List of Secure Email Providers that take Privacy Serious
List of Secure Email Providers that take Privacy Serious
Here is a list of secure email providers that take your privacy serious and do not track you (* = recommended, last updated August 04, 2023):
- ProtonMail (*) – Truly anonymous & end-to-end encrypted email
- Tutanota (*) – Truly secure email with end-to-end encryption throughout the entire mailbox
- Hushmail.com (* )- Canadian provider who has been respecting email privacy since 1999. Oldest secure email provider.
- RiseUp.net (*) – Secure offshore email provider run by non-profit organization who fights for digital freedom.
- TorGuard.net (*)
- Blur/MaskMe – Solid email masking service, not a provider.
- StartMail.com
- CryptoHeaven.com
- Autistici/Inventati
- NeoMailBox.com
- 4SecureMail.com
- CounterMail.cm
- S-Mail.com
- Securenym.net
- Safe-Mail.net
- KeptPrivate.com
- Novo-Ordo.com
- LockBin.com
- SendINC.com – Sends encrypted emails, not actually a provider.
- Opolis.eu
- BitMessage.ch
- Lavabit – Shut down as of August 2013 after Edward Snowden was found using the service and the FBI tried to spy on users.
- SilentCircle.com – Email service shut down as of August 2013. All of their other services still work.
- TorMail.org – Tor-based email service now dead after FBI server seizure.
The list of secure email providers above is a comprehensive list of privacy-focused providers that has been vetted by our team of security experts. These are not big-name providers or privacy-violators that can be found scattered across the front page of search engines and ads. If you don’t wish to switch email providers, we recommend you begin implementing some form of encryption, such as PGP.
Top 5 Secure Email Providers
1. Hushmail – Basic Secure Email with Privacy in Mind
One of the first-ever and longest lasting secure email providers on the market is Hushmail, whose been providing secure email since 1999. That’s right, 21 years as of the time of writing this article.
What sets Hushmail apart from other providers is that they own and operate all of their own servers, meaning your data is never sent or stored on a third-party server, it’s all in house. What is disappointing is that Hushmail still has access to users inbox, however they own their own servers, don’t scan emails, don’t datamine users, don’t snoop in others mailboxes and have easy one-click encryption!
Hushmail is packed with tons of features including automatic encryption, temporary email address, strict HTTPS and two-step verification. Through their last 21 years of service the provider has been forced by the Canadian government to turn over three users accounts, on one occasion in 2007. However Hushmail is built with the security, privacy and simplicity in mind, and it’s all free!
A huge reason we recommend Hushmail is for their track record, 21-year veterans in email security. Often times today we will see these alleged “secure email providers” crumble after one legal request and nuke your mailbox, giving you no way to recover your email. This is something Hushmail won’t do, they are established and have designed a mailbox keeping your privacy in mind!
Get a free account here or upgrade to a premium plan and get $5 off with out special link here.
2. Tutanota – For All Your Encryption Needs
Another secure email provider dominating the list is Tutanota, because it’s different in the fact that the entire mailbox is encrypted, email and contacts, all end-to-end encrypted only giving you access to your data. Even when Tutanota was forced by a German court order to turn over data, they could only hand over encrypted data, and had absolutely no way of reading or decrypting such information.
Tutanota is even unique in the fact that you can send end-to-end encrypted emails to any email provider via a shared password, making the email just as private even when contacting friends, family and business partners using mainstream providers like Gmail. By default, Tutanota automatically encrypts subject, body, and attachments, something PGP does not do. With Tutanota’s relentless work they are working on an encrypted calendar this year, making this a serious provider, not someone to close shop after one law enforcement request. And best of all, they don’t log any IP addresses and even strip IP addresses from the headers of sent and received emails.
