Lavabit alternative

Discussion in 'privacy technology' started by mattdocs12345, Aug 15, 2013.

Thread Status:
Not open for further replies.
  1. mattdocs12345

    mattdocs12345 Registered Member

    Joined:
    Mar 23, 2013
    Posts:
    1,785
    Location:
    US
    Is there an alternative to Lavabit that would provide me with a secure email? I am sickened by the NSA and the large companies such as Apple, MS, Google. I want to close down my gmail account and vote here with my wallet.
     
  2. wearetheborg

    wearetheborg Registered Member

    Joined:
    Nov 14, 2009
    Posts:
    667
    Lavabit did not give you secure mail.

    Email is inherently insecure.

    As a first step however, you can use GPGP to encrypt emails before sending them.
     
  3. JackmanG

    JackmanG Former Poster

    Joined:
    May 21, 2013
    Posts:
    284
    Ironically, your second sentence is exactly how you would make email secure.

    To answer the OP, the only way to truly secure email is to encrypt it yourself, locally, before you send it. The common way to do this is through asymmetric key cryptography.

    See these links:

    How to Encrypt Your Email and Keep Your Conversations Private

    NSA-proof your e-mail in 2 hours
     
  4. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    Countermail is probably it for now.

    It uses a Java applet that does encryption locally aka end-to-end. You can also use Thunderbird with Enigmail with them, instead of the Java applet.

    When corresponding with other Countermail accounts, headers (email addresses, IP addresses, etc) are never exposed on the Internet. That may also be the case with some other providers, if they encrypt all Internet connections among their servers.

    Encrypting email messages only encrypts message bodies, and not headers. Internet connections among email providers are often not encrypted, so headers will be exposed on the Internet. You and your correspondent can get around that by using pseudonyms, and hiding their ISP-assigned IP addresses using VPNs and/or Tor. To further confuse observers, you can both use several pseudonyms (from multiple IP addresses).

    If you use Countermail's Java applet, your messages (and headers) are stored encrypted on their servers. But that's not possible using Thunderbird with Enigmail with standard email protocols.

    If you really care, you want to use remailer nyms via Tor with alt.anonymous.messages as your inbox.
     
    Last edited: Aug 15, 2013
  5. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,953
    Location:
    USA
    I trust Riseup mail. Well, I don't really trust anyone fully, but I trust them more than the alternatives. They respect their user's data privacy. I know that it was already mentioned that one of their severs was raided by the FBI. That just confirms to me that they do not willingly hand over their user's data. If they did they would not have to raid their servers. Plus, they use strong encryption so that does not mean all riseup.net user's data was compromised. Yes, Counter Mail is great to, but it is not free.
     
    Last edited: Aug 15, 2013
  6. wearetheborg

    wearetheborg Registered Member

    Joined:
    Nov 14, 2009
    Posts:
    667
    For true security, you would also need to hide the metadata - where you sent the email from, who sent it, to whom.
     
  7. mattdocs12345

    mattdocs12345 Registered Member

    Joined:
    Mar 23, 2013
    Posts:
    1,785
    Location:
    US
    Is there anything that's based outside of U.S.? Hopefully a country that doesn't have secret courts...
     
  8. Bob D

    Bob D Registered Member

    Joined:
    Apr 18, 2005
    Posts:
    1,150
    Location:
    Mass., USA
    Out of NSA's reach = not US based servers (up to a point).
    Lavabit's shutdown was not forced by the NSA, but was Ladar Levinson's decision (assumed ethics related).
    I've never seen the need for such encrypted services, but that said, link: http://www.extremetech.com/extreme/...ust-use-it-here-are-some-lavabit-alternatives
    Note: Whatever country hosts your email, if a subscriber is suspected of terrorism, espionage or kiddie porn communications, chances are they will be served with court orders for disclosure of those "encrypted" communications.
     
  9. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    Countermail is in Sweden.
     
  10. JackmanG

    JackmanG Former Poster

    Joined:
    May 21, 2013
    Posts:
    284
    True, and good point, but I figure it's more the content he's worried about, not so much the communication itself.

