dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
36
share rss forum feed


Frydays

join:2005-10-21
South Padre Island, TX
reply to KodiacZiller

Re: top 5 safest and most secure email providers ?

so secure not even the fbi can read my stuff


KodiacZiller
Premium
join:2008-09-04
73368
kudos:2

1 edit
said by Frydays:

so secure not even the fbi can read my stuff
That is not the e-mail provider's job. That is your job. You need to encrypt your e-mails using PGP if you want to "stop the FBI from reading" your messages. Your contacts will all have to use PGP too, of course. I use an open-source version of PGP called GnuPG and encrypt my e-mails occasionally (depending on the contact).

As far as the e-mail provider, it doesn't much matter. Gmail is as good as any as far as I am concerned. Their spam filters are top notch.
--
Getting people to stop using windows is more or less the same as trying to get people to stop smoking tobacco products. They dont want to change; they are happy with slowly dying inside. -- munky99999


caffeinator
Coming soon to a cup near you..
Premium
join:2005-01-16
WA, USA
kudos:4

1 edit

1 recommendation

+1

I've heard hushmail is pretty good, but these days, most ANY provider is susceptible to a warrant or a nat'l security type letter. Just look at the recent takedowns...

Maybe OP needs to go live in Finland?
--

My 9/11 Tribute..online since 9/14/01
Need an Avatar? Check out Wafen's Avatar Pages


Frydays

join:2005-10-21
South Padre Island, TX
ok some of you read what i said an went somewhere else with it ok heres what i need from a email provider

1.good almost perfect spam filter
2. ability to block emails from ever 1 on the net or something close to it
3. cheap if i have to pay

good security so i can get the receips from stuff i buy online an bank stuff u know secure enough that no 1 can get in an steal my credit card numbers or personal info


chrisretusn
Retired
Premium
join:2007-08-13
Philippines
kudos:1
Reviews:
·PLDT
·Comcast
said by Frydays:

good security so i can get the receips from stuff i buy online an bank stuff u know secure enough that no 1 can get in an steal my credit card numbers or personal info
Never send credit card information via email. Receipts that are sent out after an on-line purchase do not contain complete CC number only partial. If there are sending you receipts with full information then stop doing business with them.
--
Chris
Living in Paradise!!


JohnInSJ
Premium
join:2003-09-22
Aptos, CA

2 recommendations

reply to Frydays
said by Frydays:

so secure not even the fbi can read my stuff
I'd worry more about the NSA.

Run your own email server, locally hosted (like, in your house) and then the FBI will need to knock down your door, er, show you the warrant before they confiscate your server and read your mail.

Of course, your email is sent all over the place, and unless you encrypt it (as others point out) then it doesn't matter where it's stored as anyone can read the packets if they have access to the pipes. Access to the pipes is easy.

Oh, and be sure to tell everyone who sends you email to encrypt their email too.
--
My place : »www.schettino.us


Mchart
First There.

join:2004-01-21
Kaneohe, HI

1 edit

1 recommendation

NSA (Or any DoD agency for that matter) is bound by the law to not touch *anything* that has to do with any 'five eyes' citizens. The caveat to that is unless it has been legally deemed that said person is a threat to said national entities.

So while the NSA may or may not have the capabilities to crack your stuff - They can't. On top of that, i'm fairly certain they have bigger fish to fry.
--
THIS IS SPENCER. MISSION ACCOMPLISHED - I HAVE JOE. RETURNING TO BASE.


caffeinator
Coming soon to a cup near you..
Premium
join:2005-01-16
WA, USA
kudos:4

3 edits
reply to Frydays
said by Frydays:

ok some of you read what i said an went somewhere else with it ok heres what i need from a email provider

1.good almost perfect spam filter
2. ability to block emails from ever 1 on the net or something close to it
3. cheap if i have to pay

good security so i can get the receips from stuff i buy online an bank stuff u know secure enough that no 1 can get in an steal my credit card numbers or personal info
I have my own domain with a very good host located in a top-tier datacenter. I create my own accounts, and use my own choice of mail scripts on my own server. All SSL, no .JS allowed.

