Choice of email service for private stuff

Discussion in 'privacy technology' started by Drakar, Oct 6, 2010.

Thread Status:
Not open for further replies.
  1. Drakar

    Drakar Registered Member

    Joined:
    Oct 6, 2010
    Posts:
    7
    Hello Wilders,

    I have several e-mail accounts, but all of them are used for internet stuff. However now I am in need of a proper personal account, to deal with more sensitive/private content. I'm not asking which one is the best, since all services listed bellow provide the basic function of sending and receiving e-mail, which is all I need.

    My options are the usual big three:

    Gmail - Overall good service, but lately I'm kinda wary of Google and I dislike the way it keeps nagging me to give my phone number.
    Yahoo - Never used that much their mail service. Didn't like how they pushed social junk down your throat and weren't very clear about it.
    Hotmail - Up until Wave 4 I thought it was pretty ok. I'm not too fond of its new "social features" and the fact that it creates a profile for you. Granted, like Yahoo, most of it can be disabled/set to private.

    So, which of these three is the lesser of the evils, specially in regards to privacy? They all seem to be mixed to some degree with social networking, which I'm not too fond of. Please, this is not a “which one is the best” topic. I'd like just some input from the more experienced peeps. Which one did/would you chose as your personal e-mail?

    I wasn't sure if this was the appropriate section to post, so please feel free to move the topic to the right place.

    Thanks a lot.
     
  2. tobacco

    tobacco Frequent Poster

    Joined:
    Nov 7, 2005
    Posts:
    1,497
    Location:
    British Columbia
    Honestly, for "private" information you wish to remain "private", i wouldn't trust any of them without using encryption. Email users fit into 4 categories with the majority in position #1 and it appears you match with #3.

    #1: Have absolutely "No Clue Whatsoever" how insecure and non-private regular(plain text) email is.

    #2: They know but for whatever reason, don't seem to care. However, i am willing to wager that most of them would be furious :mad: if they spotted the Mailman walking up to their house having opened their mail and was reading it!

    #3: Don't care about most of their email except for important info they definitely want to remain private.

    #4: (My Category) Doesn't matter how simple, unimportant the email is - it's my business and the receiver's business and "absolutely no-one else's business" ;)
     
  3. tobacco

    tobacco Frequent Poster

    Joined:
    Nov 7, 2005
    Posts:
    1,497
    Location:
    British Columbia
    .......... continued if i may............

    So your choice is to use a form of open pgp encryption e.g. Thunderbird/enigmail, Instantcrypt, etc or you use a service which handles the process securely (locally) for you which you get a new address and everything send and received between these similar addresses is secure and automatic. Here are 2 freebies and a paid service.

    O!polis - http://www.opolis.eu/community.html

    TrulyMail - http://trulymail.com/

    CryptoHeaven - http://www.cryptoheaven.com/
     
  4. nightrace

    nightrace Registered Member

    Joined:
    Jun 2, 2010
    Posts:
    159
  5. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,953
    Location:
    USA
    Is enigmail compatible with W7 64bit. I was just looking at their site, and it says for windows 32 bit. I didn't see any mention of 64bit.
     
  6. wod

    wod Registered Member

    Joined:
    Oct 4, 2010
    Posts:
    17
    im really weak regarding computer communication - it confuses me ... but what u r basically saying is that one should use Opolis(4 example) as an email server and Claws or T-B as email client ?

    p.s - are those servers free?
     
  7. Drakar

    Drakar Registered Member

    Joined:
    Oct 6, 2010
    Posts:
    7
    Thanks for the replies so far. I forgot to mention that paid services are not an option, unfortunately. Encryptation sounds good, but I can already see it won't be hassle free as most of my contacts could care less about it. Seems like I'm stuck in a rut.

    I thought of setting up a account more "business like" as in name.surname @ something.com. It won't deal with overly sensitive stuff, it's more akin to a personal e-mail, instead of my junk accounts for forums/instant messenger/spam. The only “serious” email account I have is for when I seldom decide to do online shopping, but no one except me knows the address.

    The problem is that sometimes I have to give an email address, be it for college or a potential job proposition and name.surname@ sounds better than randonnickname@. I don't know if I'm making myself clear, but this is what I mean by personal/private. That's the kind of content this account will deal with.

    So in the end, all the big three are bad? No one respect even a little your privacy? Does anyone here keep a more personal account, be it with Yahoo, Gmail or Hotmail and have anything to add to the discussion?

    Thanks for the help!
     
  8. Carver

    Carver Registered Member

    Joined:
    Feb 5, 2006
    Posts:
    1,827
    Location:
    USA
    Does anybody have any comment on http://www.dreammail.eu/intl/en/home.html . The info says it is more geared toward encryption but I have doubts, I installed Dreammail on my computer all went fine till I restarted the computer I got a error message DOA.mis can't be found, please point to the installer or something like that. On the next reboot I got a blue screen. I removed Dreammail post haste and did a scandisk, checkdisk and anything else I could think of. That was about 5 weeks ago.
     
  9. tobacco

    tobacco Frequent Poster

    Joined:
    Nov 7, 2005
    Posts:
    1,497
    Location:
    British Columbia
    There is a portable version you can try. Very feature rich client. Not sure what encryption they use but you can "password protect" your emails. However, the "receiver" must have DreamMail installed to decrypt them.
     