We asked one of the Tutanota co-founders what makes their secure email different, Matthias Pfau told us:
- Tutanota encrypts all data on the users device (end-to-end encryption)
- Tutanota never stores unencrypted data on their servers, everything from mail to contacts is always encrypted
- Tutanota makes encryption easy-to-use as key generation and key exchange is easily done in the background
- Tutanota never uses the private keys of their users server-side
3. Shazzlemail – Locally Hosted Email in Your Pocket, No Third-Parties
One of the most secure emails on the market today is ShazzleMail, but this is because they are doing things differently. They are putting you back in the hands of your data, and we mean that quite literally. Instead of ShazzleMail hosting your content they’ve developed a way for your to be the server, meaning you store all your data locally and nothing ever passes through ShazzleMail.
It’s quite simple, you download the ShazzleMail app on your smartphone, set up and account and your all done. However one downside to ShazzleMail is since you are the server, uptime matters. This means if you are running it on a smartphone and it happens to loose battery, technically your server is offline, and now you have no way of receiving or reading your messages. However, the upside is that all data is locally hosted and technically never has to leave your servers, or if you’re messaging a provider like Tutanota, you don’t need to worry cause its going to another secure email.
If you’re tired of not knowing where your data is being stored, give ShazzleMail a try!
4. RiseUp – For All Your High-Security Activists Needs
Another secure email service for activists and privacy-supporters if RiseUp, a Seattle-based digital collective that offers free security and anonymity tools. Born out of the need for email privacy, RiseUp provides a secure email solution with absolutely zero trackers and no censorship.
RiseUp was born and operated by a small collective of pro-privacy activists who have kept the service government free since 1999. Even after previous run-ins with law enforcement, no data has ever been seized or read by any third-party or government entity.
While RiseUp offers great security they have one major downside in that it takes a support ticket and a few days to get an account. To start, you must first send in a support ticket requesting an email and telling them why you want one. You can be an activists, journalists, hacktivist or just plain privacy-lover and can easily be granted an account. After that its smooth and secure sailing!
5. Torguard – Encrypted Webmail with Privacy
Last on the list is Torguard, another secure email but this time developed by a leading VPN provider. Torguard’s anonymous email service is their latest addition to their privacy product arsenal, offering up a secure inbox. Torguard offers easy PGP email encryption, end to end security, zero advertisements and perfect forward secrecy.
While Torguard isn’t jam-packed with features it serves as a pretty basic webmail with a couple of great apps and security in mind.
Optional) Blur/MaskMe – Abine, the company behind this wonderful browser plugin offers a free service known as Blur, formally known as MaskMe. The service allows you to easily mask your email address when entering it into websites. This means instead of giving a website your personal email you can mask it and Abine will give you a second email that will forward everything to your real email. This means if a website is shady, spammy or gets hacked, your real email is never in their hands, simply a masked version. And the best part is you can block these masked emails, so if the email starts getting spammed, simply block it and you won’t ever receive emails from it again. A great additional privacy tool!
Conclusion
After revelations uncovered that third-parties and governments have been spying on our email communications for years, the need for a secure email has never been more urgent. Privacy-conscious email providers has never been in higher demand. When you use a mainstream email provider that spies on its users, it doesn’t only hurt you, it affects everyone’s privacy. Your email address stores your interests, personal hobbies, daily activities, friends, family and thousands of other personal details, why let these big-name providers take your privacy away?
I like privacy also, what I don’t understand is, if I use a privacy email provider and I send an email to anyone who does not use a privacy email account, my email is supposedly encrypted, how does the recipient be able to read it?
Still no updates on eclipso.eu? I signed up for an account and it looks ok to me. Does anyone else have a better opinion?
Great article! How do i subscribe to your blog?
Tutanota does not allow sign-up using tor. Every other privacy ‘respecting’ site I have used, does allow it. Therefore, Tutanota is under suspicion, and not to be trusted.
I have been using EMAILX.NET for over 15 years. A pay site which not only offers email service but other things for businesses. I attempted to log in today 4/29/2019 and came up with basically a blank screen. I checked GODADDY.com and see that emailx.net was taken, but up for sale for next to nothing. I then sent an email to that emailx account and it bounced
back with a 5.1.2 error.
I can not find anything on emailx and do not remember the company who offered it..
if anyone knows what happened to emailx, I’d appreciate your insight.
thanks.
john
Have you evaluated Reagan.com?
I do not know if it’s just me or if everyone else encountering problems with your blog.
