I saw Nubo mentioned in a thread a while back but there were only a few comments. Does anyone use Nubo? What has your experience been like?
Wait for them to be audited. Trusting a company just because they say the right thing is silly.
I know people are up in arms about Andy Yens silly comments, which is fair but, Proton is a proven service.
If your looking for an alternative go for another proven service such as Tuta or Mailbox.org
I heard Tuta is a honeypot. Is this not the case?
People will tell you that everything is a honeypot. In fact, I am a honeypot
It’s obviously not impossible, but you’ll find people calling every single private messaging platform honeypots. I don’t recall seeing any convincing proof for Tuta, personally.
Nobody knows. They’ve existed for a while, I haven’t heard anything of such claims.
If you want to absolute be safe, only download open source clients complied by yourself (and hope that somebody is constantly looking through the source code for potential backdoors). F-Droid comiles the source for you for the Android client. Encryption is done on the client before sent to servers.
However, if Tuta were secretly evil, they could log IPs and know the email addresses you send/receive to/from. Anything in plaintext will be seen, and you are only relying on their promise to not keep a copy of it. And btw, most of your incoming emails from banks / other websites would be in plaintext, so they could theoreticallt store a plain text version before they encrypt and store it in your mailbox.
But even then, all encrypted emails are safe even if Tuta were a honeypot (which you could never know for sure.
Technically, Proton is the same category, if you compile your clients (and someone constantly checks the code for potential backdoors), then its still safe. People are only pre-emptively moving because they don’t feel safe with Proton due to the CEOs comments, and Tuta has never made such political comments.
Tuta has already been through some cases linked to German court orders to decrypt emails received in the inbox of alleged criminals, just like any other company that is subject to the legislation of its respective country (I don’t know the difference with Proton, which until now I only found out about the delivery of IPs, not the content of the emails themselves, based on Swiss court orders), but I don’t believe it is a honeypot because Tuta has clarified the entire issue and still has credibility in the privacy community.
The thing I’d look for is encryption by default. I glanced at your link and it did not seem to be encrypted by default, so I don’t like it already. 🤔 Also they block Tor traffic from even seeing their site, kinda annoying when Proton and Tuta both allow Tor traffic, I had to use a non-Tor browser (over VPN) to access it.
https://www.privacyguides.org/en/email/#technology
Privavy Guides .org seems to be what everyone (on Lemmy/Reddit privacy forums) use as a standard guide for privacy.
Basically their recommened besides Proton are:
Tuta
Or Mailbox.org
both seem to be encrypted by default
I can’t seem to find a Mailbox.org client on F-Droid, only Tuta is on F-Droid. So I personally choose Tuta with custom domains. You’ll want custom domains to be able to mvoe providers easily.
Mailbox.org is closed source unfortunately and I believe the Client is too
Wtf? Then why did PrivacyGuides.org recommended it? 🤔 I didn’t look closely becuase Tuta had a F-Droid client so I just went Tuta (I also heard about them years ago), didn’t look at Mailbox.org.
Mailbox.org works with IMAP so you can use a regular email program. The mailbox is not encrypted by default but I saw that there’s an option to enable it involving PGP keys.
I mean, if its not encrypted by default, I personally would avoid.
I could always use PGP on top on any provider, encrypted or not, might as well also go with ones that also encrypt by default.
From what I see here it can automatically encrypt incoming emails with PGP, which I know Fastmail doesn’t have this, and the advantage would be that you get security similar to Protonmail but you’re not locked into their clients.
AFAIK, Mailbox.org was once open source, but has not very recently become closed source. PrivacyGuides.org recommends it, as does Tresorit (encrypted cloud storage), for example, which is closed source and is one of the services I use. Providers that implement encryption, have been audited, have been on the market for years, and have a clean track record of security or privacy scandals, which there aren’t many of these types of services these days. But I personally don’t like them and try my best to avoid closed source softwares as well.
In conclusion, PrivacyGuides mostly recommends open source software but also recommends some that are not based on their features, reputation, security and maturity.
Im using Mailbox with K-9 Mail or Thunderbird.
Seems like it is only for Europeans (and possibly even excluding non-EU citizens)? I have been using Zoho (free account) for many years (since I got rid of GMail) and while not explicitly privacy-focused they are not a data collection operation like Google/Alphabet or Meta. They make their money through providing paid accounts to businesses (competing with Google Suite). I have been very satisfied with them. They provide very good 2FA options and apps and I also use their WorkDrive (previously Docs) and Notebook.
Removed by mod
