I’d like to move off from the shackles of the Google menace and transferring my Gmail related accounts over including steam but I’d like some solid advice of any well regarded and better alternatives (including open source if that is possible)
I did search but was unsure of what was best as I did hear some shoddy things about Proton.
Do you know anything that could be the “aegis 2fa” of email providers?
Thank you and have a good day/night.
Email, as a suite of protocols, was designed long before we thought deeply about encryption. In 2025, you can count on email encryption in transit and encryption at rest from providers, although try to verify it. E2EE like Proton and Tuta offer is severely limited. I was recently looking up if Proton and Tuta were even compatible with each other in terms of PGP encryption. I could find no confirmation that they are.
If you use Proton and you email another Proton user it’ll be encrypted with PGP. Otherwise your email is sent unencrypted, and email you receive is unencrypted, then Proton stores it on their server encrypted. All of this paragraph applies to Tuta as well.
You can get most of the same benefits from other providers by downloading your email locally and deleting off the mail servers. The benefit of regular email servers is open standards and compatibility with your preferred mail and calendar applications.
I use Fastmail and love it. I know many people mention using burner addressed with a custom domain, but I prefer generating a burner email with a FastMail domain for signing up to websites. Using my own domain would make it easier to identify me.
any service that let you use your own domain (custom domain email) + imap/pop3
A lot of people who are moving away from Proton due to the recent controversy are switching to Tuta
This is the way
I’ll vouch for Proton. The recent controversy wasn’t great but it’s also a single negative incident for a company that has otherwise had a pretty stellar track record. I recommend reading his responses in the reddit AMA he did after the incident. I still think he’s a fool, but I don’t think he’s fascist or that there’s any reason at all to doubt the privacy, security, or direction of the company, which is both partly open source and regularly audited.
I’ve been using ProtonMail for probably around 7 years now and it’s been great.
Lots of Lemmy is reactionary. I mean, they’re on lemmy, so they’re generally going to be the quickest to jump ship on anything. I don’t think his takes are bad either tbh - They’ve still proven themselves to be quite reliable.
His takes aren‘t bad either? Don‘t be silly
I still thinks his takes were bad and tone-deaf. I get that he liked a certain appointee Trump made that’s relevant to his industry. And, knowing nothing at all about the appointee myself, they may in actuality be a good pick. But he went well beyond praising the appointee, to praising Trump and Republicans in general - albeit for the specific narrow topic of “reigning in big tech”.
While his takes were arguably valid given recent history (I’d still say not), it was completely tone deaf to the reality of what the present-day Republican party and Trump mean for America, and especially ignorant of the obvious buddying-up big tech has done with Trump in the past few months.
I think if he narrowly aimed his praise at the appointee herself, without then making sweeping generalities about Republicans vs. Democrats, that nobody here would even be aware of who he is, let alone what he said.
I do think the internet in general tends to be very reactionary - I don’t think Lemmy is any more reactionary than, say, reddit, but both are very reactionary. Anyone who jumps ship over this guy’s comment will just end up jumping ship again from whatever their new ship is, after that company makes some move they see as imperfect in a few months or years. No company is perfect. Proton is at least great.
I think you’re using the word reactionary there to mean something that it doesn’t normally mean:
You’re right, based on those definitions the word doesn’t mean what I intended. I don’t know what the right word would be. I used it to mean one who overreacts to relatively minor or inconsequential transgressions, taking drastic, often out-of-proportion or only tangentially relevant actions to rectify perceived harms.
One example would include people ditching the entire company Proton, an entity with a stellar track record of improving the state of privacy on the internet, after a single member of their board made some dipshit comments. Another example might include the general reaction a few months ago when that misleading story about Mozilla and ad tracking was making the rounds. Other more extreme examples would be the passing of the Patriot Act and invasion of Iraq and Afghanistan following 9/11, or the Israeli response to 2023’s attack on them.
either you try staying ahead or be blindsided when shit hits the fan. Sometimes its nothing but at least you are better prepared if you were right.