    But that is an important point. I would just hope anyone who needs to go that far isn't coming to a forum to first hear of that fact. :doubt:
     
  11. mattdocs12345

    mattdocs12345 Registered Member

    Joined:
    Mar 23, 2013
    Posts:
    1,785
    Location:
    US
    Yup. I have nothing to hide but I also have a right to privacy. Im looking mostly for something that will protect my content. I want to support a company outside of U.S. that will not just hand in their data to any state agency that asks.

    This is fine with me. This is a very reasonable warrant for a search. What I want is my 4th amendment back, if not in US then somewhere else where they will not snoop through peoples accounts by evoking secret laws enacted by secret courts.
     
  12. JackmanG

    JackmanG Former Poster

    Joined:
    May 21, 2013
    Posts:
    284
    Yeah I'm with you. I wrote about "nothing to hide" here and here. If you check out the "How the NSA Will Use Your Emails.." piece, you can see a real world example of how it's certainly not out of the question that even just the fact that you communicated with someone at a specific time, or from a specific place, could be used against you. So it's definitely not an inconsequential thing, but at this point still a low probability (depending on who you are and who you talk to, of course.)
     
  13. Snoop3

    Snoop3 Registered Member

    Joined:
    Jan 2, 2011
    Posts:
    474
    i don't trust Riseup. i looked at their website and seemed like the most important thing to them was their political agenda iirc.

    re counter mail and it not being free, i'm starting to think its better to pay for everything computer and intenet related these days :(
     
  14. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,779
    Location:
    Texas
  15. JackmanG

    JackmanG Former Poster

    Joined:
    May 21, 2013
    Posts:
    284
    :eek:
    Blasphemy!

    Blasphemy I say!
     
  16. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,953
    Location:
    USA
    Paying for a privacy email service can break anonymity for some. It really depends on what you are trying to accomplish. If you only want to prevent others from reading your mail then there are more options on the table.
     
  17. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    This is a very dangerous mindview.

    All governments arguably have intelligence services. If they don't, they're not protecting their citizens very well ;)

    Politics are off-topic here for one very good reason. Political discussions far too often come down to differences in opinion, different assumptions, etc. What we need here are workable solutions.

    I recently watched "Elysium", by the way. Although there's some ambiguity, the happy ending seemingly leaves the machines in charge. They're very kind machines, once they've been reprogrammed to see everyone as a citizen, not at all like Skynet. But isn't that sad?
     
  18. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    It's not that hard to anonymize Bitcoins using multiple Multibit clients through Tor, using Tails, Whonix, Incognito, etc. Multibit doesn't download the blockchain, so it's fast through Tor.
     
  19. FreddyFreeloader

    FreddyFreeloader Registered Member

    Joined:
    Jul 23, 2013
    Posts:
    527
    Location:
    Tejas
    Opera Mail - not US based. Not sure how safe it is, but I've never gotten any spam using it, unlike G-mail, Yahoo, Outlook which are pretty much spambot recepticles.
     
  20. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
  21. 0strodamus

    0strodamus Registered Member

    Joined:
    Aug 23, 2009
    Posts:
    1,047
    Location:
    United Surveillance States
    I'm with you and wish there were more alternatives like Lavabit out there. They must have been doing something right to protect the emails stored on their servers or they would still be in business. The interview with Ladar Levison on Democracy Now! was interesting, but at the same time very disturbing due to the gag order he has been put under. Riseup has been great so far and well worth the donations, but we need more services that respect privacy. I was hoping for some non-US based suggestions in addition to Countermail. Are there really no other non-US based privacy-minded providers?
     
  22. Stifflersmom

    Stifflersmom Registered Member

    Joined:
    Jan 3, 2013
    Posts:
    45
    Autistici/Inventati is an Italian based company that has a very similar service as Riseup.net. Although their offices are in Italy, their servers are in Iceland, Norway and I believe the Netherlands. They respect privacy.

    Riseup.net fans should definitely take some time to read the "Riseup and the Government" release they just put out. Apparently Riseup is working on a new secure email infrastructure.
     
  23. Stifflersmom

    Stifflersmom Registered Member

    Joined:
    Jan 3, 2013
    Posts:
    45
    Riseup and Government FAQ

    The bold text is mine.

    The rest of the FAQ can be found here.
     
  24. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    I looked, there is nothing on the market right now like Lavabit. I was a Lavabit user, and Lavabit was secure. It was secure so they took it away.
     
  25. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
Loading...
Thread Status:
Not open for further replies.