It appears as though some of the text within your content
are running off the screen. Can someone else please provide feedback and let me know if
this is happening to them too? This may be a issue with my internet browser because I’ve had this happen previously.
Thanks
Hey, I’m starting a new Email account and would like a list of the free providers, it gets tiring scanning so many pages. Also, which ones are compatible with Tor, currently using Firefox. -Thanks, much appreciated.
Several on the above list a no good. Makes me wonder about the whole list altogether. Sigh…
ShazzleMail: sign-up page asks for a Recovery Email. Doesn’t that defeat the purpose? I mean my only other Email right now is with AOL, the very reason I am trying to switch.
Tutanota: webpage seems to be blocked. It shows for split-second, then gone with an ‘error message’. CryptoHeaven: does Not come up. My screen says “Site is Not Secure’.
Riseup: does Not encrypt end-to-end, only on starter end.
**First, began trying Gmail, just 2 wks ago, but can’t navigate their maze for anything, they have me going around in circles trying to sign-in, blocked me out of 2 of my additional Emails under the Account before I even used them, and I can’t find how to cancel the Account now either. Geez.
And why does this webpage on FreedomHacker asks to store my name, email and website… Hhmmmm
To KILLSWITCH.
It’s not my place to offer you or anyone else an alternative, even if I had one, because that alternative might prove to be flawed as well. I was only telling it as it is with email providers. You will have to try and find an alternative yourself. Good luck.
I would avoid Hushmail. Canadian courts readily grant requests from attornies to provide information on Hushmail accounts, without the opportunity for the owner to weigh in. As a result, you have far less privacy protection that in the US, where the owner of the account at least gets a chance to be heard before data is released.
Yes, the message body of Hushmail messages is encrypted, but your IP address, your third-party verification number, your geolocation, and your subject line all are available. With that information, encrypting the message body accomplishes little
Hi,
To all you out there who are enquiring to which email provider is the best regarding keeping your privacy safe. The short answer is, it doesn’t matter. Once you start using end to end encryption just by that fact alone you will draw attention from the snoopers.
People I know have used Tutanota to have their emails encrypted from sender to receiver. Although it might be fully protected other things have happened to each of them which included clicking noises on their landline phones. One person’s phone clicking might not mean much, but five phones clicking! Think about it and make your own conclusions. When they abandoned Tutanota and went to gmail, guess what? the clicking stopped. The authorities were getting info direct no need to tap.
Let’s face it, there is no such thing as privacy protection. Therefore, use the email providers but expect to be spied on and your info compromised. The safe written communication days are gone forever.
A fact of life.
Offer an alternative then..
No webmail services that encrypt stored email are secure, because the service itself holds both the public and private key. And those webmail services you list are located in 14 eyes countries, like yourself. If you tried to provide secure email, from where you are, you would soon find yourself shutdown like lava, unless you agree to cooperate with those who want to snoop on email. So whats left, is what has made it onto your list. And whats been shutdown, is what was secure. And anyone involved would be gagged from disclosing it. Secure mail is snail mail.
I agree.
Hushmail scans your mail for advertisement. Only premium account is green from that.
ShazzleMail and ProtonMail
Author please fix, you recommend ProtonMail, but later in article didn’t mention this service. but mentioned ShazzleMail instead……
thanks
Hushmail is terrible,. I had 2 accounts with them and I had a family emergency where I had to be caretaker to my mother, who then died. It was in inactive account but I was told I could delete but not add to the account/. I had not been on the account as I was just trying to take care of my mom, my business, etc and so once things quieted down, I tried to access the account and was told that they had deleted confidential e-mails from my business . I was never aware they could do this . I am so frustrated that I am going to empty my current account and delete it. You would think since I was paying for an account still and the fact these were confidential e-mails that they would have let me know prior to deleting them. I am done with them and will be looking into other options!!!
“List of Secure Email Providers that take Privacy Serious”
When I see such a 9th grade grammatical error on the title of the article, I feel sure the information contained in it is at about the same level…..
