home  /  Browsers  /  Different mailboxes. Encrypted email services: what to choose

Different mailboxes. Encrypted email services: what to choose

Browsers
05.04.2018

One of the many convenient features of the Internet is instant sending and receiving letters - email.

To do this, it is enough to register a "box", but since there are many free servers, the question naturally arises - which email is better?

Opinions vary. Everything that is written below comes only from my observations, keep this in mind.

In Russia (CIS), the majority uses e-mail from "mail.ru" (based on the letters I receive).

Is she really better than everyone else. My opinion is categorical - no. It's just that Mail.ru behaves very impudently, imposing its own search lines, start pages and many other things, which are equated with viruses by various "satellites".

They are installed on computers using various tricks - almost invisible to inexperienced PC owners.

The second most popular email address comes from Yandex. It is not so "aggressive", but it also tries to trick it into its "toolbar" (integrates it into many programs for almost invisible installation).

Perhaps his post is the best. Not for me. Why don't you want to write - experiment everything for free.

What is the best email to choose

During the experiments I stopped my choice on e-mail. Why?

He has very good protection, all letters reach and there are many, for receiving and sending letters, right from the desktop - without entering the server.

They tried to break into my mailbox several times - it didn't work. Gmail - quickly repelled these attacks and sent notifications with tips how to secure it even more.

In order to protect your correspondence, you even have the opportunity to open your mailbox only by the code received on the phone.


In no case do I impose on anyone the opinion which email you should choose for yourself (which is the best one), but only described which one I use and what prompted me to make this choice.

In his review, the author listed 4 Russian boxes and 1 American. Argument # 1: For many years I could not answer the question: "What can Russians do besides vodka?" Years later, the answer was found on its own: we even take vodka and caviar from across the hillock to the "Scoop" so that there is no local production there. Do you prefer "Fiat" or Russian hands modified in "Zhiguli"? Nothing Russian will ever work normally. At the first opportunity I dumped out of the hopeless "Scoop" and switched to Gmail and never regretted that I finally left everything "native". Argument # 2: Absolutely all Russian sites and servers collect, analyze, use, sell ... information about you and where is it applicable? Yes, in Russia and where the Russians can reach you. Example # 1: at the first contact with the police, the police have a computer database about you more than you know and remember about yourself, and then we'll see what they can do to you and how you protect yourself. Mail.Ru is crammed into filters by many servers as a source of SPAM and on postal addresses served by these servers from Mail.Ru simply do not reach. Personally, more than once I have lost customers precisely because of this. Moreover, it is the companies themselves, and their own staff of Mail.Ru and Yandex, which sells databases about you - to spammers in the first place, well, everyone who needs it - has been checked many times. In order to be in the first lines of search engine results in Yandex, in no case should you follow its recommendations for website promotion ..., on the contrary, in no case should you register with Yandex services: "Direct", "Metrika", "Webmaster" ... and do not contact officially with the services of his "specialists" - it is much safer and cheaper to simply bribe his employee and he will do everything. The support service of all Russian postal services - a couple of low-paid idiots-teenagers answering any questions under various false names whatever they got, but never anything useful - \u003d that was the last straw of my patience ("service in Russian").

Google is an "American service for Russians" - there is no support service at all, there is a forum on which exactly the same Russian jerk answers any questions that horrible supposedly free, no one else reads this forum, and even more so does not answer questions. That is, for example, if your mailbox is viewed by outsiders, then this can be seen in the "Additional Actions", but there is absolutely no one to complain and ask for help, and to ask questions too.

And American Google spies on everyone, of course, much more efficiently than the Russians, BUT for the CIA (does it somehow harm you? As dangerous as your own cops?), For yourself personally, so that you can sell something (it is better than the Russians that you- then they will impose their own nightmare to buy), well, and sell their databases about you (who? which American SPAM-eer do you need and why?),

Konstantin Dokuchaev, author of the All-in-One Person blog and the @themarfa telegram channel, spoke especially for "" about two mail services: Tutanota and ProtonMail and explained which one to choose and why.

Today you don't often hear about the importance of private correspondence, about the methods of its protection and encryption of correspondence. But I decided to take a look at two popular end-to-end encrypted email services anyway: Tutanota and ProtonMail. They offer secure correspondence with encryption of all emails. Let's take a closer look at what both services give, and whether it is worth hiding your correspondence from the FSB or other special services and competitors.

Tutanota

Tutanota is a free email service from Germans that provides email encryption for its customers.
  • Russian language interface.
  • Simple registration.
  • Free tariff.
  • Web version, iOS and Android.
  • The ability to deploy a server on your own domain.
Minuses:
  • The free account only has 1 GB of storage.
  • No cloud storage support.
  • No two factor authentication.
  • There is no way to receive mail via IMAP by third-party clients.
Signing up for the service is much easier than with regular email providers. All you need to do is select a mailbox name and enter a password, after which you can immediately start using your new secure mail.

As you can see from the screenshot below, Tutanota doesn't have a colorful interface. But this is not the main thing here. As with any mail service, there is a standard distribution of letters into folders: Inbox, Drafts, Sent Items, Trash, Archive and Spam. When you create a new letter or reply to a received one, you will also find all the standard functions: forwarding, hidden recipients, and so on. You can also attach files to emails.


You can configure filtering rules for incoming letters. Of the interesting things in Tutanota, it is worth noting the ability to attach multiple aliases to one mailbox. True, this option is only available in the paid version of the service. The maximum limit for a letter, including attachments, is 25 MB.

