Now that TorMail has been compromised, we need more email alternatives

[ralyodio]

MyKolab looked good except they require existing email and I think it costs money, could not tell.

[Zegnat]

Please note that TorMail has already been off of PRISM Break’s list for over a month. It was removed on Appelbaum’s (@ioerror) recommendation.

MyKolab is not free, you are right. This should probably be made clear in some way. I filed an issue to rectify this. You do not need an existing email address to use them though, you even get a pick of 7 different domain names when signing up (6 of those are managed out side the U.S.).

If you have any ideas for solid free email services please open an issue to get them added.

[btegs]

You should add Geary, which is free software under the LGPL 2.1: http://www.yorba.org/projects/geary/

[hasufell]

Geary was already discussed. It is not a general purpose mail client and is in a relatively early stage of development. There are tons of things it does not support.

[Zegnat]

This is a call for email services, please discuss email clients – like Geary – elsewhere.

[ralyodio]

What about lavabit.com ? they seem pretty good.

[Zegnat]

Please see #284, Lavabit seemed to do some heavy logging and be unsupportive of anonymity. I don’t think their terms have changed much since then.

I am interested to see where this is going. I haven’t been invited to Riseup yet and would love to see a similar service somewhere.

[ralyodio]

Ok, well something web-based for the non-techies would be good.

[haary]

In #157 openmailbox.org was suggested. It was pointed out, that the interface is available in french only at that time. Now it is available in english as well (click "Langue").

• Unlimited disk space
• Secured connection possible (via STARTTLS) and https Webinterface
• Screenshot of Webinterface at http://www.perseosblog.com/posts/openmailbox-una-alternativa-a-gmail-basada-en-software-libre/
• Privacy statement at https://www.openmailbox.org/cgu.php. It seems that no personal data (real name, address) is required to register.

Another one is mailoo.org. Like openmailbox it runs completely on free software. Website available in english and french (registration is only available at the french page now). Offered protocols are SMTP, POP3, IMAP and their SSL variants. Subscribing is without personal informations. Quota is 1 GB.

[greve]

@chovy

About MyKolab: Yes, it costs money, because data centres and staff to develop and maintain a solution cost money.

A service that claims to be gratis should be treated with extreme caution.

If it is not you, then someone else is putting up the cash. Question is: Why are they doing it and can you rely upon them to continue doing it for the foreseeable future such that you can rely upon the service? There are sometimes well-meaning initiatives by enthusiasts, but these often die with the passion of their founders or get into trouble when the next set of hardware must be purchased - because without your own hardware, you have no access control, meaning you have no security.

As for the rest: If you're not paying for it, you're not the customer, you're the product being sold.

That is why MyKolab has a cost associated and takes great care to make transparent the terms of service and actual, guaranteed privacy users can actually rely upon today and in the future. That said, the business behind it is as hard core Free Software as they come, so money goes into the service and the development of more Free Software, which again improves the service. But we /never/ do proprietary software. Take a look at some of the people involved, or check out the #kolab IRC channel and you'll see why. :)

And the software that comes out of this for the general good is what most other web mail hosting providers use. So anyone using MyKolab is helping an entire ecosystem of Free Software providers. Which was part of the point.

As to the email address for registration: This is used for the password reset mechanism. If you have a better idea on how to do that in a way that does not require excessive manual labour, please let us know.

[ralyodio]

MyKolab may be great, but my real identity will be tied to the payment to them. Not very anonymous.

[greve]

@chovy

We're working to provide more forms of payment, it's just that we had to start somewhere.

Mind if I ask you which would be your preferred way of payment? We'd like to know what people would like to see so we can prioritize developing further payment channels.

[i2000s]

Sorry, guys. Just want to add some conditions for consideration: Is there any safe&open email service provider that combines email, calendar and maybe other services together? Is there any email service provider that can hide meta data in a safe way?

For the first condition (question), I and many other people usually use calendar to send email for reminders. Maybe there are also other combined usages needed. In this case, it is better to find a services provider that can combine the necessary needs together with email service.