This is the sad thing with authors like Brandon Stosh – Clearly being paid by Hushmail to put there link on the top of the list. HushMail is NOT SECURE, they are a sell out, so remove them from the list.
Lost all credibility as an author Mr Stosh, Will take all your work with a pinch of salt, as clearly its biased.
Any comment on Protonmail?
I agree
Hushmail comply with the US and international Law enforcement, They are not secure in the slightest.
They have handed over data before and will continue to do so.
I lost all respect for your list when I saw hushmail on it.
Your list is worth as much as a chocolate teapot.
Do NOT! use husmail
Hushmail is the worst……
GREAT list and THANK YOU very much for talking the time to answer our questions.
Just found this site after years of being out of touch with anything more complicated than turning a computer on, emailing (Yahoo) then getting out.
I’m worried now with the revelation my carrier got buggered, now I have to find a more secure option .
Any of you wizards have an answer for an old fart? I use an Android that came with my Vizio TV, which I understand further complicates security. I am house bound and have to call the Geek Squad for complicated problems.
Thanks for any suggestions.
The article explicitly states “last updated December 7, 2016” for the recommended Email services. How can you recommend RiseUp then when it’s obvious that there is something going on that they are not allowed to talk about? For me that’s an instant total loss of this sites credibility. A very crude oversight at best.
Hello, we’ve actually written an entire article on the Riseup debacle that you can take a look at. While yes, Riseup’s current status is questionable, there is no proof that the entire organization is compromised. Their canary statement is still within a semi-reasonable time frame as well. Riseup has been providing email for over a dozen years, and they don’t seem to be going anywhere.
The point is that there is no proof that the entire organization is NOT compromised. Of course they wouldn’t be going anywhere if there was an agenda to turn it into a honeypot. Of course this is one of the worst case scenarios which of there is no hard evidence, but as long as the doubt is legitimate, they are NOT RECOMMENDABLE.
Well thanks for censoring my comment on that article you mentioned. Freedom has been hacked indeed.
Your comment got marked as spam and logged into the que, we only check it every week or so. Since been approved. We do not tolerate any kind of comment censorship on our site unless it’s spam.
When Hushmail is even listed, much less listed as #1 respecting privacy (KeptPrivate is even listed), everything else in the list is suspect. This is a disservice to the (few) real secure and private purveyors. Hushmail records every incoming and outgoing email. I had many dozens incoming and outgoing emails more than 8 months old downoaded into my inbox at Hushmail with an explanation that I might have need for them – unsolicited. This did blow the lid off the lie that Hushmail was private and secure…I don’t keep emails. I delete them within 2 – 3 days max, and keep none beyond that, much less 8+ months. There is only one reason to record everyone’s email: DELIBERATE INVASION OF PRIVACY. If privacy and security isof ANY concern, storage of mail is deliberately limited to a very short period of time, and it is then securely erased. Hushmail is the longest running lie of privacy, on the internet. Thanks for helping keep up the lie. (And listing others that are worthless, too.)
Dude all the links in this post are tagged/affiliate links for the pay-to-use services, they’re getting paid.
Wow, no links here are affiliate links aside from one. All links are masked so we can get proper tracking on which providers are popular.
Indeed an informative list – but a do not include some of the other remarkable players, that does everything on the client-side and truly provides end-to-end encryption (which by far is the only way that can ensure one’s online data confidentiality and integrity during transit).
Following are two of those outstanding services.
> https://mailfence.com/ (a pure end-to-end encryption service – that does not only provide confidentiality and integrity but also authentication via the capability of digital signatures, based on OpenPGP – it provides user full control over their keys and does it all in a very user-friendly manner)
> https://scryptmail.com/ (another nice end-to-end service – that provides great reliability and hot features like disposable email addresses etc, based on OpenPGP and has a nice descriptive interface)
Now, the ultimate tool when it comes to OpenPGP and end-to-end encryption – is always have been GnuPG, though the reason it never really get lifted up is due to its complexity in terms of usability from a typical user standpoint (however, implementations like Gpg4Win, GPGSuite, Seahorse does come in handy).
