Best Online Privacy Email Services & How To Use PGP

They use the same applet and same mailservers, but the login page is different. Hushmail controls the the encryption-type with a cookie, if this cookie is deleted or changed their login page will switch back to the "weaker non-Java version, Cyber-rights do not have this cookie.

 

Ohh CounterMail has an account here on Wilders...

To bad you didn't offer a small free account, I'd be there and promoting it to others too if you did...

I know Safe-mail is from Israel and I forgot about all this, but yeah I'm not going to bother with them....

Did you read the 'About' section?

3rd paragraph;
in collaboration with Hush Communications.

Hmm I wonder how much of Hushmail is in on this? Going to have to email them and ask...

 

I think it might have been:

http://cryptome.org/0001/wikileaks-sec.htm

"Yet when the prying eyes are federal investigators, it turns out that Hushmail is not quite so secure. The indictment of Drake makes plain that the feds pierced Hushmail’s encryption either via technological or legal means, noting, among other things, that “defendant DRAKE scanned and emailed Reporter A electronic copies of certain classified and unclassified documents."

Personally I woulld rule out hushmail and any business registered to or operating from OR servers located in any jurisdiction of USA.

If a high enough source (like NSA) asks, people will more than likely hand over the keys in the USA.

Not that I have need for a NSA-proof mail myself - I don't even use encryption myself.

 

Europe adheres to the same laws when it comes to privacy. If a governmental organism requests any encryption keys from you or the service provider (email or what ever else), based on suspicion that you may be involved in criminal activities, than you or the service provider MUST deliver them the "key".
Not using any encryption myself either, but should I be using it, I don't see much of a problem with governments monitoring. What I'd care is that cyber-criminals not get hold of my sensitive data.

 

I don't think this is correct, it's few European countries have laws that demand to reveal decryption keys. As far as I know it's only England and France that have these laws.

http://rechten.uvt.nl/koops/cryptolaw/cls-dom.gif
http://rechten.uvt.nl/koops/cryptolaw/cls-sum.htm

/Simon

 

There is no independent indication that "the feds pierced Hushmail's encryption" by technological or legal means. A few years back, Hushmail was shown to have a security flaw which allows password capture. That is entirely an entirely different matter than "piercing" encryption. And it is sloppy to say that serving a warrant, in and of itself, allows a "legal" piercing.

John Young posted Schonefeld's drivel to contrast Wikileaks' communications against a known standard or compromise.

 

MailVault is offering free 4Mb accounts at the moment. Works fine with Tor.

 

Is Maximillion in the same vein, but which adds anonymity similar to TOR to prevent tracking back to the author?

Do any of these require the user to run their own email server?

 

Just saw this one and signed up for the free version for alittle test drive http://www.privacyharbor.com/

Free version very generous with the space (500MBs) but lacks some of the extras available in the paid version.
All emails can be sent encrypted and are held on the servers where fellow harbor users will pick it up upon logging in. Non-harbor users pick it up with a follow link.
Again, not perfect but much better than everything plain text. I will add the web application is very robust with a nice, clean interface and a unique spam filter that intercepts and holds all email until you give it some training so to speak.

 

Ahh the Metropipe people, looks interesting...

Thanks Tobacco this looks nice, but I wonder about doing business with a USA company...

Cyber-Rights, I sent those people two emails and never once did they have the decency to reply, so forget them, you don't reply to email then you're not worth it!

 

Just use PGP/GPG and be done with it. Never have understood why so many people want to pay someone else to do it for them.

 

The problem with that is that just using the PGP is not easy for a novice. And there is absolutley no credible push to make it easier. Even NSA, who should be encouraging us to encrypt our data, do not, and actively subvert movements to promote encryption efforts. Seymour Hersh writes here:

http://www.newyorker.com/reporting/2010/11/01/101101fa_fact_hersh

The fact is, PGP is not friendly, and many people have a vested interest in keeping it like that. That's why encrypted webmail is a vital concern, despite the disinformation campaigns launched against those providers as well.

I would add that NSA's interests align with hackers because they are hackers. Not that's there's anything wrong with that

 

Not quite so easy, that means to have it done 100% right both parties on both ends are using these methods and that's not going to be possible in all email situations.

If all we were talking about was just emailing your friends and family that would be one thing, but to use email for any and everything you can use it for to all sorts of people around the world for personal and business purposes, forget it...

