Best secure email provider?

Obviously you're never going to keep out Big Brother, but what's the best email provider to keep corporations like Kikerosoft and Jewgle out of your business?

Attached: proton.png (400x400, 41.77K)

No such thing. The best you can do is setting up your own server.

Sticky

Checked.

I use Tutanota.

Pro's:
> No e-mail content reading for (((advertising))) and spying like Jewgle

Con's:
< No push-notifications on mobile (yet)
< No support for other e-mail clients like Thunderbird (yet)
< Can't pay anonymously for the Premium-version except if you managed to make an anonymous Paypal. *If anyone knows how to do it, please share as I haven't looked into it properly but I read once that it was possible*
< No search function to find emails, so you need to organise them into folders

Attached: Tutanota.png (223x50, 3.8K)

* not even

all "secure" and "privacy" emails are just honeypots


implying that's a good thing, nigger
also I bet this CIA shit requires javascript

It's not free software because you cannot see the server code as it runs, you can only trust it (if you're idiot, and you are)

< No support for other e-mail clients like Thunderbird (yet)
< No search function to find emails, so you need to organise them into folders
You can't do these because they have a retarded ultra-top secret special snowflake encryption. And no, it won't be changed. The result is that you are forced to use their shitty, bloated, javascript-infested webmail only instead of a normal client, for "muh extra security". They really fucked up with that one, IMO.

fuck off back to tech crunch

it's shit. literally anything that isn't cock.li (or some obscure yiddish email host that somehow survived from the 90's) is complete garbage

any mail is secure if you use gpg

I agree that Tutanota isn't what email should be, however I think it's the best we can get for now, which was the OP's question.
Running your own is the best of course, but most people can't be bothered to set it up.


I called it open-source not free software, read my post.


Then use the app instead of the browser.
I think they also planned a desktop-client of their own.


Then stay in the '90.

Attached: 4ac3679c-b555-45dc-bb50-5d97b50b6c92.jpg (316x316, 72.45K)

...

>>878338
Javascript they provide is not free software.
Their "Apps" are neither.
(((Open Source))) is not Free Software. Learn the difference, it may cost your life.
It is impossible to prove whether they scan and datamine your mails or not.
It is impossible to prove whether it's a honeypot or not.
It is impossible to make secure cryptography with javascript IIRC. There is a GnuPG extension for Firefox that can encrypt any text you enter in a browser, so it doesn't matter what webmail you use, it even works with imageboards.
There were numerous proofs of Protonmail collaborating with police/courts from irrelevant shithole countries like Indonesia or Ukraine and giving them server logs, they also ban people for something bad or false accusations of it. If you want to be a bad guy on the interwebz, use Tor or i2p-based email systems.
If you need privacy/confidentiality, any normal email server, especially self-hosted, is sufficient, don't forget to encrypt the data with GnuPG and wipe it with cloth or something.
Be aware that most email servers are poorly configured and won't accept mail from other servers they don't trust. Also there is a much probability of your incoming mail being passively sniffed, stored and read by every host operator between your server and sender's server if link is not encrypted.
If you need anonymity, don't use email ever. The protocol itself leaks too much metadata and GnuPG/RSA has no forward secrecy, key management is cumbersome. It is okay to use GPG for signing official documents and software packages, but not encrypting data on daily basis while staying anonymous and keeping legal deniability.
Use XMPP with OTR or OMEMO if you want better encryption security than GPG.

Read the sticky thread first, it has lots of useful links and articles if you expand it.

...

botnet faggot

Protonmail also requires a resident IP and/or Google ReCaptcha to register an account. avoid.

...

recaptcha? when i try to create a protonmeme account over tor it requires donation or phone. then once in a while it will let me use an already existing email address. even the cancer that is recaptcha would not be as bad as this. because recaptcha only outright blocks tor 50% of the time

...

Is the cock.li+gpg combo the most secure email setup I can get? I couldn't find another "secure" email provider which lets you register without javascript.

I have like 10 protonmail accounts and not once have I not had the option to use an existing email.

(me)
Or captcha*. Never had to use a phone number or donation.

then you have a good goy IP address. it's still shit

...

Cock.li is not particularly secure. The potential harm caused by javascript during sign-up isn't that big.

You forgot to add that you can't block annoying spammers without a paid subscription. I'm moving away exactly because of this.

There is one thing Protonmail does, but most normal email providers don't: incoming plaintext mail encryption. Yes, those Dragon dildo subscriptions and whatnot. Websites only ask your email address, not a gpg key, therefore most email still comes unencrypted, and this is what people use email for, registering to websites and sometimes mailing lists. Communications could be done more efficiently with Tox, XMPP or Matrix mentioned above, and those have superior encryption algorithms, but you can't register a forum account with XMPP.
Though, inbox encryption could be easily solved with self-hosted solutions, but leaves metadata like text/file size and date/time stamps.

Good. Maybe he'll give me some recommendations.

whats wrong with protonmail?

nothing

...

not sure if mentioned yet, but protonmail does a decent job

To share your email with Mossad?

...

There's no way around that. Protonmail does the most an e-mail provider reasonably can, as far as I'm aware (I don't use it).
When cock.li's servers were seized, Protonmailesque protection would have been able to stop law enforcement from getting access. It does provide real protection, just no full protection.