I also have custom SpamAssassin rules, use DomainKeys, SPF Records, and the host uses Enterprise-Level Filtering Hardware.

It's good enough for normal email. If I need be I can send encrypted as well using my own 256 bit AES (1024 bit RSA/SHA) SSL cert. I don't need much more.

I could use GnuPGP....but considering I don't know anyone who'd know how to receive that sort of mail...it's kinda useless.

I haven't even used an email client on a computer since about 2007. No worries here.
--

My 9/11 Tribute..online since 9/14/01
Need an Avatar? Check out Wafen's Avatar Pages


JohnInSJ
Premium
join:2003-09-22
Aptos, CA
reply to Mchart
said by Mchart:

So while the NSA may or may not have the capabilities to crack your stuff - They can't. On top of that, i'm fairly certain they have bigger fish to fry.
I know - I have several friends there. It was a joke, of sorts. As in, why are you worrying about the FBI reading your email? They either don't care, or there isn't a damn thing you can do to prevent them from reading your email.

I believe if they wish to read your email, they can offer you the choice of decrypting it for them, or going to jail for refusing to decrypt. But then again, I am not a lawyer, I'm only going on what I read via google "compelled to decrypt"
--
My place : »www.schettino.us


KodiacZiller
Premium
join:2008-09-04
73368
kudos:2
reply to Mchart
said by Mchart:

NSA (Or any DoD agency for that matter) is bound by the law to not touch *anything* that has to do with any 'five eyes' citizens. The caveat to that is unless it has been legally deemed that said person is a threat to said national entities.

So while the NSA may or may not have the capabilities to crack your stuff - They can't. On top of that, i'm fairly certain they have bigger fish to fry.
There is controversy within the crypto community about what NSA can do. There's not much doubt they are several years ahead of the "rest of us" where cryptanalysis is concerned, but most expert cryptologists do not believe they can crack algorithms like RSA or AES. However, they can launch massive dictionary attacks, but that's easy to defend against (but most people probably don't since people tend to be lazy).

But you make a good point; whatever NSA's capabilities, it's highly unlikely that they would get involved in the first place, even if one were running a major criminal enterprise. They simply don't deal with anything that's not a threat to national security. We already know the FBI cannot break the public ciphers like RSA/AES since several past cases have illustrated their helplessness with cracking PGP and other crypto standards.

To the OP: the bottom line here is that it doesn't matter what e-mail provider you use if your data is not being encrypted end-to-end. I have explained why this is and how to do it in my previous posts. Don't rely on providers like Hushmail since they aren't well vetted.
--
Getting people to stop using windows is more or less the same as trying to get people to stop smoking tobacco products. They dont want to change; they are happy with slowly dying inside. -- munky99999

DrGunn

join:2010-07-16
San Diego, CA
reply to Frydays
Just use Gmail. Seriously. It's free, the spamfilter can't be beat, and they use » for all connections.


chrisretusn
Retired
Premium
join:2007-08-13
Philippines
kudos:1
Reviews:
·PLDT
·Comcast
said by DrGunn:

Just use Gmail. Seriously. It's free, the spamfilter can't be beat, and they use » for all connections.
https only make the connection between you can Gmail secure.
--
Chris
Living in Paradise!!

Bashy

join:2009-05-20
Arlington, VA
reply to Frydays
Frydays, as caffeinator said, try hushmail www.hushmail.com. Been using Hushmail for years. As to your points, here is what my experience with them has been:

1)I have never gotten a piece of spam. Ever.
2)You can block anyone, (never had to because no-one ever spammed me).
3)$39.99/yr for a 1 gigabyte email box, (I have never gotten past 1 half of a gigabyte, I just erase stuff I don't want to keep).

