Anyone using Countermail?

Discussion in 'privacy technology' started by IsaacR, Feb 26, 2019.

  1. IsaacR

    IsaacR Registered Member

    Joined:
    Feb 25, 2019
    Posts:
    3
    Location:
    USA
    I have used Gmail my entire life and have generally been happy with the service. However, just because Gmail is convenient and optimized does not mean one should continue to use it after they leaked our precious data.
    Now that I have learned that Google does not protect their user's privacy; I switched from Google's search engine to DuckDuckGo. Also, I opened a free account with Protonmail to have a relatively safe email. I now have plans to purchase a paid email account to support encrypted email providers, but I am unsure which provider is the most secure. I know that running your own email server and encrypting it with openPGP is the best option, but for my use, I just need a email service that is convenient but also fairly safe. I have three front runners that I believe are the best encrypted email providers. I have included the list below.
    Tutanota
    Countermail
    Protonmail
    Fastmail

    I included Fastmail in my list, because I have heard great things about their service. As for the other three, I believe that they are all well known encrypted email services. As far as I know, Countermail seems to be the most secure but also the least known. Protonmail is obviously the most popular encrypted email provider, but I do not feel that this means they are the only way to go. As for Tutanota, my only concern is that they use "hybrid encryption" instead of the more secure 256bit.
    Now that you know my understanding of these providers, I would like to know if I am correct in my analysis of them. Also, are there better providers that I have overlooked. Thank you very much for your time!
     
  2. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    I'm not sure why, but Countermail never became very popular. No where like ProtonMail, anyway. Maybe it was just poor marketing. Or that it was pre Snowden.

    Using Thunderbird plus Enigmail for GnuPG, I can use any email provider. Except for metadata, anyway.

    But check out Riseup. See https://riseup.net/en/email#what-is-special-about-riseup-email
     
  3. IsaacR

    IsaacR Registered Member

    Joined:
    Feb 25, 2019
    Posts:
    3
    Location:
    USA
    I have noticed that Countermail's website is a little "dated". But what really matters is security. Do you think Countermail is more secure than Protonmail?
     
  4. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    I don't know enough specifics about either to have an opinion.
     
  5. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,549
    If you want a service that is not going to shut down, or lose your data, then go with a major provider. Recently, a small email provider lost everyone's data irretrievably
     
  6. Floyd 57

    Floyd 57 Registered Member

    Joined:
    Mar 17, 2017
    Posts:
    1,296
    Location:
    Europe
    I haven't cared much to use something that's not gmail and *OT comment removed* gmail is just the most convenient, though as you say certainly not the most private, but I'm pretty sure that proton mail or the likes is not gonna shut down soon, they're not that small, you act as if they have a few thousand users basically :D
     
  7. IsaacR

    IsaacR Registered Member

    Joined:
    Feb 25, 2019
    Posts:
    3
    Location:
    USA
    I think that is an excellent point you made, "If you want a service that is not going to shut down, or lose your data, then go with a major provider." The problem is, which major provider is the best? Most of my contacts do not use encrypted email, but I do want to know that the messages in my inbox are secure. Is FastMail a good replacement for Gmail? Is it worth the cost? Should I consider any other providers?
     
  8. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    Simple fix: use POP (not IMAP) and don't leave messages on the provider's servers.

    I've gone through many email accounts, over the years. Including all my personas, hundreds.

    So for contacts that really matter, I use GnuPG. If I switch email addresses, I can easily verify my identity.

    And if a stable email address is that important, register a domain, and just use providers to handle email for it.
     
  9. Beyonder

    Beyonder Registered Member

    Joined:
    Aug 26, 2011
    Posts:
    545
    Posteo has an atrocious Web UI with a barely functioning search feature, but it's been around for 10 years. They offer an encrypted mailbox (that you need to enable, btw) which means your email can only be read using your password.

    They cost like a sixth too.
     
  10. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,549
    I am not a privacy freak, so I am okay with Gmail. If you are a privacy freak, @mirimir has some good suggestions.
     
  11. Countermail

    Countermail Registered Member

    Joined:
    Aug 7, 2009
    Posts:
    169
    Location:
    Sweden
    Protonmail have a free account alternative, that is of course one big difference, while our free account is only a Trial account that works for 7 days (also with some limitations).
    Regarding marketing, you are almost right, we have never done any marketing! (except some Google-ads). We have never used social media like Twitter, Facebook etc..
    But this is deliberately done by us. We had to choose between tons of users or try to keep & support a smaller group of users. We may change that but then we need to employ a marketing person, marketing takes time. Still we have never had any financial problems. Yes, our homepage is outdated in the looks, that will be fixed. We have focused on the webmail interface and other things behind the walls. We still update things on a weekly basis.

    Right now we are seeing some Protonmail users switching to us, it may be because of this:
    https://countermail.com/images/protonmail_monitor_ip_address.png

    We have written a bit about it in our changelog on 2020-02-28:
    https://countermail.com/?p=changelog&t=1

    Thunderbird plus Enigmail for GnuPG is a good start but there are still some differences between a normal email provider and a real secure email provider
    -IP-address in the email is removed
    -No IP-logging on the server with a good secure email provider
    -Email-scanning is used by many, for example Gmail, but a secure email provider should not 'scan' any email
    -The email is stored encrypted with a real secure email provider, with a normal provider its stored unencrypted.
    If you choose to delete the email from the server and download it locally, you also have to keep backups by yourself, which means if your computer crashes your email may be lost forever (if you dont have external backup), If you use a good secure email provider you can keep the email on their server, and you don't have to care about backups.

    Best Regards,
    Countermail.com
     
  12. longshots

    longshots Registered Member

    Joined:
    Oct 20, 2017
    Posts:
    533
    Location:
    Australia
    You may have answered your own question. If you are comfortable with Protonmail just pay for an account and have the extra benefits that provides.
    Or, as per your own suggestions, try Tutanota first and see which of the two you prefer.
    I use Protonmail because it's easy to set up on my desktop and phones
     
  13. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    @Countermail -- Hey :)

    For what it's worth, I trust your key management approach more than ProtonMail etc. And you use close enough to stock GnuPG that it's easy to exchange encrypted messages with non-Countermail people.
     
  14. trott3r

    trott3r Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    1,283
    Location:
    UK
    According to osint podcast choose the service that you have most contacts with. Thus kept within their ecosystem
     
  15. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    I guess that you could have an account on each service where you have contacts.

    Alternatively, you could use a service that's part of the radical network. From https://riseup.net/en/security/message-security
     
    Last edited: Mar 16, 2020
  16. Countermail

    Countermail Registered Member

    Joined:
    Aug 7, 2009
    Posts:
    169
    Location:
    Sweden
    Well, I think so, even the police stopped asking for the private keys (in those few cases they have a verified Swedish prosecutor that signed a request). We just send them this PDF paper, which the average police dont understand :) so they have to forward it higher up in the chain, either to NOA (Swedish FBI) or Secret Service, finally someone understand that it's impossible for us to give them the private key, then they give up on the brute-force-private-key tactics...or whatever they trying:
    https://www.countermail.com/countermail_private_key_protection.pdf
     
    Last edited by a moderator: Mar 18, 2020
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.