Lastly, the article is not bad at all, the only loose-end is not mentioning some of the key players. Nevertheless, it always drops down to one’s preferences and requirements (I personally use mailfence which is free, interoperable, without ads, completely locally hosted and provides an entire collaboration suite i.e. messages, contacts, calendar, documents, polls, tags ….)
Again, its a matter of personal preference and the extent to which one understand end-to-end encryption technologies (OpenPGP, S/MIME etc, which most of the people don’t) – that contributes in the rightness and wrongness of their online privacy decisions.
I think when you use free services, you pay in a bigger way like ads and privacy. I am quite happy to pay thexyz.com a few bucks a month to host my email without the ads and privacy concerns.
Hushmail is hardly free. You are free, as long as you log in every three weeks; BUT, if you get close to 3 weeks (and I’m not sure what their definition of 3 weeks is but its not 21 days), you get a window that your free account is terminated and the only way you can access it is to pay $49.95 for their service. I call that a rip-off.
Hello Kel, yeah that is definitely true, but they state that during signup. If you don’t login every 3 weeks the account will be locked. It does suck, but since it’s so blatantly stated, I don’t really find it an issue. However their prices are quite high, but it’s yearly, not monthly like other providers are beginning to offer. However other free services do offer unlimited time, like Tutanota, so it’s really up to the user.
Please forgive me for not knowing much of the technical pros and cons on privacy concerns. I have read every cooment in this section and am srill not sure exactly “what” I need to do but I have become an absolute privacy freak who is looking for solutions. I only discovered today that logging out of a gmail account on at least my android, seems impossible. I write many emails that I would like to keep private. Currently I use gmail, prodigy.net email (yeah know, dating myself here,) one aol account n probably have a few others but these are where most of my mail is generated/stored. I need advice bigtime. My Sprint Sansung Note 4, is 2 years old. Recently I purchased a Verizon Iphone 6s, and couldn’t resist purchasing 5 new $25 LG android tablets. I needed the verizon phone (6s which is untouchef, still in the box) because when we go to our favorite vacation spot, there is zero sprint service and I need service. The tablets are all hotspots as well. Right now I’m thinking the tablets need to go back to Costco (they’re Verizon and their privacy policy is not to my liking.) I also use an old iphone 4 that no longer has phone service but is my companion for music and occasional wi-fi email using my AT&T uverse internet at home. Realizing I am so unprotected is scary. I do clear my history, cookies, cache, daily and use clean sweep as well. I have disablef nearly every preloaded google product on my Note4 after turning off all permissions which has created issues with the gmail. Ugh! Seems like each day I need to reverse some permissions I have turned off just to use the internet (most surfing is done with my phones at home). Given all that, and this new paranoia and desire for privacy, what do you suggest I do? I tried tor/onion along with ddg and disconect me but know this really isnt a solution. The onion/Tor works seldomly (probably due to my lack of knowledge.) I just happened to look at the privacy policy that came with the tablets and discovered they are prewired to report to Samsung. Then discovering tonight that I am not able to sign out of these gmail accounts really has me concerned. I want to do whatever it takes to stop these companies from watching, tracking, reading, recording and truly need your guidance. Like I said earlier, I have disabled many google bloatware apps (including maps) call me a privacy freak, lol, no shame here! I’m not very technical but do learn quickly and am fairly good about following directions to secure my privacy. Unfortunately, I have years of emails on yahoo’s service (bought out prodigy), and even gmail too that I’d really like to keep. Is there any way to securely save these emails without printing each and every one of them out, then deleting them from the servers. I gather they will still have copies of all the dang emails but I really need advice and want to start protecting myself and my data asap. I want my privacy back,, or at least as much as possible. It seems to me that the last decade of web activity and emails cannot be undone but my future can. Any and all help as to be more secure from here on out is welcome. Thanks for all your hard work in creating such an informative site. I probably wont sleep bc I’m so freaked out by this new knowledge, haha, but hopefully I can assemble a new plan to move forward from here. One last question, is Lookout safe to use or disabke tgstvtoo?. Sorry for all the questions for writing a book. Any advice to fix these issues is very appreciated.