But the best thing in my opinion is this simple feature: if someone hacks into your account, they will get absolutely nothing. Your emails will look like a bunch of random numbers and letters. That is what encryption does. Hushmail encrypts your stuff on their servers so no one can get any of your emails. When you log into your account and supply the correct user name and password, it 'decrypts' your emails back into English. So you can keep your receipts right in your email box without any worry. If you never give your password to anyone, your emails stay private and un-hackable, simple as that.

Hushmail does have one more 'spy' feature that I have never used, but it's worth mentioning. You can encrypt individual emails. That means that you can call someone or communicate with them in some way other than email and give them a password that will allow that person, and only that person with the password, to open that email. If anyone else tries to open it, the email will look like random letters and numbers. The only reason I mention it at all is because Hushmail asks you every damn time you send an email if you want to encrypt it.

I got Hushmail for the same reasons as you mentioned in your post. I don't care about all the super spy stuff they offer, I just want to know that the hackers can't get my emails with my receipts in it. Yahoo, Gmail, they get hacked sometimes and the people that get compromised, well, their emails can be read, not a good thing. They can't get ever get your emails if you use Hushmail. All of this is only works if you never give your email password to anyone, but you knew that already, right. ;D

The best thing is you can try Hushmail for free. Go there and sign up for a free email account and you can see if you like it or not, (the free email box is like 25 MB, quite teeny). When I decided to join, I wanted to make my password kind of secure, so I used a long password. You should use a long password too. Just combine 2 or 3 passwords you know and make a 16, 17, 24-character password, whatever, you'll get used to it fast.

Last thing. Hushmail is no good if your PC has a virus or a rootkit on it. Me, I have Deep Freeze on my PC to prevent that, but that is another story

»www.faronics.com/en/Products/Dee···ate.aspx


Smokey Bear
veritas odium parit
Premium
join:2008-03-15
Annie's Pub
kudos:4
said by Bashy:

Last thing. Hushmail is no good if your PC has a virus or a rootkit on it.
+ no good when you need POP and/or IMAP. Free hushmail customers are excluded from POP/IMAP.
--
Smokey's Security Forums »www.smokey-services.eu/forums/
~ Treat other people the way you would have them treat you; be honest and ethical ~
*Member AQMRB - Alliance of Qualified Malware Removal Boards*


anon8990

@shawcable.net
reply to Bashy
You forgot to mention that they also have a backdoor built-in


chrisretusn
Retired
Premium
join:2007-08-13
Philippines
kudos:1
said by anon8990 :

You forgot to mention that they also have a backdoor built-in
Can you back that up with references?
--
Chris
Living in Paradise!!


rcdailey
Dragoonfly
Premium
join:2005-03-29
Rialto, CA

1 edit
said by chrisretusn:

said by anon8990 :

You forgot to mention that they also have a backdoor built-in
Can you back that up with references?
Here's a story from three years ago:

»www.wired.com/threatlevel/2007/1···iouspost

Whole lot of hyphens in that link, I see.

Another story from a couple of years ago:

»www.theregister.co.uk/2008/08/04···rumours/

I don't know that it's fair to say this is a back door. It's more like saying that the concierge will cooperate with the cops.

--
Human nature abhors an empty closet.


chrisretusn
Retired
Premium
join:2007-08-13
Philippines
kudos:1
Reviews:
·PLDT
·Comcast
said by rcdailey:

I don't know that it's fair to say this is a back door. It's more like saying that the concierge will cooperate with the cops.
Agree, a court order is not exactly a back door. Any service can be subject to court orders.

Thanks for the links.
--
Chris
Living in Paradise!!


anon8990

@shawcable.net
that's not the point. The point is that your info is not "secure" with hushmail like they say it is! If it is secure, there's no info to give to the cops!


chrisretusn
Retired
Premium
join:2007-08-13
Philippines
kudos:1
Reviews:
·PLDT
·Comcast

1 edit
said by anon8990 :

that's not the point. The point is that your info is not "secure" with hushmail like they say it is! If it is secure, there's no info to give to the cops!
You did not make that point in your post.

said by anon8990 :

You forgot to mention that they also have a backdoor built-in
You stated they have a back door, I asked for some verification of that. You provided nothing to backup that statement.

