sgtnastyMy holy trinity of trust
DarkwinDuckI have bitwarden and mullvad, but what’s the other one?
MarcusIt’s Tutanota, an email service
LesbianLiberty [she/her]What’s bottom right? Top is Bitwarden and Left is Mullvad VPN
blobcattutanota, an email service
ahornsirupTutanota, an email service.
that’s Tutanota
tutanota is terrible though
Tutanota is one of the few good E-Mail services that i can think of, what’s so terrible about tutanota?
Tutanota is in Germany, which is part of the 14 Eyes global surveillance network. Protonmail is located in Switzerland, not currently part of any such intelligence agreements. Switz courts are also much less willing to approve search warrants.
That does not matter at all www.youtube.com/watch?v=IeXaYR4ed9c
www.youtube.com/watch?v=QCx_G_R0UmQ
Is Proton Mail Really Private, Secure, and Anonymous?
In this video I tackle the topic of whether or not Proton mail is Really Private, Secure, and AnonymousPrivacy Watchdogs article about Proton mail being a ho...
I already know both Videos and i am still convinced that ProtonMail is the best Mail provider. Them giving the IP Address to the French authorities “for no reason” is a claim I hear parroted a lot, but it’s simply not true. Also, if the French activist had used Tor or even just the free tier of ProtonVPN they wouldn’t have to worry about any of that, so it all comes down to bad opsec
Protonmail and protonvpn are the same company and they probably would send out logs from that to. Protonmails tor service is pretty sus to. Why would it redirect to a clernet site. Vpns are not private and defenetly not email. Email was never made to be private so it isn’t and once you use something personal with it you are fully identified like this lemmy account, if you have ever signed in to it without using tor they could just ask lemmy and get your ip so in the end it does not really matter. Neither protonmail or tutanota is the best for privacy i guess that would be cock.li or some other onion only email
Proton wouldn’t have to disclose the real IP from anyone using their VPN, you can read their Blog-Post on that here. I think they fixed the next point, but why wouldn’t it redirect to a clearnet site? You are already using tor, hopefully on the “Most Secure” setting, so why would you care? VPNs can be secure (like proton or, even better, mullvad), but I agree that most of them aren’t. I also agree that E-Mail was not designed to be secure, but that doesn’t mean that it can’t be. PGP exists, and since proton is heavily pushing for you to use it, I think it’s okay to use their service.
Cock.li is a nice Mail provider with a not so nice owner and while the philosophy behind it is pretty cool it’s AFAIK also on every spamlist possible. Also the domains are, aside from airmail.cc, just not good for any professional usecase
You can create accounts on onions so why would it redirect to clearnet. When accesing clearnet sites in tor it has to use a exit node and most exit nodes are most likely runned by law inforcements. I guess it does not really matter what you use since you shouldn’t really send messages over email anyways. Only to create accounts that most likely can identify you
and most exit nodes are most likely runned by law inforcements
and why would you care about that? the protonmail site is using https (which is something that MO has criticised on the onion site for some reason), so the law enforcement would have what? the ip of the middle-node, the ip of the package-destination, and the date the package was sent? that’s not really that much metadata tbh.
anyways yeah we should switch away from email to something like matrix ASAP, but tbh that won’t happen anytime soon
The lock in and the lies. The first being your inability to read your emails in another client. Second is the lie that it’s secure when email is inherently not second. It’s making a false promise.
Oh and I forgot the new issue, being that you can’t zoom mail, which is infuriating.
Disclaimer: I pay for Tutanota and have for a few years. But I’m tired of it. Will switch to another season once K-9 becomes Thunderbird for Android
I’ve been saying this for years. Aside from the other issues people have with them I found their support to easily be the worst I’ve encountered. It’s a shame because I really liked their pricing structure at the time.
Qkallbruh, i can’t be the only one confused why state farm’s drive safe app was being touted…
allows their car insurance to spy on their location data and driving habits Is curious about privacy Okay buddy
Hot SaucermanThe thing is, ownership of any of these can change at any time.
That is up to and including something like uBlock Origin, which only has one developer, and would suddenly be very different if that developer died and the project had to be forked.