For the second condition (question), I am thinking how to avoid leaking our meta data even the communication content is well-hiden. In case NSA or other organizations found the meta data, they can still know whom we are communicating with, even though we use open-source email service.

I personally don't know what satisfies those two extra conditions. Hopefully we can find good solutions!
Qi

[greve]

@i2000s You are right, of course. There is no perfect solution.

FWIW, MyKolab combines Email, Calendar, Address Book, Tasks and Files in one service. So when communicating or collaborating with people within that service, no data is transmitted over the internet. More services will be added. Calendar data is directly transmitted to you over CalDAV/CardDAV or the mobile sync, and thus you do not depend on email reminders - your clients and devices remind you.

So it would seem to fit both conditions as best as I know how to in today's world.

All of this is part of Kolab, as well, so you can get the same by setting up your own server for your group of people. Kolab as a concept is distributed, and the Kolab client can aggregate & integrate an unlimited amount of servers and services into one information picture for you. But that data only comes together on your device.

As it is all fully Open Source, you are free to run with it.

[rev22]

E-mail is the single most important personal service for Internet users, and is often used for critical personal communications and to register to websites.

An ideal solution in my opinion would comprise:

• https web interface
• access through common encrypted protocols, like SMTP and POP3
• adaptive spam filtering
• commitment to privacy (no data retention or logging of traffic)
• commitment to provide long-term services to users
• transparent funding
• only using captcha or other basic intelligence tests to discourage service abuse (instead of monetary fees, or requesting of personal information like cellphone number, real name or documents)

.. all based on Libre software

Useful extra protocols for the open Web:

• OpenPGP
• OpenID
• WebFinger

[ralyodio]

@greve as for payment, i think the obvious choices are PayPal, CreditCard and Bitcoin.
I would only use bitcoin from Tor network to remain truly anonymous. The other two (paypal/cc) I would use for personal use.

[greve]

@chovy PayPal is currently the default option.

The other option would be bank transfer, which can be anonymized at the cost level and only needs to map to a customer id, which has no mapping to the email address/account, so the bank won't know who this is.

Direct acceptance of credit card is not quite so simple, you need a merchant account and a couple of other factors. And then it'll typically put some restrictions on where you can accept them from at least at the beginning. But we're working on that.

Bitcoin might be another option. Because it is not so far spread and seems to have some issues, we have not prioritized that very highly.

[ralyodio]

@greve You can integrate with BitPay. Should be pretty simple, and they convert your BTC to USD right away so you don't play the investing game with your earnings.

[greve]

@chovy Thanks, we'll look into that.

[ghost]

I have updated all the "black" points #157

[nylira]

Lavabit shuts down: https://lavabit.com

This experience has taught me one very important lesson: without congressional action or a strong judicial precedent, I would strongly recommend against anyone trusting their private data to a company with physical ties to the United States.

HN discussion: https://news.ycombinator.com/item?id=6181081

[ralyodio]

It looks like riseup.net is a good one.

[Zegnat]

Riseup seems very good, yes. I haven’t met anyone who could invite me yet so I can’t speak out of personal experience but it looks like some good and trustworthy people back it. Still an American service though, which is something you will have to consider. (It helps that they aren’t an actual company running it.)

If you get into Riseup, go for it.

[ralyodio]

It requires an invite?

[Zegnat]

If you want to get an account immediately, yes. 2 codes even, if I understand the form right. Else you will have to leave a plea and get approved by one of the system operators:

If you do not use the invite method, please tell us about your activism. Do not include acronyms or personally identifiable information. This information will be destroyed as soon as your account is approved.

This is why most of the currently advised services are hard to get into: Riseup needs you to know others who use it, A/I needs you to get approved as well (see below), and MyKolab is pricey for your average freedom fighter.

That’s why I am hoping to see more interesting services come by here on the site. Something like Posteo – for just 1 EUR/month – would be sweet for those of us who do not wish to set-up their own mail servers. And I am constantly on the look-out. Just haven’t found it yet.