Appreciated your list and information from both you and everyone who shared their experiences. I have had various email accounts over the years, but this past year I have had the worst experiences. I had google gmail because it was on my LG android mobile, so I used it on my HP Pavilion pc and my. Lenovo laptop. I have been hacked numerous times, my passwords Changed locking me out, several times the same day I changed them. I got a yahoo email and was hacked within two hours. Google pops up on my phone constantly even after closing account. Let everyone know to stay away from those guys. Thanks for letting me vent and thanks again. I’ll check in when I set up an email from your list. All the best.
Is ‘freedomhacker’ a FREE SITE?
Hi Duane, I am not to sure what you mean but everything on FreedomHacker.net is 100% free and will continue to be for as long as we can tell. Hope that answers your question.
my brother could you please let me know any anonymous mail like reagan.com that i can use..
I need a mail box that when I send mail it will appear as if I am sending it from someone else’s box.
I am new to this site but will appreciate it if it is sent to my mail box. Thanks and regards
Hi Alex, I am not sure emailing spoofing is entirely legal but we do no know any sites of the sort. This list is for secure email providers. Cheers!
I am barely a fetus here in terms of tech security, so I know this question will get a lot of eye rolls from cyber elites. Does using Apple devices/operating systems make any difference in terms of preference from this list?
Hi Jonathan, feel free to ask any question, we don’t mind! But in terms of OS level, using Apple should not make any difference. The only thing is if you use the default mail app with some of these providers you may have to pay. This is because mobile apps pull requests from IMAP and POP3 servers, which is what most providers make you pay premium for. However this is the same issue if you wanted to run in on Android or a mail client on your actual computer. Though you can always access the email through your browser.
In short, using Apple with these providers will not affect anything. Hope this was helpful!
I see some of these listed actually share their data with the authorities such as hush mail and others are not all that secure, i personally use Invmail (https://www.invmail.io) as it is probably one of the most secure available out there, it certainly is more secure than Proton which seems to get all the recognition, but uses half the RSA and is not completely zero knowledge. –
Um you do know Invmail the site alone is riddled with google and facebook spyware right? lol NoScript picks it up pretty fast. Meaning they’re probably using ads for both companies or letting them use ads in which they can use to track you at all times. Kind of like having flash on all the time which does pretty much the same thing. That’s why I can’t trust even private browsers like firefox. A lot of broswers use google search engine as default or it as an option because they help fund for google. They sponser them. Now ask yourself why a supposed “for the people and privacy” company individual would do that for a multi-billion company like google who owns one of the biggest banks Goldmansaches not to mention one of the most evil. What kind of fucked up logic is that?
And if you think startpage, ixquick and duckduckgo are safe alternatives because of their “claims to pivacy” consider this; Starpage is powered by Google, Duckduckgo is powered by Yahoo. Ever heard of a controlled opposition? If not you should do some research it’s not a new tactic at all.
That’s weird. Would have sworn my post made it on here earlier. …Operator error! ;-)
Hello Brandon, and thanks for the continuing effort. I have a unique set of circumstances and would truly appreciate your opinion. We have recently been able to get internet via cellular service, which means small monthly data allotments. Also live in a “dead zone” area – no satellite internet reception, too far out for landline, and even cellular is spotty, at best! Have been using Yahoo mail over the years at the public library, but their ads have become so intense that it’s eating into the monthly allotment. It isn’t unusual to go 2 or 3 weeks without a signal strong enough to connect, so am afraid Hushmail is out. If I understand correctly, ProtonMail is out also, as the messages expire after only two days. Not sure if I would be better off using an online service or going with an email program on the PC. Sort of like the PC program idea, but there’s a lot to be said for decent spam control. Am using Windows 7 and don’t “plan” on ever going anything newer, as most of my computer time is offline – will let the future decide the online part. PC’s are kept fairly secure and only one PC is allowed to connect with internet. Also like the idea of privacy, even though I’m not sharing secrets or doing anything illegal. Also have Norton protecting my system.
Thanks again.
Hi Keith, thank you for the very kind words and everyone has a right to privacy regardless of their circumstances. For you, I would recommend going with a cloud based option. Like you said, you will need the email to stay active even while your away, which a lot of secure providers don’t do.
