I know it applies to AIM and most webmail though.
Not sure how they make money, or "if" they do. I know registration is very limited. For a month straight (about) no one was able to create an account. So that's a sign of very limited resources/servers. I'd be more suspicious if this wasn't the case. Google, on the other hand, has already proven (time and time again) that they cannot be trusted with people's information.
__________________
XP Pro SP3: Comodo FW/D+ 5.10 ▪ Sandboxie 3.76 ▪ VT Hash Check 1.01 ▪ OpenVPN 2.2.1 ▪ VirtualBox |
|
#10
August 8th, 2012, 02:48 AM
|
||||
|
||||
|
Re: vmail.me - SSL webmail service
A lot of companies don't earn much (if any) money when they first start up. They depend on getting a good company model out there first. Then when they gain more users/interest, you'll see them start with the adds... though perhaps not of the targeted variety in this case. Or the developers could have another cash crop/money maker, and this is just like a hobby project for them.
I wouldn't doubt that this is the case here. Due to what I pointed out about the very limited server space, and until I see evidence otherwise, they get the benefit of the doubt from me at this point. Google on the other hand... that ship has sailed long ago. I don't understand how anyone in a place like this would use any of their products given their track record of abusing users info./privacy.
__________________
XP Pro SP3: Comodo FW/D+ 5.10 ▪ Sandboxie 3.76 ▪ VT Hash Check 1.01 ▪ OpenVPN 2.2.1 ▪ VirtualBox Last edited by luciddream : August 8th, 2012 at 03:06 AM. |
|
#11
August 11th, 2012, 04:13 PM
|
||||
|
||||
|
Re: vmail.me - SSL webmail service
Just spotted this thread. I was playing with vmail for a few weeks for a writeup so I'll add a few things.
Good: -no ip addresses in headers (webmail AND smtp) -no client user agent in headers -logs purged after 3 months -light and attractive interface -allows their smtp to be used with non-vmail sender domains so for ex., you can send mail using vmail's smtp but receive using yahoo's imap/pop. -default ssl connection (but mail is not stored encrypted on their server, it's not end to end encryption). Bad: -webmail interface is still VERY basic. -logs purged after 3 months -reliability. vmail is down surprisingly often. The site is down as of now and all of yesterday I was getting mail-undeliverable rejections due to a missing spam file in their /etc directory.  Last week there was a full 24 hours when I got nothing but 502 when trying to log on.I contacted them about their privacy policy and funding (2 separate emails) and the next day received a response that they're trying to work all the bugs out before drafting a privacy policy. I haven't heard anything about how they support themselves. Maybe when they're back online?
__________________
Research for Security & Privacy www.thesimplecomputer.info |
|
#12
August 11th, 2012, 07:02 PM
|
||||
|
||||
|
Re: vmail.me - SSL webmail service
Yeah it is down right now, but this is the first I've ever seen it be. I think they're basically in beta phase of operations right now. Server capacity seems very limited and they seem to be still working out details/bugs. They don't even have their privacy policy fleshed out completely yet.
Probably not a good idea to rely (solely) on them right now. But I say give them some time to iron this stuff out, and it's a good service going forward. I think I'll keep using my ISP's webmail mainly and keep my vmail accts. on standby. I would use GMail if it wasn't Google. I love the features & the encryption/tech implemented. I feel the same way about Chrome. I love the built-in security it offers via privileges/restrictions, and tabbed sandboxing... but I just don't trust Google.
__________________
XP Pro SP3: Comodo FW/D+ 5.10 ▪ Sandboxie 3.76 ▪ VT Hash Check 1.01 ▪ OpenVPN 2.2.1 ▪ VirtualBox |
|
#13
October 11th, 2012, 09:10 AM
|
|||
|
|||
|
Re: vmail.me - SSL webmail service
I've noticed their stability has improved since the migration to roundcube. But, I now have to go to vmail.me/webmail in order to login. Clicking login on their main site gives me a password error.
But, yeah, it bothers me as well that they don't have a privacy policy. |
| « Previous Thread | Next Thread » |
| Thread Tools | Search this Thread |
|
|
