patrick.net

I've got my own domain and email server.

I only use gmail to register for things I'm not too thrilled about having to register for.

My gmail is just a cesspool of spam. I never use it. Google has virtually no idea who I am.
They think I'm a guy that never checks his email. I've got to end up on the purge list eventually.
Unless Google really is evil and would sell dead names to list rentals.

i also have my own domain and email server, but most people aren't going to go to the trouble.

and do you encrypt your email on your server somehow? seems like a lot of work.

I'm still on Network solutions they give you a dashboard.

I hate NS but it seems unless I got about 5 times more than I'm paying or willing to take 5 times less than I'm getting.
Without getting my own rackspace and running my own it's still the best thing going.

And just slapping a rack in your house and getting a dedicated static IP is getting almost impossible with the Bell and Cable cabal.

The price for me doing it this way has increased considerably every year for the last 5.
I keep having this call where I threaten to leave, but then can't find a cheaper space or get a static IP, let alone an internet connection that is dependable.

I would say my AT&T connection that I just got rid of, supposed to be Uverse never got above a 62% SLA. They dumped me, because the crappy service they were giving me, was skewing their corporate SLA reports.
Now I've got Comcast and already they are starting with the overage warnings my Grandson clicked on an mp3 and we got anti piracy warnings. He's 8 he doesn't have pirating software on his tablet, he Googled a couple songs and the mp3 links showed up in the results.

Let's make the Internet Great again!

Neat

Any idea how these guys are making money on the system? Seems like it would be a large expense to serve lots of people. Unless I'm missing something, either they are going to advertise or charge. I didn't see anything about that on their site.

Ironman says

Also, why so many business people and businesses use a free Gmail email for important business communications is beyond me. Talk about dumb.

That is the dumbest shit I still don't understand.
I'm not doing business with one of them anymore. Yet there they are in my G+ page that I keep trying to get rid of.
Krapland College has the shittiest IT Idiots in the corporate world.

Ironman says

Also, why so many business people and businesses use a free Gmail email for important business communications is beyond me. Talk about dumb.

corporate gmail is not free, but it is pretty cheap.

you right that it's really dumb though. of course google employees and the fbi spy on emails. they can, so they do. that's all there is to it.

http://www.wired.com/2010/09/google-spy/
http://www.wired.com/2013/03/google-nsl-range/

What I hate is these companies say... "We're a Google Company"
Then you're forced to participate, Sharing files on Google Drive is a crapy way to deal with a company, or forced to use Google hangouts for meetings.
But the drive thing was stupid, because you commit to verbage in a contract, that references a Google drive shared file. But that file can update anytime.

Now I'll agree on files sent directly to me. I'll talk about the copy I have now on my drive.

Any discussion later about content not in that file when it was emailed to me, and there's no email to discuss the content addition. Then I wont be resonsible for it.
Google Drive is a trap, you can't commit to a file that can update at anytime.

I hear "We're a Google company" now and I walk.

I'd never believe this no matter who was saying it.
In all cases all you have is their 'word'...
Private server that you control is the only way to go.

Patrick says

They store your email in encrypted format on their servers and don't have the ability to read it even if they wanted to.

Patrick says

Dump Gmail and get real privacy with Protonmail in Switzerland

I've heard clintonmail is really good, too.

Patrick says

I love it! They store your email in encrypted format on their servers and don't have the ability to read it even if they wanted to.

Yeah, but it is still sent unencrypted to the recipient. Kind of defeats the purpose when our government and various others are simply wiretapping and recording all traffic.

I was expecting some kind of public-private key encryption like the kind we nerds used to use back in the 1990s and earlier to send encrypted email to each other -- you know, for fun because no one was listening back then. Now an email system that sent only encrypted email and did it in a way that was easy for grandma to use would be a real game changer, but ProtonMail is not that.

Such a system would also have to generate keys on the fly so that each email is encrypted with a different public key. This would make cracking every single email an independent task. Even the NSA doesn't have that kind of computing power. They would have to actually focus their efforts on terrorists and not the rest of us. As such, our society would probably be safer as well.

Dan8267 says

Yeah, but it is still sent unencrypted to the recipient. Kind of defeats the purpose when our government and various others are simply wiretapping and recording all traffic.