Pick a provider which lets you bring your own domain and you’ll never need to change address again if you move providers.
Plus you can give out really stupid email addresses that work
Rather make the domain odd.
Whats odd about that domain, much better then weird shit like apple.com
I would say Tuta or Runbox or Posteo, but the truth is that any paid account that is not Google or Microsoft is way better than anything so as not to be profiled too much with their trackers and privacy-invasive practices.
On the technical side, no email is ever safe from being read either by the sending server or the receiving one. Email hasn’t changed for the past 50 years.
no email is ever safe from being read either by the sending server or the receiving one
Which is why you should learn to set up PGP
Which is why
youyou and your recipient (which makes it a lot more difficult) should learn to set up PGPSo it sounds like, we need a push for someone to set up a system that makes that easier to do; like Let’s Encrypt! did for SSL certs.
Indeed. That’s kind of what Tuta, Proton and others are trying to do alas without worrying much about being compatible with one another.
The contents can be read, sure, but unless ChatGPT is doing a lot of hallucinating at least a few providers support e2e encryption and don’t manage the private keys.
Edit: To avoid reading the whole thread, providers may support E2EE but can’t guarantee it in all cases. A guarantee requires the clients on each end to manage the encryption and decryption so no plaintext enters the network.
a few providers support e2e encryption
There is no such thing with the email protocol, and most providers don’t have that kind of hack.
To be clear, this page is a lie? https://proton.me/security/end-to-end-encryption
So even if I have the recipients public key the message actually goes to Proton servers in plaintext before it is encrypted?
Messages you send to other Proton Mail accounts
That’s a small but important detail. If you have public keys from people at other providers, AND you trust their security (JS thing I guess), then fine. But 99.99% of the world do not have that and don’t know what it means.
If you want full trust, use Thunderbird and GnuPG. Proton is a nice package but you don’t control it, so no trust IMHO.
Protonmail
Just make sure you buy a domain and use that as your mail MX. So when you eventually have to switch again, it’s easy
Posteo and Tuta are pretty decent!
Not sure if relevant to OP but in my case, I needed a way to route multiple emails (Gmail and own domain) to a catch all account. Found ForwardEmail service and after a very easy setup, it works fantastic. They even have SMTP.
For client, I use Thunderbird and Vivaldi’s own email features.
The “shoddy things about Proton” were political, so unless politics is important to you in your choice of mail provider, Proton remains a good alternative.
Bad news, privacy is sadly political. When you build your brand on “trust us with your sensitive information” it’s less than ideal to align yourself with the “if you’ve done nothing wrong you have nothing to fear from privacy invasion” party
Can’t remember what big platform provider, maybe Google, was giving out personal info to the government just because they were asked (i.e. no warrant given).
Proton has a business model where they want the user to put their eggs all in one basket. If you want that kind of userbase you need to leave your personal politics out of it. The problem isn’t that the CEO is right wing. It’s that he is very publicly right wing. And lastly supports a known huckster. All of this calls into question just for how long Proton will be secure before they are selling user info to the state. https://proton.me/legal/law-enforcement
Politics are very fucking important in terms of security for whistleblowers and dissidents. They are the canaries in the coalmine as far as personal liberties go.
Also, they comply with subpoenas and have assisted in the arrest of multiple people. https://proton.me/legal/law-enforcement
Start defying court orders and see how long you can run a business that depends on having a bank account.
All commercial providers have to comply with subpoenas.
If they keep no logs, there’s nothing to hand over.
https://www.ivpn.net/blog/when-law-enforcement-knocks-on-a-vpns-door-what-happens/
Email providers need to store messages.
All commercial providers have to comply with subpoenas.
I mistook what you wrote. Proton offer much more than just email.
Proton has some technical issues as well. Recently there was a day when email wasn’t working at all for hours, maybe even half a day. I’m paying for their VPN sub and using it for years and not going to move in nearby future, but if I was picking something now I would carefully consider other options. Never heard about those mentioned in thread though, if they are new I wouldn’t use them, I’d like something with good record track of at least one decade, better few decades.
