Lavabit.com and Tormail Email Alternatives...

[cryptasm]

It sounds like it will be the best choice for private email available. I know StartPage is highly recommended for internet searches as it uses the google search engine but without all the tracking.

Not sure where they will be based out of - I highly doubt it will be the US as that would defeat the whole purpose.

Ixquick is UK based ...

Ixquick is based in New York and the Netherlands

[r.schulz]

https://www.penango.com/ is an option to have end-to-end encryption with gmail webmail. Not FOSS.

[rumbitla]

https://www.penango.com/ is an option to have end-to-end encryption with gmail webmail. Not FOSS.

They are an American company.

Did you read the small print?

It reads:

We will disclose information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary to respond to claims and legal process, to protect the property and rights of Penango, to protect the safety of the public or any person, or to prevent or stop activity that we consider to be illegal or legally actionable.

NSA has full access to them.

[rumbitla]

Made in Switzerland: https://www.neomailbox.com/services/secure-email


    High strength SSL encryption
    IMAP, SMTP, POP3 and Webmail
    Multi-level spam and virus protection
    Unlimited disposable email addresses
    OpenPGP encryption, digital signatures
    IP hiding for enhanced privacy
    RSS feeds delivered via email
    Hosted in Switzerland


We have been increasingly concerned about the alarming erosion of online privacy rights in the USA over the past decade that we've offered Secure Email services hosted in the USA.

To offer our customers an alternative to hosting their email in the USA, in 2004 we began offering Offshore Secure Email service hosted in The Netherlands, and in 2010 we moved all Offshore Secure Email accounts to servers hosted in Switzerland, which affords some of the strongest legal privacy protections for customer email messages stored on our servers.

[tiptopgemdotcom]

Made in Switzerland: https://www.neomailbox.com/services/secure-email


    High strength SSL encryption
    IMAP, SMTP, POP3 and Webmail
    Multi-level spam and virus protection
    Unlimited disposable email addresses
    OpenPGP encryption, digital signatures
    IP hiding for enhanced privacy
    RSS feeds delivered via email
    Hosted in Switzerland


We have been increasingly concerned about the alarming erosion of online privacy rights in the USA over the past decade that we've offered Secure Email services hosted in the USA.

To offer our customers an alternative to hosting their email in the USA, in 2004 we began offering Offshore Secure Email service hosted in The Netherlands, and in 2010 we moved all Offshore Secure Email accounts to servers hosted in Switzerland, which affords some of the strongest legal privacy protections for customer email messages stored on our servers.

Yeah, that is all nice- but you don't offer an option to pay in BITCOIN?  Are you an Amish-owned company?

[TiagoTiago]

One of the problems with switching to new or small email companies is it is much less likely they will still be around in the future; for many people nowadays if they loose their email address, they are locked out of huge chunks of their online life.

[z0rd]

I still prefer end-to-end encryption. There are some decent clients for GPG or PGP, we just need to get more people using them.

...and yet people still scramble for 'convenience' or whatever reason they want the next big thing.

GPG was released 14 years ago!

rightclick -> encrypt -> pick your recipient -> enter passphrase.
I still don't understand what's so hard about it - and you can use what ever network* you like.

Correct me if I'm wrong but if you want to send an encrypted mail to person A, your have to use A's pubkey. How do you encrypt all your mail if not all of your correspondent have setup their pubkey/privkey  GPG system?

[ANX_Service]

There are indeed limited options when it comes to ensuring your email is indeed secure and yet it also providing the availability, reliability and feature set of an enterprise grade email offering.  These offerings are usually provided by one of the big four and furthermore also hosted in an unfriendly jurisdiction whereby your email is already likely being analysed and you're being profiled for the purpose of improving their advertising mediums.

You can attempt to do this yourself but it is expensive to set-up and expensive to maintain.  I'm sure people will respond reminding me of the $3.95 per month hosting plans but these almost always fall into one of the three following categories:

 - Shared or virtual servers. i.e. no longer secure
 - Hosted in an unfriendly jurisdiction. i.e. no longer safe, or secure
 - Do not provide the availability or resiliency that email requires. i.e. no longer reliable

I do look on with interest as to some of the upcoming developments others have posted on this thread.  I welcome anything that helps our emails stay the way they were originally intended...private.

[RapidCoinz]

Has anyone used 'safe-mail.net' ??

[HeroC]

I assume someone has already mentioned bitmessage.org (even though it's not email) it could replace email someday as a secure alternative.

Unless it becomes possible to send and receive messages to non-bitmessage users I highly doubt it will gain much acceptance. There's too much network effect to overcome.

It is already possible to configure Thunderbird mail client to route mail through the bitmessage network ... it will become just another protocol layer option like POP, IMAP, SMTP, etc.

Is there a tutorial? If so, I would love to do this.

[The 4ner]

Made in Switzerland: https://www.neomailbox.com/services/secure-email


    High strength SSL encryption
    IMAP, SMTP, POP3 and Webmail
    Multi-level spam and virus protection
    Unlimited disposable email addresses
    OpenPGP encryption, digital signatures
    IP hiding for enhanced privacy
    RSS feeds delivered via email
    Hosted in Switzerland


We have been increasingly concerned about the alarming erosion of online privacy rights in the USA over the past decade that we've offered Secure Email services hosted in the USA.