If you forget your password you're fucked as there's no recovery options

I completely disagree. Protonmail is much more harmful because it gives people a false sense of security. They are the ones who encrypted it so they can can decrypt it when law enforcement asks them to. With cockmail Vince is conpletely open about the fact that email is inherently insecure and that if you want privacy you are expected to use PGP.

They can't decrypt it on request if they don't have your password.
Asymmetric cryptography lets you have separate keys for encryption and decryption. You do know about that, right? It's essential to PGP-encrypted e-mail as well.

As far as I am aware protonmail stores your private key on their servers(encrypted using your password as a key) and thus has access to to it. This is why you can't use third-party clients with their service. I could be wrong of course.

Semi-unrelated but they base64encode unencrypted messages and because of this shit up a load of mailing lists with messages that only the unimportant people using webmail see.

They only have access to it if they have your password, then. If they don't have your password they can't do much.
As long as they're willing to go full lavabit if they need to it's fine.

Every time you give in the password they can be running a modified (probably non-free) javascript program that sends the secret to them. Any "security solution" that requires you to run their proprietary software, especially if they can change it anytime as is the case with web apps, is snake oil.

everything

what this user said
/thread

Cock.li

When they got raided the first time, vc bought a few dedicated bunker servers in Romania. So now no more raids. Also I trust birds with arms man more than ((corporations)).

Attached: cock.png (511x524, 42.58K)

hey stop please, if too much people know about it, they will overload it
let it be only for the elite initiated
also I think eventually some (((corporations))) would blacklist his domains because he allows anonymous signups; a few services already do.

not really
shit mails like protonmail or tutanota force you tu use javascript webmail, javascript allows them to fingerprint you to death (time between keystrokes, reading things from web browser etc)


it's not best, it's worst. Even hotmail is better as you can use 3rd party client with it

then why calling it open-source when it's meaningless and doesn't offer any advantage?

Haha good goy, if you think I am going to use their malware x86 code to use their fucking mail then you are nuts
their client will have full access to your computer. guess they need more than access to your web browser with javascript. They are CIA after all


it doesn't matter because since email comes unencrypted to protonmail, man in the middle like CIA can just take it and store it
also it's obvious protonmail saves all mail messages as second copy with protonmail private key, so they can decrypt all messages and send them to CIA (or maybe they don't need to send to CIA, because protonmail could be CIA itself)


Protonmail servers won't be seized because they just give away all emails to any "authority" that request this


but they HAVE the password. all they need is to send you modified javascript code ONCE, that will send password from input box when you enter it to them
or are you saying that you analyze few megabytes of protonmail javascript code every time you visit it?

waifu was cucked a few months ago. cockli might be the same

Everything is in order as of now. If you don't believe me, go harass VC in the mumble.

Attached: cockli.webm (720x486, 937.98K)

You're all idiots.

Email is sometimes sent over TLS. A lot of email servers don't use it though. You are still relying on the other person to be secure.

I tried to tell them...

Attached: 72AFDB0F-9F3B-472B-9791-B02951D7426B.jpeg (625x400, 48.25K)

...

bitchass dicksucker vincent cockfield disabled a bunch of my inboxes that i registered using tor fuck yall cocklickers

protonmail
/thread

...

...

anything you can use pgp on, which is basically anything.

speaking for myself, twice there was an instance where a file transfer request popped up and the person it came from said they didn't send it. Haven't touched it since.

so going by all the baseless fud posted, looks like protonmail mail is pretty ok. Still I would encrypt messages just the same, or better yet, not use fucking email.

Cock.li is good for a laugh, but it's probably run by FSB. I wouldn't touch that shit with any online payment or banking unless you enjoy being raped.

It's confirmed run by goons. Avoid.

It's confirmed run by israelis. Avoid.

What about Mailfence or Scryptmail?

Still better than US.

Funny story for you guys:
Logged on to this ancient hotmail account I have to send an email to an old coworker. I decided to add a joke title that involved a string of.. problematic words such as bomb, terrorist, jihad, etc.
Upon attempting to send, the email went into drafts and stayed there for half an hour along with some bullshit message that was pretty much saying "your email needs to be verified" or something along those lines.
GG M$!

That's my biggest issue with cock.li. Sending emails to normalfaggots is unreliable as I've discovered many times. Gmail simply does not let them receive my mails sometimes, and I suspected it didn't let them send to my address on occasion as well.

They want you to verify because you're logging into an ancient account, the system will think you're a spambot using harvested user:pass combinations. Fucking retard.

Posteo
It's honestly much better than Proton and Tutanota since they're web only and require loading of nonfree JS. I use it and love it.

No dipshit, I didn't mean that I don't log in or send emails thorugh it, I just said that I've had that account for a really long time.
It has never, ever done such a thing with any other email ever before.
The exact message I got while waiting for half a fucking hour was "Your message will be sent, but we're not quite ready yet."

cock.li or sdf.org

Email is insecure by design, baking encryption into the platform is like putting make-up on a pig. If you absolutely need to send something mission-critical over email, use PGP.

bump