You can never trust that the person who takes on the reigns has the same ideals as the people running them now.
Hell, Mullvad was abused to the point they removed access to Port Forwarding on their VPN service, which has led to many people needing to switch to crummier, shadier VPNs that still offer port forwarding access. That’s not Mullvad’s fault, but it is an example of them having to change their philosophy and what they offer because of abuse.
SIGSEGVSame thing just happened with IVPN :-\
r00tyHell, Mullvad was abused to the point they removed access to Port Forwarding on their VPN service, which has led to many people needing to switch to crummier, shadier VPNs that still offer port forwarding access. That’s not Mullvad’s fault, but it is an example of them having to change their philosophy and what they offer because of abuse.
It's a real shame too. It was a nice feature.
Hell, Mullvad was abused to the point they removed access to Port Forwarding on their VPN service, which has led to many people needing to switch to crummier, shadier VPNs that still offer port forwarding access.
Could you explain what happened?
As clear as I can make it out, it seems like it was related to a search warrant that was executed on Mullvad.
mullvad.net/…/mullvad-vpn-was-subject-to-a-search…
Because just a little over a month after the news of the failed raid, there was news of them removing port forwarding.
mullvad.net/…/removing-the-support-for-forwarded-…
Emphasis mine.
Unfortunately port forwarding also allows avenues for abuse, which in some cases can result in a far worse experience for the majority of our users. Regrettably individuals have frequently used this feature to host undesirable content and malicious services from ports that are forwarded from our VPN servers. This has led to law enforcement contacting us, our IPs getting blacklisted, and hosting providers cancelling us.
The result is that it affects the majority of our users negatively, because they cannot use our service without having services being blocked.
The abuse vector of port forwarding has caught up with us, and today we announce the discontinuation of support for port forwarding. This means that if you are a user of forwarded ports, you will not be able to add or modify the ports you have in use.
They made a smart call that has probably increased the long term privacy of their users.
People were using port forwarding to host illegal shit, and governments were getting pissed off about it. Mullvad has been able to prove in court that they don’t keep logs, but that’s not a perfect deterrent; a properly motivated government, perhaps if somebody is using Mullvad to host CSAM, might attempt to legally force Mullvad to put logging in and add anti-canary clauses.
Preventing port forwarding keeps customers as consumers rather than hosters, and avoids this issue.
machiabelly [she/her]I used to use proton until I saw them give info for a warrant. After that I gave up on the VPN thing. If I lived in a country with limited streaming options I might use them but
This is true and people should always be mindful of this. Additionally you should consider not just the ownership of the companies but also the infrastructure they rely on such as their rented servers, payment processors, on-site staff etc. However commercial VPNs remain a convenient compromise for many use cases. These services are probably fine for your shitposing needs but should not be relied upon for activism for instance.
DogsAreEverywhereProton does all of this at once
CliffjumperStill can’t bring myself to use proton pass. I’ll be much happier when proton drive better integrates with desktop machines as well but calendar, VPN, email and the bonus simplelogin premium are way too useful.
AlmaceYou do also kind of put all your eggs in one basket so to speak though. I don't have anything against Proton and the pricing makes sense if you value all their services and pay for Ultimate (though by my estimate, less sense if you are only looking for a smaller handful of services). However, if you go fully into Proton for everything, you're placing your trust into an entire stack of services and it can end up a single point of failure.
retroI trust their privacy claims but if you backup your email and calendar you can just as easily move elsewhere if Proton does go down. Having only one provider can make things a lot easier to manage.
However, if you go fully into Proton for everything, you’re placing your trust into an entire stack of services and it can end up a single point of failure.
Yeah, I know
The point is that Proton offers good service at a reasonable price, and for me that’s it, that’s perfectly fine
Is Proton Mail Really Private, Secure, and Anonymous?
In this video I tackle the topic of whether or not Proton mail is Really Private, Secure, and AnonymousPrivacy Watchdogs article about Proton mail being a ho...
Thank you, I’ll watch it later
Tutanota is German, which is part of the 14 eyes global surveillance network. I prefer my Switz Protonmail better.
engadget.com/protonmail-climate-activist-ip-swiss…
Europol requested it. Even though you think your service is not under 14 eyes there still is gonna be many other problems.