About safety

Like most security services, Tutanota has posted its source code on Github. Therefore, the developer community can independently check the service code for "bookmarks" and other unsafe things.

Encryption and decryption of data always occurs locally on the device when authorized in the service. Your password is used as the encryption key. Therefore, it should not be forgotten, since even the developers are not able to help remember it. The exception is the corporate version of Tutanota. In it, the domain administrator can reset user passwords.

All correspondence is encrypted end-to-end and is not passed on to any third parties. The messages themselves are encrypted: subject, content, attachments and contact list. Tutanota only has access to email metadata such as sender, recipient and date of the email. Which, in principle, is understandable, but the developers promise in the future full encryption of letters.

Messages sent between Tutanota users are encrypted using standardized AES algorithms with a 128 bit encryption key and RSA with 2048 bits. Emails to third-party services are encrypted using AES 128 bit. The encryption algorithm is clearly shown in the picture below, which displays sending and receiving letters inside and outside the service.


You can send a letter to another mail service in two ways: secure and not. Let's talk about a secure method. To send such letters, you need to exchange a unique password with the recipient, which will encrypt all your correspondence. This can be done through any third party service or orally. After the first letter is sent and the recipient entered the password, the encryption key is saved in your address book and you can forget about it. All mail will be automatically encrypted.

Such emails cannot be viewed in standard email clients. The recipient will receive a link by which he can access the letter in the browser of his computer or smartphone.

Tutanota servers are located in Germany, which means that the service is subject to the laws of this country. But in any case, the developers cannot disclose the correspondence. As I said above, all correspondence is encrypted locally and no third party can access it.

The anonymity of the service is noticeable already at the registration stage, where no personal data is required from you. IP addresses are not stored by the service and are truncated when sending emails. Thus, your location is permanently hidden. For premium features, you can pay with the anonymous currency Bitcoin. Of course, the service keeps technical logs for error handling. But they are stored for 14 days and do not contain any personal information about the user.

ProtonMail

Now let's talk about the more well-known service for secure mail exchange ProtonMail.
  • Web interface and mobile applications.
  • Two-factor authentication.
  • Fine tuning of the appearance.
  • Security Settings.
  • Encryption with PGP.
Minuses:
  • There is no Russian language.
  • IN free version only 150 messages are available per day.
  • The free version has 500 MB of storage.
  • The restrictions are expanding, but they remain even in the paid version (there is tariff plan no limits).
ProtonMail does not ask for any personal information during registration. You are required to choose a name for the mail and specify a password with which letters will be encrypted. An optional field is an additional email address to which you can recover your password. During the registration process, encryption keys are generated, and at the end, a captcha appears to make sure you are human.

ProtonMail's interface is less austere than its counterpart. Here, in addition to the standard mail functions, you can also find such familiar things as stars for selected letters and labels. The interface can be customized and change the display of letters from horizontal to vertical. Emails can be sorted by various parameters. For example, by date or volume. In addition, the developers have provided a search by mail.

In general, ProtonMail is more like the ones we are used to. postal services, and in its functions it is not inferior to competitors. Moving letters, viewing the "body" of the letter, convenient formatting and much more. In the service settings, you can enable two-factor authentication, disable password recovery and adjust the logging level.


About safety

All data transmitted through the service is protected by encryption. The message body and attachments are end-to-end encrypted, but the subject line is not secure. This is due to the fact that the developers use the PGP algorithm, which depends on the standards for transferring data over the SMTP protocol. The developers made this concession in order not to limit the encryption of letters only between service clients. The PGP algorithm allows you to use correspondence regardless of the email client used.


To send emails outside the service, you can use a secure method and an unprotected one. In the first case, your letters remain encrypted end-to-end. In the second, the TLS encryption method will be used to send letters, which is supported by most of the popular mail services. However, in this case, third parties have the opportunity to gain access to your correspondence. At the same time, all mail inside ProtonMail is not available to third parties, regardless of the method of sending letters.

ProtonMail servers are located in Switzerland and the developer is subject to the laws of that country. With a legitimate request from the court, the developers are able to provide the subject of all letters.

Since the entire infrastructure of the service is based on working with the PGP algorithm, the developer's website does not describe specific encryption characteristics. But Wikipedia knows everything:

“PGP encryption is performed sequentially by hashing, data compression, symmetric key encryption, and finally public key encryption, and each step can be performed by one of several supported algorithms. Symmetric encryption is performed using one of seven symmetric algorithms (AES, CAST5, 3DES, IDEA, Twofish, Blowfish, Camellia) on the session key. The session key is generated using a cryptographically strong pseudo-random number generator. The session key is encrypted with the recipient's public key using RSA or Elgamal algorithms (depending on the recipient's key type). Each public key matches a username or email address. The first version of the system was called the Web of Trust and was opposed to the X.509 system, which used a hierarchical approach and was based on CAs, added to PGP later. Modern versions of PGP include both "

Which service should you choose?

Both services prove to be excellent solutions for protecting private mail correspondence, and you can choose either of them. Price and compatibility with others remain as the main selection parameters. mail clients.

A cheaper option is Tutanota. But there are some major drawbacks. First, you won't be able to use third-party email clients. Second: the recipients of your letters in third-party services will be forced to read the correspondence in the browser with a password.

ProtonMail is a kind of encrypted mail for housewives. Cons: price. Most likely, you will have to pay for a subscription to the service. On the other hand, you get seamless communication with the whole world, regardless of your email provider or client.