---

A/I will have you fill out a form:

Please tell us why you would like to request a service from Autistici/Inventati. We would also like some information about what you would like to do with it (for public services only, of course).

[greve]

@Zegnat FWIW, Freedom Fighters get a special deal on MyKolab.com.

But if you want to actually provide privacy beyond pure marketing claims, there are a couple of decisions involved that drive up the cost of providing the service. Especially if you also want to do right by society at large in terms of the technology you use and the contribution to Free Software you would make when doing this properly.

But then we're always talking in the realm of the value of a pizza or 2 beers or some such in most places.

Question is: Is privacy worth that?

Too many people got too used to offers that seem to be "zero" cost. That has shifted the perception of what one might pay for such services. Only that the cost was never actually zero.

[ralyodio]

Is anyone familiar with any of the providers on this list?

http://dir.yahoo.com/business_and_economy/business_to_business/communications_and_networking/internet_and_world_wide_web/email_providers/secure_and_encrypted_email/

[Parcival09]

@greve
t I've been lookking for you're E-mail service. For 1 year SFR 120.- is quit some money for a private E-mail.
But oke I was willing to pay, and went to the sign-up page. I had to fill in my family name and my E-mail adress and then I just stopped.

I'm a grown man and I do not need you to take care of me, if I loose my password, thats my responsibility. I also did not like that you need my family name.

After the signing-upp, you can give a number, that need to be put on the payment, with the payment details how to pay. And you're administartion throws away that number to the E-mail reference after the payment is received and the E-mail service is running.

I still think SFR 120/year is a lot of money, I only need the E-mail-services. Maybe it is possible to start with just E-mail and upgrade if you need other services you provide. (by upgrading the price rises)

At Lavabit I payd $18/year for 8GB for just the E-mail service.
If you're willing to make the changes and can give me a good offer I'll subcribe.

[greve]

@Parcival09 The service provides a whole lot more than email. And in comparison to similar offers in Switzerland, it's actually quite cheap. But yes, with the Swiss Franc being as overinflated as it is, I understand that Swiss pricing is currently high for the rest of the world. Think of it this way: This is the price of the universal Berlin currency, a Doner Kebap per month, in Geneva.

As to the name & email requirements, these are primarily ways to reduce support overhead.

Because the majority of people want invoices. And their name on them. If they haven't filled them, that's another 10 minutes someone has to spend in support. Multiply by a couple of thousand and you can perhaps see how that might become an issue. Same for password resets, which is the number one support request. Even just in beta period we often had several of them per day. It is commendable that you do not require or desire this level of service and hand holding. But that makes you unusual.

Either way: If you wanted to provide the name of Santa Claus, provide North Pole as your place of residency, and use a discardable email address for the sign-up, the system would still sign you up. We felt that people who did not want to provide this kind of information simply would choose to go down that route.

But yes, it's also been an internal debate. The problem is not trivial though. If someone puts a lot of data into the service and lose their password - which happens surprisingly often - then you need to have some way that is not so easily socially engineered to give them access again. Name & Email establish a certain minimum level that is already pretty low and easily circumvented for those who do not want it.

As to the "smaller" package for service, that is indeed something we should be considering.

It won't reach the same pricing as Lavabit, though, as the US are an extremely low-cost hosting country, while Switzerland is the extreme opposite. Our costs are in Swiss Franc, and so the pricing needs to be. The only way to avoid that would be to move the servers to a different country. But then you'd lose a primary advantage of the service. So Swiss level privacy will always have to come with Swiss level pricing, unfortunately.

[ghost]

No one on Vmail? Is a valid alternative?

[Zegnat]

Re: vmail, I don’t have much time lately so I haven’t done a lot of looking into it but it says on the bottom that they are run by a french student and some of the policies are in french too. If they are hosted in France then I would assume the same laws apply as to openmailbox.org, meaning they will have to give up their encryption keys to law enforcement no questions asked. As such is the French law. Based on that I can’t recommend them.