Hushmail does not promise to keep you from the cops. It does not promise that your data is 100% secure. Perhaps they did so in the past as implied in the articles referenced in rcdailey See Profile's post: »Re: top 5 safest and most secure email providers ? but I see no similar promises today.
quote:
The Limitations of Hushmail

Hushmail is the most secure webmail service on the Internet, but it is not a 100% solution for all of your security needs. There are some things that Hushmail cannot do.

Hushmail does not put you above the law

We are committed to the privacy of our users, and will absolutely not release user data without an order that is legally enforceable under the laws of British Columbia, Canada, which is the jurisdiction where our servers are located. In addition, we require that any such order refer specifically to the account for which data is required. However, if we do receive such an order, we are required to do everything in our power to comply with the law. Hushmail will not accept an order from any authority or investigative agency that is not enforceable under the laws of British Columbia, Canada. Other authorities must apply to the Canadian government through an appropriate Mutual Legal Assistance Treaty and request that the Canadian government obtain an order that is legally enforceable in British Columbia, Canada.

But I thought the data was always encrypted

When one Hushmail user sends an email to another Hushmail user, the body and attachments of that email are kept on our server in encrypted form, and under normal circumstances, we would have no access to that data. We can’t just pick an arbitrary encrypted email message off the server and read it. However, since Hushmail is a web-based service, the software that performs the encryption either resides on or is delivered by our servers. That means that there is no guarantee that we will not be compelled, under an order enforceable under the laws of British Columbia, Canada, to treat a user named in an order differently, and compromise that user’s privacy.
Source: »www.hushmail.com/about/technology/security/

Bottom line if you want secure email, encrypt it your self using PGP or GnuPG. Even that is not 100% secure under a court order.

--
Chris
Living in Paradise!!


Dustyn
Premium
join:2003-02-26
Ontario, CAN
kudos:11
reply to Frydays
said by Frydays:

so secure not even the fbi can read my stuff
What??
What on earth do you have need for such an account for?
My guess would be since you don't want the FBI to be able to gain access to it... something illegal.
Some form of terrorist activity perhaps?

Mele20
Premium
join:2001-06-05
Hilo, HI
kudos:5
Why would you think that only someone doing something illegal would want privacy? I don't want the FBI reading my mail and I'm not doing anything illegal.
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson

OZO
Premium
join:2003-01-17
kudos:2
reply to Dustyn
said by Dustyn:

said by Frydays:

so secure not even the fbi can read my stuff
What??
What on earth do you have need for such an account for?
My guess would be since you don't want the FBI to be able to gain access to it... something illegal.
Some form of terrorist activity perhaps?
What??
You mean - if you don't want FBI to read your correspondence - you're a terrorist?

Nice try...

Dustyn See Profile, if you want to be a part of sheeple - please be it, but don't force others to follow. Not everyone wants to live in totalitarian regime, where, so called, authorities have full control over what you do and what you think...
--
Keep it simple, it'll become complex by itself...


Dustyn
Premium
join:2003-02-26
Ontario, CAN
kudos:11

3 edits
said by OZO:

said by Dustyn:

said by Frydays:

so secure not even the fbi can read my stuff
What??
What on earth do you have need for such an account for?
My guess would be since you don't want the FBI to be able to gain access to it... something illegal.
Some form of terrorist activity perhaps?
What??
You mean - if you don't want FBI to read your correspondence - you're a terrorist?

Nice try...

Dustyn See Profile, if you want to be a part of sheeple - please be it, but don't force others to follow. Not everyone wants to live in totalitarian regime, where, so called, authorities have full control over what you do and what you think...
Woah talk about a clear OVER reaction to a joke.... *phff* americans... Thanks for including a rather useless Wiki link which I won't be clicking on. The OP has not indicated what he/she is needing 100% secure protection from even the FBI being able to read these e-mails. If the user is needing such protection they'd be better of not using e-mail at all.