To offer our customers an alternative to hosting their email in the USA, in 2004 we began offering Offshore Secure Email service hosted in The Netherlands, and in 2010 we moved all Offshore Secure Email accounts to servers hosted in Switzerland, which affords some of the strongest legal privacy protections for customer email messages stored on our servers.

Too pricy. Lavabit's service was extremely secure and had a few extra features and all I had to pay was $8 or $16 a year. Thanks a lot Snowden!  LOL!

[joesmoe2012]

I wish we had something where the encryption of one messages didn't use the same keys as the encryption of the previous message. So if at some point in time, one of my PGP priv keys is obtained somehow, all my mail isn't then readable.

This is my biggest issue with PGP.

I'm watching bitmessage with interest, but no osx client yet ?

[The 4ner]

I wish we had something where the encryption of one messages didn't use the same keys as the encryption of the previous message. So if at some point in time, one of my PGP priv keys is obtained somehow, all my mail isn't then readable.

This is my biggest issue with PGP.

I'm watching bitmessage with interest, but no osx client yet ?

There not being support for OSX is a downer, but we can always install Windows on OSX just for Bitmessage

[joesmoe2012]

I wish we had something where the encryption of one messages didn't use the same keys as the encryption of the previous message. So if at some point in time, one of my PGP priv keys is obtained somehow, all my mail isn't then readable.

This is my biggest issue with PGP.

I'm watching bitmessage with interest, but no osx client yet ?

There not being support for OSX is a downer, but we can always install Windows on OSX just for Bitmessage

No thanks

I'm currently running it on a free level AWS EC2 instance, just remote in whenever i want to check my messages...though this probably eliminates any real sense of security.

[btchip]

https://www.penango.com/ is an option to have end-to-end encryption with gmail webmail. Not FOSS.

I'd suggest http://www.mailvelope.com/ which is open source and provides OpenGPG integration for multiple webmails

[rumbitla]

Has anyone used 'safe-mail.net' ??

Firstly, the company that provides Internet services for hosting the Safe-mail.net system is Barak.net.il, based on our review of the domain registration for Safe-mail.net. Barak.net.il is one of three companies with a license from the Israeli government for providing similar Internet services, according to the English-language version of their web site, as we understand it. Perhaps it is merely a coincidence that Ehud Barak was once head of the Israeli Defense Forces intelligence branch.

Secondly, Safe-mail.net makes the usual disclosure that they may disclose your account activity, stored e-mails, and other information upon court order or law enforcement request. They make the unusual variation of this disclosure by stating that they may disclose these things whenever it is in their interest to do so. This vague contract clause should scare anyone who thinks about it even briefly. Given that Barak.net.il is licensed by the Israeli government, it would seem quite likely that the Israeli government could command that the data from all Safe-mail.net accounts be provided to the government.

Thirdly, we found no details about the encryption algorithms used to provide for security with Safe-mail.net. An investigation of Israeli law suggests that there is a mandate that encryption have back doors or key escrow for use by Israeli authorities.

[idev]

ByteMail

ByteMail is a decentralized, P2P, communication protocol for sending messages over a secure connection on the internet. ByteMail was created in order to provide people with a way to send messages without worrying about a third party intercepting and reading these messages. ByteMail ships with a webUI as well as a command-line UI.

If you are a developer and would like to contribute to the ByteMail project, check out the project on Github here: http://github.com/ByteMail

Official project home: bytemailproject.org

[threeip]

Correct me if I'm wrong but if you want to send an encrypted mail to person A, your have to use A's pubkey. How do you encrypt all your mail if not all of your correspondent have setup their pubkey/privkey  GPG system?

It would be like calling someone who doesn't have a telephone. The solution? Encourage or force them to get one, or buy one for them and show them how to set it up.

[jedunnigan]

Has anyone used 'safe-mail.net' ??

Firstly, the company that provides Internet services for hosting the Safe-mail.net system is Barak.net.il, based on our review of the domain registration for Safe-mail.net. Barak.net.il is one of three companies with a license from the Israeli government for providing similar Internet services, according to the English-language version of their web site, as we understand it. Perhaps it is merely a coincidence that Ehud Barak was once head of the Israeli Defense Forces intelligence branch.

Secondly, Safe-mail.net makes the usual disclosure that they may disclose your account activity, stored e-mails, and other information upon court order or law enforcement request. They make the unusual variation of this disclosure by stating that they may disclose these things whenever it is in their interest to do so. This vague contract clause should scare anyone who thinks about it even briefly. Given that Barak.net.il is licensed by the Israeli government, it would seem quite likely that the Israeli government could command that the data from all Safe-mail.net accounts be provided to the government.

Thirdly, we found no details about the encryption algorithms used to provide for security with Safe-mail.net. An investigation of Israeli law suggests that there is a mandate that encryption have back doors or key escrow for use by Israeli authorities.

Like Hushmail, safe-mail has a backdoor into their backend for LE. I know this for a fact, don't ask for sources

[threeip]

Like Hushmail, safe-mail has a backdoor into their backend for LE. I know this for a fact, don't ask for sources

Here's a source, also note this was a Canadian court and five years ago;

Hushmail, a longtime provider of encrypted web-based email, markets itself by saying that "not even a Hushmail employee with access to our servers can read your encrypted e-mail, since each message is uniquely encoded before it leaves your computer."

But it turns out that statement seems not to apply to individuals targeted by government agencies that are able to convince a Canadian court to serve a court order on the company.

http://www.wired.com/threatlevel/2007/11/encrypted-e-mai/