(Not a lawyer, not a french lawyer, not even in france, and only gave them a cursory look. Just thought I’d point it out. For more discussion on the matter, search for the issues we have had about openmailbox.org.)

[oljnkjhb]

I've just known this thread, so my comment is probably late; but just in case...
Autistici's target is principally people involved in civil rights and liberties movements and people who frequently participate in political debate from that left winged perspective, so they are a clear target for being "preventively" monitorized by State agencies. They also provide blogs, chat and other services that in theory couldn't be shut down arbitrarily nor manipulated by said agencies and intitutions. But you don't need a social hero to be accepted; just write to them in italian, spanish or english and telli that you just want an email account because you participate in software libre forums and use to send and comment political news with your friends and family, like most of the socially conscious people, and don't want to be tracked and included in some huge database about "politically uncomfortable individuals from all the world" in some server under the USA administration even if you aren't an activist at all.
That's all what I did to get the mine one. Never had to explain my political points of view nor prove that I was being sincere. After some days I received a mail teliing me that my account had been created. This was a couple of years ago; nobody ever asked me for a single proof that I were even a sympathizer to what I have said.
But in your case, if you tell them you are one of the Prism Break "crew" I'm sure you will be accepted without any reserve.

Another thing: your opinión about Protonmail is near to a year and a half old. Do you know if things have improved? The fact that people from the CERN and the MIT are its developers makes one to be favorably inclined fro mthe "intellectual" point of view; besides, their selfdestructing mail option makes it very interesting. I knew about selfdetructing notes apps on the web, but didn't know email providers were providing it too (https://protonmail.ch/pages/security-details About the second half of the page).

Cheers.

[pickfire]

riseup.net have good service but the registration seem to be hard.

[codekiddy2]

Hello guys,
I've been searching a lot before deciding to reply here and here are few suggestions/conclusions that I came out with:

According to your comments mykolab seems to be pretty good with privacy and after reading the privacy policy on https://mykolab.com/tos it's obvious that mykolab can give up data to Swiss government due to Swiss law if requested.

I'm not a law-guru but according to http://nomadcapitalist.com/2013/12/15/top-5-best-countries-host-website-data-privacy/
Switzerland is not top country when it comes to privacy, instead Iceland seems to be the best.
So I come up with https://unseen.is/ which claims to protect privacy as well according to https://unseen.is/privacy.html but it also can give up data to government if asked, reason why I think it could be better is that it is completely free unlike mykolab and also because Iceland has more strict privacy laws.
according to website it seems that it's still beta so I don't know how much my statements can be true when it comes to security in general.

Also Iceland is part of NATO while Switzerland isn't which is a minus for unseen since I don't trust countries that are part of the block when it comes to privacy
https://en.wikipedia.org/wiki/Member_states_of_NATO.

BTW fabianlischka (post before mine) noted tutanota.de but I'm not so much sure about germany :/

This is my personal opinion so please don't take it offensive.
I will further investigate about data privacy laws between Iceland and Switzerland only for comparison purposes.

BTW also creating free email accounts based in Switzerland seems to be impossible without giving proofs of residence or additional personal data. that scks.

EDIT:
The http://prxbx.com/email/ website does not list any email providers 😕 do you know why?

[Zegnat]

In basically every country in the world the State could bring your email provider to court and have them forced to hand over your data. This is just as true for Switzerland as Iceland. If you do not want them to have anything to hand over use a solid encryption system like GPG. I do believe that MyKolab does a good job of explaining the swiss legal framework, which Unseen doesn’t seem to do.

I would not put all too much trust in the Nomad Capitalist page. Romania made the list but is actually a country that tried to implement the EU Data Retention Directive. Twice. The Netherlands has been known to have provided information to the US global data collection program, but wins over Switzerland? This seems to be based on hosting companies not taking websites offline rather than evidence of them fighting back against wiretaps. Norway, coming in at number 2, is praised for not being part of the EU. That would be great, were it not for the fact that Norway often copies the EU going as far as implementing the EU Data Retention Directive.

