Protonmail
Thread Starter
Join Date: Jun 2011
Location: New Zealand
Posts: 172
Likes: 0
Received 0 Likes
on
0 Posts
Protonmail
Please does anyone on here use the following and if so is it any better than the normal e-mail for security?
I have been told that it allows attachments, inline images and links and can also be encrypted if you get a
protonmail account at https://protonmail.com/
I have been told that it allows attachments, inline images and links and can also be encrypted if you get a
protonmail account at https://protonmail.com/
Overall I'd say it is the most secure you'll find around as long as you stay in their ecosystem.
Join Date: Jan 1998
Location: Where the job is!
Posts: 451
Likes: 0
Received 0 Likes
on
0 Posts
One problem with ProtonMail is that although it plays up the Switzerland line it is apparently run by some Americans and has an office or operation in the USA. This means it is under Uncle Sam’s thumb and may be subject to “leverage.” Remember what happened to Lavabit, the encrypted email service used by Edward Snowden: https://www.bbc.com/news/world-us-canada-23627656 and https://www.theguardian.com/technolo...edward-snowden
Lavabit’s founder Ladar Levison stated:
“This experience has taught me one very important lesson: without congressional action or a strong judicial precedent, I would strongly recommend against anyone trusting their private data to a company with physical ties to the United States,"
The USA is not the only state to lean on an encrypted email service. Canada did the same to Hushmail. Suspect anything based in the Five Eyes or their associate states.
Nothing is guaranteed, but I suggest you consider using www.tutanota.com. This is based in Germany. Germany’s past experience of first the Gestapo and then the Stasi suggests they might be more resistant to abuse by Big Brother. Tutanota claims their service is built so that they are unable to access any messages, passwords, etc no matter what pressure is applied. Communications between two Tutanota users appear to protect against the metadata problem. Emails between Tutanota users are automatically encrypted and it is easy to establish a password for a non-Tutanota contact to use for encrypted communications with you.
Do not depend on just the email service alone for serious matters. Use PGP public key encryption with a long pass sentence and 4096 bit key and send your PGP encrypted stuff over Tutanota.
Ensure that the rest of your operation - backup medium and process, hardware, etc - is encrypted and protected against key loggers, malware, etc.
Always connect anonymously using a VPN, TOR, etc.
I use Tutanota and will depend on just that for social stuff and some routine business communications. More serious stuff is encrypted with PGP and then sent over Tutanota. I keep a ProtonMail account as backup in case Tutanota should ever close.
Lavabit’s founder Ladar Levison stated:
“This experience has taught me one very important lesson: without congressional action or a strong judicial precedent, I would strongly recommend against anyone trusting their private data to a company with physical ties to the United States,"
The USA is not the only state to lean on an encrypted email service. Canada did the same to Hushmail. Suspect anything based in the Five Eyes or their associate states.
Nothing is guaranteed, but I suggest you consider using www.tutanota.com. This is based in Germany. Germany’s past experience of first the Gestapo and then the Stasi suggests they might be more resistant to abuse by Big Brother. Tutanota claims their service is built so that they are unable to access any messages, passwords, etc no matter what pressure is applied. Communications between two Tutanota users appear to protect against the metadata problem. Emails between Tutanota users are automatically encrypted and it is easy to establish a password for a non-Tutanota contact to use for encrypted communications with you.
Do not depend on just the email service alone for serious matters. Use PGP public key encryption with a long pass sentence and 4096 bit key and send your PGP encrypted stuff over Tutanota.
Ensure that the rest of your operation - backup medium and process, hardware, etc - is encrypted and protected against key loggers, malware, etc.
Always connect anonymously using a VPN, TOR, etc.
I use Tutanota and will depend on just that for social stuff and some routine business communications. More serious stuff is encrypted with PGP and then sent over Tutanota. I keep a ProtonMail account as backup in case Tutanota should ever close.