You can always find problems with the service itself.
FazooAnd that proves what exactly? Swiss law required them to hand over an IP address. That didn’t grant them access to the encrypted emails or any pertinent information. Proton openly admits they had no idea who the user was. The activist should have used a VPN, which Proton also offers as a service, and then whatever activity trail they linked to an IP would have died at Proton’s VPN network.
Protonmail then went to court, and got the law changed so it doesn’t happen again reuters.com/…/proton-wins-swiss-court-appeal-over…
Jvrava9Selfhosting an email is very hard bu I think that at the end it’s worth it
jherazobUntil Gmail/Hotmail decides your IP is a spammer and forever you have deliverability issues from then on
Interesting, is this a wild spread problem? I have heard of people that host email services for years and have no problems.
It’s a worry I see posted a ton, and have been advised numerous times that email is the one thing you don’t wanna selfhost.
legiosI self-host (postfix and dovecot) and will admit of all the self-hosted stuff I have it’s the most annoying/time-consuming to manage but doable if you’re willing to spend a lot of time reading and updating things. I wouldn’t recommend it to the vast majority of people though.
I read some horror stories about folks who self-hosted for years and how they eventually quit and moved to an established email provider. It didn’t seem like something I wanted to deal with.
Do you think using one of those federated email networks where it’s invite only and between people you know would have any appreciable use cases in conjunction with an established provider? I can think of having a small org use it maybe but not between friends or family.
After self-hosting my email for twenty-three years I have thrown in the towel. The oligopoly has won.
Many companies have been trying to disrupt email by making it proprietary. So far, they have failed. Email keeps being an open protocol. Hurray? No hurray. Email is not distributed anymore. You just cannot create another first-class node of this ne
palebluedotFive and eleven eyes doesn’t matter if the service is encrypted and open sourced. Also, did you know that Switzerland has no superior privacy laws comparing to Germany? It’s all marketing bluff.
That does not matter at all www.youtube.com/watch?v=IeXaYR4ed9c
www.youtube.com/watch?v=QCx_G_R0UmQ
Is Proton Mail Really Private, Secure, and Anonymous?
In this video I tackle the topic of whether or not Proton mail is Really Private, Secure, and AnonymousPrivacy Watchdogs article about Proton mail being a ho...
whileloopKeePass is also a good password manager, it’s open source and you get to store the password database anywhere you like.
Why do you trust a Germany based secure email over something like Proton? At least Mullvad is Sweden based.
TJA!Because in Germany we value privacy and the protection of personal data
Not more than the Swiss. Germany is part of the spy dragnet. It does not offer the same level of privacy protection.
Five and eleven eyes doesn’t matter if the service is encrypted and open sourced. Also, did you know that Switzerland has no superior privacy laws comparing to Germany? It’s all marketing bluff.
Yeah so true proton had to hand out information to authorites
A single IP address, which would mean nothing with VPN use. Germany is literally part of the spying eyes. That is the difference here. Proton giving out one address vs the surveillance network of a NATO state?.. Lol
Ok? It does not matter LOL other states authorites can ask swis for information like what happend with the activist. Vpns are not private lol. You probably use your email for personal things like this lemmy account and you probably don’t use a vpn with it all the time so your email is already linked to you
TimeSquirrelSo why are my German relatives super-scared of pirating because of the government finding out, and get me to torrent all their shit for them and mail it to them on hardrives?
Piracy is not privacy
HubiCorrection: It’s not the government, it’s private law firms doing this. Your IP is public when you torrent, they just have bots monitoring the most active trackers and try to extort money from the people they catch.
Bappity
SagrotanSure. Ask the CCC…
That does not matter at all www.youtube.com/watch?v=IeXaYR4ed9c
www.youtube.com/watch?v=QCx_G_R0UmQ
Is Proton Mail Really Private, Secure, and Anonymous?
In this video I tackle the topic of whether or not Proton mail is Really Private, Secure, and AnonymousPrivacy Watchdogs article about Proton mail being a ho...