Is Iceland comparable in protection to Switzerland? It could be, just that none of the things you have linked really go into it so I cannot make a good judgement on the matter.

Is Unseen comparable to MyKolab? Maybe. I am definitely seeing some cons. MyKolab specifically runs their whole service on an open-source platform that you could also run yourself. As well as giving you the ability to back-up all your data and move away from them. While I didn't seen any mention about the technology Unseen uses.

One thing that scared me was reading this in the Unseen FAQ:

[…] and premium users can generate and store their own private key.

And free users can’t? Does that mean free users do not get encryption or does Unseen generate their private key for them? The latter is bad. The whole idea of a private key (in public key encryption models) is that the user is the only one with access to it. Storing it on your email provider’s server is equal to not using encryption at all, so their practice may even endager their premium users if that’s what they mean. Extremely bad from a cryptography point of view there.

I will further investigate about data privacy laws between Iceland and Switzerland only for comparison purposes.

Please do! Email is a sore point here as there are so many providers making claims and few of them that can live up to it.

[…] creating free email accounts based in Switzerland seems to be impossible without giving proofs of residence or additional personal data.

MyKolab is not a free provider, but PRISM Break is less about free (gratis) and more about freedom (libre). Some of the free providers that we do recommend limit their users in another way, e.g. for I/A you have to agree to their politically charged manifesto.

The http://prxbx.com/email/ website does not list any email providers 😕 do you know why?

Something seems to be broken on their end, we will have to monitor it and possibly remove our link to them. Too bad, as they were doing a good job sorting through a lot of providers.

[codekiddy2]

Thank you Zegnat for reply...
I spent some time reading unseen FAQ etc.. and would like to quote you on following:

I didn't seen any mention about the technology Unseen uses

According to TERMS OF SERVICE under DESCRIPTION OF SERVICE

Unseen uses encryption technology and software running on custom-designed and custom-built > > platforms controlled by Unseen

next you say:

One thing that scared me was reading this in the Unseen FAQ:

[…] and premium users can generate and store their own private key.

And free users can’t? Does that mean free users do not get encryption or does Unseen generate > their > private key for them? The latter is bad.

Yes this is obviously bad, I created an account with them anyway and after completion was presented with a dialog saying that I will not be able to store my private key on my computer, the point here is that emails get encrypted
Anyway, on their FAQ it says this:

How does it work?

We use a hybrid peer-to-peer and hosted network solution for transmission of encrypted >messages. Messages are encrypted and decrypted by each person sending or receiving a
message. They are never decrypted along the way (we don’t have the key). This is done >automatically and is transparent to the user and our services will appear on the surface to work the >same as the regular free email or chat services.

I do not understand what they mean by "we don't have the key" ? while also limiting local key storege 😕 where is the private key stored then is unknown here ?
but I use PGP anyway (as you suggested earlier) with thunderbird and torbirdy connecting via Tor network to them so their limitation by not giving me the right to actually store my private key locally makes no real world sense 😕

MyKolab is not a free provider, but PRISM Break is less about free (gratis) and more about > freedom (libre). Some of the free providers that we do recommend limit their users in another way, > e.g. for I/A you have to agree to their politically charged manifesto.

Yes I absolutely understand that, obviously unseen.is has choose to limit their "free" users by not giving the right to store private keys locally unless you pay :D

I don't know but at least the service is free, and each email transport indeed is encrypted.
The keys are generated manually via web form (even free users can do it).
I don't see why would that be a limitation because you either pay them for local private key storage or use PGP with free version of service.

EDIT:
I have made a test with these keys...
Here is a screenshot of key manager presented in browser after logging in:
obviously one can generate, import and export it's own keys with free account:

They even provide their own email client so that same keys can be used within, or using the keys with 3rd party client once exported. (or using GPG to ensure private key is your own, and not the one generated in the browser, and then importing via browser or using from the client such as thunderbird)

I think Unseen deserves further attention by you guys so that clear conclusion can be made without false judgement.

