Choice of email service for private stuff

Hello Wilders,

I have several e-mail accounts, but all of them are used for internet stuff. However now I am in need of a proper personal account, to deal with more sensitive/private content. I'm not asking which one is the best, since all services listed bellow provide the basic function of sending and receiving e-mail, which is all I need.

My options are the usual big three:

Gmail - Overall good service, but lately I'm kinda wary of Google and I dislike the way it keeps nagging me to give my phone number.
Yahoo - Never used that much their mail service. Didn't like how they pushed social junk down your throat and weren't very clear about it.
Hotmail - Up until Wave 4 I thought it was pretty ok. I'm not too fond of its new "social features" and the fact that it creates a profile for you. Granted, like Yahoo, most of it can be disabled/set to private.

So, which of these three is the lesser of the evils, specially in regards to privacy? They all seem to be mixed to some degree with social networking, which I'm not too fond of. Please, this is not a “which one is the best” topic. I'd like just some input from the more experienced peeps. Which one did/would you chose as your personal e-mail?

I wasn't sure if this was the appropriate section to post, so please feel free to move the topic to the right place.

Thanks a lot.

 

Honestly, for "private" information you wish to remain "private", i wouldn't trust any of them without using encryption. Email users fit into 4 categories with the majority in position #1 and it appears you match with #3.

#1: Have absolutely "No Clue Whatsoever" how insecure and non-private regular(plain text) email is.

#2: They know but for whatever reason, don't seem to care. However, i am willing to wager that most of them would be furious if they spotted the Mailman walking up to their house having opened their mail and was reading it!

#3: Don't care about most of their email except for important info they definitely want to remain private.

#4: (My Category) Doesn't matter how simple, unimportant the email is - it's my business and the receiver's business and "absolutely no-one else's business"

 

.......... continued if i may............

So your choice is to use a form of open pgp encryption e.g. Thunderbird/enigmail, Instantcrypt, etc or you use a service which handles the process securely (locally) for you which you get a new address and everything send and received between these similar addresses is secure and automatic. Here are 2 freebies and a paid service.

O!polis - http://www.opolis.eu/community.html

TrulyMail - http://trulymail.com/

CryptoHeaven - http://www.cryptoheaven.com/

 

For privacy? I would use an offshore account with Thunderbird/Claws + GPG. These cost from $2.50 to $3.00 a month.

http://www.offshoreinbox.com/ (Panama)

http://www.katzglobal.com/hosting/offshore_email.html (Singapore)

http://www.novo-ordo.com/sr_features.php (Panama)

 

Is enigmail compatible with W7 64bit. I was just looking at their site, and it says for windows 32 bit. I didn't see any mention of 64bit.

 

im really weak regarding computer communication - it confuses me ... but what u r basically saying is that one should use Opolis(4 example) as an email server and Claws or T-B as email client ?

p.s - are those servers free?

 

Thanks for the replies so far. I forgot to mention that paid services are not an option, unfortunately. Encryptation sounds good, but I can already see it won't be hassle free as most of my contacts could care less about it. Seems like I'm stuck in a rut.

I thought of setting up a account more "business like" as in name.surname @ something.com. It won't deal with overly sensitive stuff, it's more akin to a personal e-mail, instead of my junk accounts for forums/instant messenger/spam. The only “serious” email account I have is for when I seldom decide to do online shopping, but no one except me knows the address.

The problem is that sometimes I have to give an email address, be it for college or a potential job proposition and name.surname@ sounds better than randonnickname@. I don't know if I'm making myself clear, but this is what I mean by personal/private. That's the kind of content this account will deal with.

So in the end, all the big three are bad? No one respect even a little your privacy? Does anyone here keep a more personal account, be it with Yahoo, Gmail or Hotmail and have anything to add to the discussion?

Thanks for the help!