An email sent from one ProtonMail account to another is automatically encrypted with the public key of the recipient. Once encrypted, only the private key of the recipient can decrypt the email. When the recipient logs in, their mailbox password decrypts their private key and unlocks their inbox. Emails sent from ProtonMail to non-ProtonMail email addresses may be sent with or without encryption. With encryption, the email is encrypted with AES under a user-supplied password and then stored on ProtonMail's servers. The recipient receives a link to the ProtonMail website on which they can enter the password and read the decrypted email. ProtonMail assumes that the sender and the recipient have exchanged this password through a back channel.[15]

https://en.wikipedia.org/wiki/ProtonMail

rando says

An email sent from one ProtonMail account to another is automatically encrypted with the public key of the recipient. Once encrypted, only the private key of the recipient can decrypt the email.

That's good, but not good enough. It allows for security on in the case of sending email to another ProtonMail user, not to people in general.

rando says

When the recipient logs in, their mailbox password decrypts their private key and unlocks their inbox.

Yes, that's what I figured, but it's not a very good security system. Your entire mailbox is encrypted with a single private key, so only one key needs to be cracked with a brute-force mechanism. Furthermore, the private key is only as secure as you mailbox password, so a brute-force attack only needs to be applied to the possible combinations of passwords rather than the possible combinations of a private key.

A short mailbox password would be devastating.

I like the idea of ProtonMail, but the implementation needs refinement.

rando says

With encryption, the email is encrypted with AES under a user-supplied password and then stored on ProtonMail's servers. The recipient receives a link to the ProtonMail website on which they can enter the password and read the decrypted email. ProtonMail assumes that the sender and the recipient have exchanged this password through a back channel.

That's better, but it's not grandma-proof. Encryption has to be easy and fool-proof for the general population to use it properly.

So how many Proton non-proton emails are actually used encrypted?

It would be great if one day everybody uses Proton. Not much in the meantime.

Tenpoundbass says

my Grandson clicked on an mp3 and we got anti piracy warnings.

Use a VPN. I stopped getting notices from ATT after I started running all my BitTorrent traffic through one. I know your IP can still leak, but it's an improvement. TOR is also a good privacy option.

Dan8267 says

Yeah, but it is still sent unencrypted to the recipient.

I think that's really outside the scope of the email provider. If you want send/receive protection, for any data on the internet, think VPN or TOR.

This sounds like a PGP service regular people could use. It has the same drawback all security does. There has to be a mutual commitment by both parties to protect data. People who use gmail, etc, obviously aren't concerned with that. I use vmail.me for personal correspondence, thunderbird for PGP, and gmail for anything I know isn't secure in the first place. A personal email server is on my list of project, but currently working on setting up a virtual router to route most of my home traffic through VPN.

BTW, fuck Netflix.

NuttBoxer says

If you want send/receive protection, for any data on the internet, think VPN or TOR.

Neither VPN nor TOR is sufficient for protection from your government, which is necessary in all nations including ours because there are always corrupt people in government. Remember, our government committed dozens of genocides. It's hardly a bastion of liberty or morality.

NuttBoxer says

BTW, fuck Netflix.

lol, i agree. the selection is weak.

I find it Ironic that video/movie/television media content quality is plummeting, pretty much has gone limp and flaccid. Right at the zenith Golden age of super thin High Definition Digital Extreme Flat Curved 3D Televisions.

rando says

BTW, fuck Netflix.

lol, i agree. the selection is weak.

Actually that's in reference to them recently deciding to block all VPN traffic.

Dan8267 says

Neither VPN nor TOR is sufficient for protection from your government, which is necessary in all nations including ours because there are always corrupt people in government. Remember, our government committed dozens of genocides. It's hardly a bastion of liberty or morality.

Actually, the combination is pretty hard to beat. As long as you don't have a HDD with a zero day exploit, or they haven't specifically targeted you with other spying devices, it's very hard to detect exactly what you are doing. This is assuming you follow the strictest settings on your TOR browser.

the performance of the TOR browser kinda sucks. which is understandable given what they are doing. so you have one more choice to make: security or performance.

rando says

the performance of the TOR browser kinda sucks. which is understandable given what they are doing. so you have one more choice to make: security or performance.

Host a relay! The more relay's the better the performance!!