As for laws by country I come out with a website that makes easy to compare countries by data protection laws:
http://dlapiperdataprotection.com/#handbook/world-map-section/c1_IS/c2_CH

It's easy to spot if something is (possibly) outdated and in this case (Swiss and Iceland) one can get particular updates from these two sites:
ICELAND: http://www.personuvernd.is/information-in-english/greinar/nr/438
SWITZERLAND: http://www.dataprotection.eu/pmwiki/pmwiki.php?n=Main.CH

From what I gathered Iceland is pushing to be number 1, problem is that there is a lot to read lol :)

[Zegnat]

Did you see any mention of the technology used to store the private key? Because that sounds like a really, really bad thing to be doing…

[codekiddy2]

Zegant,
You are correct, they keep it all secret, I found Why you should stay away from Unseen.is that elaborates unseen.is from security aspect more closely.
Thank you a lot!

BTW The http://prxbx.com/email/ works again 😄

[ghost]

http://prxbx.com/email down again

[pickfire]

What make it down?

[kevinSuttle]

How has Fastmail.fm not been mentioned?
https://blog.fastmail.com/2013/08/09/fastmail-uses-perfect-forward-secrecy-with-httpstls-connections/

[kevinSuttle]

Ah, I meant here: https://prism-break.org/en/subcategories/os-x-email-accounts

[ghost]

@kevinSuttle are you dense? The page I linked has over 20 providers, why would they list them all on the main page?

prxbx.com/email

[kevinSuttle]

Who said all of them? And watch your mouth. No need for that.

[ghost]

@kevinSuttle sorry, but no. You are being an idiot. The page here:

prism-break.org/en/all#email-accounts

is layed out exactly as it should be. It has a few prime examples, followed by
this link and text:

For more email providers, take a look at prxbx.com/email

Also if you notice carefully, the first link I put has this text:

Free Recommendations

According to the second link Fastmail is not free, so suggesting it for that
page is absurd. Go away.

[kevinSuttle]

People like you give open source a bad name. Good luck being a sad little child.

[pickfire]

@kevinSuttle, @svnpenn: i'm going to need you to retard your anger level a few notches

[ralyodio]

I read that as I'm going to need you to retard your angel level... and was confused. Carry on :)

[ghost]

Hey @kevinSuttle, fuck yourself!

[vyp]

@kevinSuttle Fastmail is mentioned on http://prxbx.com/email/ though (which is mentioned at https://prism-break.org/en/subcategories/os-x-email-accounts/). I suspect it's not recommended on prism break directly because (some) of its servers are located in the US. That isn't necessarily a bad thing, but in practice it means that they're much more easily susceptible to being compromised by the US government. (i.e. See what happened to Lavabit.) I am surprised though to see no other mention of Fastmail on prism break's issue tracker, you're right!

[Zegnat]

Email itself is a pretty broken system from a privacy point of view. Too much metadata, too much data travelling in the clear. PRISM Break realises that people cannot go without email just yet, but we would rather not expand the current section.

1. Riseup and A/I are on there not because of their server locations but because of their history fighting for their users. Very few other email providers can claim the same long history of offering activists a way out. This is why these two are included over other providers.
2. Kolab Now is included partly because of their location (they really thought about their options and their website clearly states their do’s/don’t concerning the Swiss law) and partly because they use FOSS software. They even make it easy for you to migrate away from them into your own Kolab installation. And PRISM Break already recommends Kolab.

Linking to http://www.prxbx.com/email/ is a way to give people more choices, and inform them about those choices, without inflating the contents of PRISM Break.

If you know an email provider with either a history supporting activists (like Riseup) or with a set-up for privacy and open-source software (like Kolab Now) then please open a new issue specifically for that service. Otherwise you can assume PRISM Break is not actually the right place for it.

I am closing and locking this issue to stop people from dragging it up again.