 

Does anybody have any comment on http://www.dreammail.eu/intl/en/home.html . The info says it is more geared toward encryption but I have doubts, I installed Dreammail on my computer all went fine till I restarted the computer I got a error message DOA.mis can't be found, please point to the installer or something like that. On the next reboot I got a blue screen. I removed Dreammail post haste and did a scandisk, checkdisk and anything else I could think of. That was about 5 weeks ago.

 

There is a portable version you can try. Very feature rich client. Not sure what encryption they use but you can "password protect" your emails. However, the "receiver" must have DreamMail installed to decrypt them.

 

For example: Thunderbird/Enigmail/GPG4WIN (all free) - you use an existing email address (your isp, hotmail, gmail).

O!polis: comes with it's own client and gives you a new address. Encryption is automatic between opolis users and can only send and receive to other opolis users.

CryptoHeaven: Comes with it's own client and address. Automatic encryption between cryptoheaven users. Can send encrypted mail to non-cryptoheaven users. Can also receive "plain text" emails to your crypto account which get automatically encrypted with your public key when they hit the servers.

Trulymail: I'll let poosey rest his thumb!

 

Any of the above. If you do the encrypting on your end (and on your contact's end) then any e-mail provider is as good as the other. If you encrypt it prior to it leaving your outbox, no one but your contact is reading it. Encrypting e-mail at your end is the only way to ensure privacy.

EDIT: Yes, it can take a little reading to get a public/private keypair generated and to send it to your contacts and then setup your e-mail client, etc. But if your info is important enough, you will find a way.

 

You can check out GMX at https://www.gmx.com

 

Get COTSE account (paid).
Use in conjunction with Thunderbird portable.
Keep Thunderbird portable in hidden Truecrypt container.

I cite COTSE as email sent does not reveal O/S, machine name, email client and release information, and most importantly hides originating IP address (ie your broadband, WORK, or hotspot connection).

 

It doesn't encrypt email. It only uses SSL between a user's machine and the email servers. E-mails themselves are still sent in plain text across the internet. This is the same thing Google and most other mail providers do. Sure, it's better than nothing, but it does not stop anyone from reading the email as it travels from the email server to a contact and vice versa.

It seems a lot of people are confused about end-to-end encryption vs. SSL email servers. They are not the same thing. If you want real privacy you need to encrypt end-to-end and the best way to do that is with PGP or GnuPG. This means generating your own keypair and sending it to contacts and having them send theirs to you.

 

Unfortunately most businesses and people do not and will not use encrypted mail. VPNs and anonymous offshore email providers become the best options, especially in countries with data retention laws.

 

i wonder ... why wont anybody suggest establish a self email server - like it used to be with Eudora before gmail , yahoo and friends took over . isnt it the best choice ?

 

You want to run your own email server? That's probably a little too technical for most folks. And email still travels the net as plain text between servers, no?

 

Exactly. Even if your mail server is secure and encrypted, the e-mails when they leave your server and travel to your contacts are not encrypted. The only way to fix that is to use end-to-end encryption by generating your own keypair and having your contacts do the same. Then it doesn't matter who intercepts it -- they ain't reading it without the private key.

 

Are there encrypted protocols for server-server email transmission? It's rather antithetical to the fundamental design, which focuses on routing around damage. No?

 

Another thing not mentioned is your email is most often "relayed" from server to server to server(s) before finally landing in the recipient's inbox with a copy of your email stored on every one of these servers

 

I realized that along time ago, thats a good reason to make a email server.

 

That wouldn't prevent it.

 

Point taken.

Thank you very much for all responses, seems the topic turned into a very enlightening discussion.

 

If they can't link your IP to your mail account and your plain text contained no personally identifiable information (e.g. you correspond pseudonymously and use virtual debit cards) then it wouldn't matter.

 

seems ive totaly neglected it .... - im just getting to learn about computer communications so i still dont see the whole picture .

p.s i only have some lame books on communications so can anyone give me some quality links ?