Hello, I am thinking on which email provider to use as an alternative for Gmail.
I don’t expect E2EE because I know nobody who uses either Tutanota or Proton Mail personally. I just want an alternative to Gmail, where I can message people I know who use Gmail securely.
EDIT: I have chosen my email provider as Proton Mail because I can send encrypted emails not only to people using Proton Mail, but to people who don’t too, which I feel is better.
https://www.privacyguides.org/en/email/
The wiki lays it out pretty well. Since you’re interacting with normal people all your emails are both sent and received in the clear and can be read by your email provider and your counterparties email provider.
As far as Google alternatives go fast mail which isn’t an encrypted email service is a reasonable alternative that lots of people enjoy.
The big difference between proton and Tutanota is what is encrypted at rest.
Proton does not encrypt subject lines to and from lines at rest. So that means they can always inspect who sent you mail and what the subject was. The benefit of this is indexing as fast and you can use their search quickly.
Tutanota does encrypt everything at rest. So nothing is readable including subject to and from lines. Except by your client with the correct key. You can search your email locally but you have to maintain a large cache of your email if you want to search all of it.
As far as encrypted email goes it’s great, but only for encryption at rest, if it’s caught in live transmission then the data’s compromised. But it’s definitely better than leaving the data open on some server. So the choice is yours
Thanks for the link!
It seems that Proton Mail is better for my use case. I’ll keep my Tutanota account as a backup then.
As far as Google alternatives go fast mail which isn’t an encrypted email service is a reasonable alternative that lots of people enjoy.
I am not willing to pay for a service atm
Since we’re on a privacy forum I want to point out that if you’re not paying for a product you are not the customer you are a product. If you want to make privacy alternatives to Google viable you should consider financially supporting them .
This brings up a good point I hadn’t thought of mentioning before. You should really use your own custom domain name for email. That makes migrating the different services much easier and you don’t have to change your email address with your friends. Your own domain usually requires a paid service one for the domain registrar itself, and the mail provider. All the services we talked about today charge money for custom domains but it’s worth it
If by ”backup” you mean “infrequently used”, be careful about using Tutanota for that purpose - it will delete free accounts after 6 months of inactivity.
Personally I use Proton for my mail needs but then Tutanota for my calendar. Perhaps something you could consider so your Tutanota account doesn’t get deleted.
Please consider at least a low cost service, it really raises the quality of the service a lot if it’s even $1 a month like Posteo or $2 like Migadu. You get a lot of genuinely useful features (unlike super-hyped services like Proton) and it removes any incentive to exploit or upsell you.
deleted by creator
https://tutanota.com/blog/posts/innovative-encryption/
They go into detail here, but because they want to encrypt subject line to and from they do not use PGP.
If you want to have encrypted communication with somebody you should not use email. You should use something else like signal
No, Tutanota does not use PGP
I see you’ve more or less chosen proton.
Came here to say that I have been using tutanota for years now and it works very well.
It does fit the use case of encrypted emails to people who don’t use tutanota. How it works is they will receive an unencrypted email letting them know they have an encrypted email waiting for them, along with a secure link to an https encrypted, password protected web interface with inbox and outbox.
Just wanted to point this out for anyone else evaluating privacy focused email providers.
Yes, I’m aware of that, however, I don’t think sending a password-protected email requiring you to go to another website that user-friendly.
Anyways, I’m still thinking on what email service to use.
It’s not too bad. Pretty standard with like anyone who needs to communicate securely like banks and insurance.
Tutanota does the same for e2ee, don’t know why OP didn’t mention that.
I prefer ProtonMail for a few reasons:
- I get more from my subscription, 500GB of drive, fast VPN, email, password manager, calendar, SimpleLogin
- I like the UI much more, its a lot more modern, the mobile apps are leagues better (they are actual native apps, not a web app wrapper)
- the services are arguably more feature rich
- the security that they will be around for longer than tutanota, proton has over 100M users, this leads me to think they will be more sustainable
It depends on what you need and what the other side has. It is true you can use PGP encryption with proton, yet not with tutanota. However, how many of your friends use PGP? You could also host yourself? This said, on both tutanota and proton you can set a password to encrypt to none tutanota/proton users. Both services are excellent, both lack imap or pop3. Yes proton can do this with a bridge on desktop, but has google services on android where only the app works. Tutanota does that without Google services.
The big question is, what are you looking for? Just a Gmail replacement or PGP capable email. If it’s just for a Gmail replacement have also a look to skiff.com.
compared to gmail, both are more then viable options and it depends on personal preferences. Personally I chose Proton and I am very happy with it.
message people I know who use Gmail securely
don’t know how that should work, but ok…
If the recipient of my mail uses a OpenPGP-compatible client (say, Apple Mail or Thunderbird), then they should be able to receive encrypted mails if they set it up correctly.
True.
Then with Proton (idk about tutanota) you should be able to mail E2EE with them, since you can import their Public Keys into Proton. It’s not just “E2EE Proton2Proton”, since Proton uses PGP, you can safely mail E2EE with anyone using PGP.
I use Tutanota instead of Proton Mail.