  10. tobacco

    tobacco Frequent Poster

    Joined:
    Nov 7, 2005
    Posts:
    1,497
    Location:
    British Columbia
    For example: Thunderbird/Enigmail/GPG4WIN (all free) - you use an existing email address (your isp, hotmail, gmail).

    O!polis: comes with it's own client and gives you a new address. Encryption is automatic between opolis users and can only send and receive to other opolis users.

    CryptoHeaven: Comes with it's own client and address. Automatic encryption between cryptoheaven users. Can send encrypted mail to non-cryptoheaven users. Can also receive "plain text" emails to your crypto account which get automatically encrypted with your public key when they hit the servers.

    Trulymail: I'll let poosey rest his thumb!:D
     
  11. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    Any of the above. If you do the encrypting on your end (and on your contact's end) then any e-mail provider is as good as the other. If you encrypt it prior to it leaving your outbox, no one but your contact is reading it. Encrypting e-mail at your end is the only way to ensure privacy.

    EDIT: Yes, it can take a little reading to get a public/private keypair generated and to send it to your contacts and then setup your e-mail client, etc. But if your info is important enough, you will find a way. ;)
     
  12. hugsy

    hugsy Registered Member

    Joined:
    May 22, 2010
    Posts:
    167
  13. privatecitizen

    privatecitizen Registered Member

    Joined:
    Oct 6, 2010
    Posts:
    3
    Get COTSE account (paid).
    Use in conjunction with Thunderbird portable.
    Keep Thunderbird portable in hidden Truecrypt container.

    I cite COTSE as email sent does not reveal O/S, machine name, email client and release information, and most importantly hides originating IP address (ie your broadband, WORK, or hotspot connection).
     
  14. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    It doesn't encrypt email. It only uses SSL between a user's machine and the email servers. E-mails themselves are still sent in plain text across the internet. This is the same thing Google and most other mail providers do. Sure, it's better than nothing, but it does not stop anyone from reading the email as it travels from the email server to a contact and vice versa.

    It seems a lot of people are confused about end-to-end encryption vs. SSL email servers. They are not the same thing. If you want real privacy you need to encrypt end-to-end and the best way to do that is with PGP or GnuPG. This means generating your own keypair and sending it to contacts and having them send theirs to you.
     
  15. nightrace

    nightrace Registered Member

    Joined:
    Jun 2, 2010
    Posts:
    159
    Unfortunately most businesses and people do not and will not use encrypted mail. VPNs and anonymous offshore email providers become the best options, especially in countries with data retention laws.
     
  16. wod

    wod Registered Member

    Joined:
    Oct 4, 2010
    Posts:
    17
    i wonder ... why wont anybody suggest establish a self email server - like it used to be with Eudora before gmail , yahoo and friends took over . isnt it the best choice ?
     
  17. hierophant

    hierophant Registered Member

    Joined:
    Dec 18, 2009
    Posts:
    854
    You want to run your own email server? That's probably a little too technical for most folks. And email still travels the net as plain text between servers, no?
     
  18. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    Exactly. Even if your mail server is secure and encrypted, the e-mails when they leave your server and travel to your contacts are not encrypted. The only way to fix that is to use end-to-end encryption by generating your own keypair and having your contacts do the same. Then it doesn't matter who intercepts it -- they ain't reading it without the private key.
     
  19. hierophant

    hierophant Registered Member

    Joined:
    Dec 18, 2009
    Posts:
    854
    Are there encrypted protocols for server-server email transmission? It's rather antithetical to the fundamental design, which focuses on routing around damage. No?
     
  20. tobacco

    tobacco Frequent Poster

    Joined:
    Nov 7, 2005
    Posts:
    1,497
    Location:
    British Columbia
    Another thing not mentioned is your email is most often "relayed" from server to server to server(s) before finally landing in the recipient's inbox with a copy of your email stored on every one of these servers :eek:
     
  21. Carver

    Carver Registered Member

    Joined:
    Feb 5, 2006
    Posts:
    1,827
    Location:
    USA
    I realized that along time ago, thats a good reason to make a email server.
     
  22. tobacco

    tobacco Frequent Poster

    Joined:
    Nov 7, 2005
    Posts:
    1,497
    Location:
    British Columbia
    That wouldn't prevent it.
     
  23. Drakar

    Drakar Registered Member

    Joined:
    Oct 6, 2010
    Posts:
    7
    Point taken. :)

    Thank you very much for all responses, seems the topic turned into a very enlightening discussion.
     
  24. nightrace

    nightrace Registered Member

    Joined:
    Jun 2, 2010
    Posts:
    159
    If they can't link your IP to your mail account and your plain text contained no personally identifiable information (e.g. you correspond pseudonymously and use virtual debit cards) then it wouldn't matter.
     
  25. wod

    wod Registered Member

    Joined:
    Oct 4, 2010
    Posts:
    17
    seems ive totaly neglected it .... - im just getting to learn about computer communications so i still dont see the whole picture .

    p.s i only have some lame books on communications so can anyone give me some quality links ?
     
Loading...
Thread Status:
Not open for further replies.