I'm talking more about covering your butt the best you can, send out encrypted email that others can receive, but if they choose to send back to you through like Gmail, then hopefully the email provider you are using has measures to maintain your privacy...

 

That's a pretty good description of the problem. And Hersh has a funny quote from Diffie that sums it up pretty well:

Read more http://www.newyorker.com/reporting/2010/11/01/101101fa_fact_hersh#ixzz19iNUKEIj

"Non-friends" can't be depended upon to get pgp right. But they can usually be convinced to sign up for private webmail.

 

I dunno, I find PGP/GPG pretty easy. Generating a key-pair takes all of 2 minutes, and sending the public key to a friend is as easy as emailing it to them (or uploading it to a key server).

For GPG, all you have to do is type "gpg --gen-key" and answer a few questions.

For PGP, you can follow these instructions.

 

Let's say I am a U.S. small business owner trying to import widgets, say, cobalt jewelry from China and India. I'm coordinating shipments through two countries, just to start, and I'm going to be dealing with at least two, and probably as many as four, language barriers. Plus, I'd like to exercise reasonable control of my information, right down to the factory. Sure, it's probably an exercise in futility to assume any of it's going to stay private anyway, but I have to take into account due diligence (into what constitutes a reasonable standard of care and possible litigation concerns re: using "reasonable" information security, uh-oh,) at a bare minimum. I understand networks, because I'm a small operator in one myself. But the problem is, our network is a complicated technological mashup, and even though we all owe this reasonable standard of care, (coming soon, I promise) we're pretty busy with trying to turn a slim profit. Plus, the "IT" people for the whole operation are me and the Chinese factory owner's son, when he has a free minute off the floor.

Tweak the details and multiply that scenario by 5 billion.

chronomatic, those instructions look like crap in that case. Seriously. Look at them. And gnu is worse. We're opening (insert your favorite encrypted webmail) accounts in the next ten minutes instead, thanks.

 

I think you're being wise towards me, especially with that foolish quote.

So why don't you explain how someone with their own encryption methods are going to send emails to all their clueless, non-techie friends, as well as to all email communications you want to do on the internet for various things one can imagine and then send and receive encrypted email when no one else is using anything but you?

 

Well, actually, I think you're being foolish, pretending that you think that's a "wise" remark. So we're halfway there.

I use Hushmail. Anyone who cares knows that. I think you do, too.

 

I apologize I was looking at it in a different light....

I'm also talking about and was going on about this quote below;

 

Have you convinced your myriad of contacts around the world to also open a Hushmail account just to talk to you? You see, even with Hushmail there is a lot of hassle. That's why I think using OpenPGP is the way to go.

 

Well, I'll make a deal with you. You go over there and open a free account. It takes about one minute. When you email me, I'll give you a really nice answer to your question. I think you'll be happy with it.

If I don't hear from you, I'll assume you didn't really want to know

 

It wasn't mentioned above, by merely using Hushmail, it was suggested to just be done with it and use PGP/GPG.

That means using a client to send and receive encrypted email, that means the party on the other end if we want true encryption going and coming needs to be setup on their end.

That means using Hushmail, you can send encrypted email and the party on the other end, not using anything can read the encrypted email, BUT they are not going to send back to you encrypted email, it's basically going to be a one way conversation of encryption.

Are we clear now? Because this is what I was pointing out, the fact that you are not going to just be done with setting up PGP/GPG and have all problems solved as they seem to think for any and all email communication to the entire world.

 

Yep. That was super clear.

 

So now what?

 

So you're all set.

But for anyone who's not clear, start by opening up an encrypted webmail account. Do it now. You're using email anyway. Pick a service and share it with your contacts who don't already encrypt.

This does not impede or discourage the use of pgp in any way. It encourages it. It promotes the idea that information is of value. It spreads awareness that the information that you generate is part of your worth, just like DNA. Otherwise it wouldn't be being stolen out from under you. Which it is.

When you understand this, you will want pgp. Then you will want to spread it just like the virus that is. Because it's is the best virus there is. It's love and kisses and ponies in a field of pornographic pleasure. Or whatever. But it has a drawback. Unlike bad viruses that spread only on your machine, this one needs a human carrier. It is transmitted like this because that's what "it" needs. That's why "it" is not easy. It is a computer virus that "needs" us to learn it before it spreads. It helps you, and you help it.

And it is of vital importance that you "get" it. So start any way you can.