You’re best bet would be to switch over to Riseup or another on the list. They have great privacy, are completely free and your emails don’t expire after a set time. Either that or paying for an email subscription to something such as Hushmail. While it’s not optimal, we have to remember they have no other revenue streams, no data collection, no ad selling or anything of the sort. Most secure providers are pretty cut and dry so they shouldn’t have a humongous data loads like Yahoo and Gmail.
For PC protection, we have to admit Norton isn’t to great. We recommend you run the ESET online scanner and Malwarebytes, both are completely free and you can keep using Norton in the background if you have a paid subscription.
Hope this helped Kieth, don’t hesitate to contact us if you have any other questions.
…excuse me while I catch my breath!! Norton isn’t that great??? Wow, guess I HAVE been offline for too long.
Thanks for the info on RiseUp. Still unsure about cloud-based. From my understanding it includes the use of peer-to-peer. Would that be the case for RiseUp? And if so, would a peer-to-peer based operation use up more data time for those of us on a limited data budget? Does peer-to-peer use your system resources even if not currently logged in to email?
Also hadn’t thought of Malwarebytes in years (like nearly 20!) as it didn’t function well for me so many years ago. Will give it another try.
Thanks for the interesting points to ponder.
Keith
Hi Keith, Norton has been out of the game for a few years now. They’re service really fell off and doesn’t detect like it used to. It’s just another massive commercial AV I feel.
For Riseup, its all run from their servers, so it shouldn’t use any extra resources then simply loading the webpage and emails. I’m not sure what P2P references on Riseup you are speaking on? Should be great if you have a slower connection and/or have a cap limit. I would defiantly recommend Malwarebytes today as they have for sure stepped up their game, unlike the past versions.
Hope this helped! If not, don’t hesitate to ask more questions :)
Thanks for the info Brandon. Unfortunately, your advice on the ESET Online Scanner isn’t good for my needs. I contacted ESET and this was their reply:
“The online scanner is intended as a one-time use program so it will download the entire definition database every time it loads. We cannot give a figure on the size as it grows several times a day, each update with varying sizes, it is not recommended for repeated use, particularly on capped plans. If you were to use a NOD32 or Smart Security package then it would only download the updated definitions and is less of a drain on data on capped plans.”
I also downloaded Thunderbird, but have yet to figure out how to get all old emails onto my computer, as I end up downloading ALL emails every time I open the program. Am nearly half way through my monthly data allotment and it’s just the 7th of the month. *sigh* …But much of that is due to my PC deciding to do an unauthorized Full System Restore on me recently. But that’s another nightmare!
Thanks again,
Keith
Hi Keith,
And ESET is correct. If you read the online scanner menu it lets you know that its not an active AV solution. It just runs the most recent database of malware they have and scans you system against it. We prefer it as its not active, draining bandwidth and resources. In regards to an AV solution, I am not to sure. They all need to be updated almost daily, so I am not to sure on what you can use on a capped line.
And Thunderbird should list all your emails in the DB but not download them all. That’s odd. The contents inside should be hidden and not loaded til opened.
Due to your limited bandwidth, it is hard to say what active solutions are available as they all require consistent updating.
Opolis.eu – STAY AWAY FROM THIS
Review date: Aug 2015
THIS IS NOT A SECURE EMAIL SERVICE , infact its not an email service at all, O!polis is an email client, web based.
How it works is as follows:
It captures your email address, so once you setup O!polis you are using your own email address as a login id – to send an email to another Opolis user only. No emails outside of the Opolis system. i.e., you can’t send an email to external email accounts like to your friend’s gmail or yahoo. Opolis says there’s a way to achieve this – add your friends to Opolis as users, they will get an email and password, the process is a bit complicated, you guide your friends through it, then they setup their Opolis accounts to communicate internally. So am I correct in saying that this is an internal messaging system? and the email address is useless, because communication is all internal? basically instead of having Opolis can assign any id – like and let people communicate. Which brings me to the scary part of the review.
Opolis is secure but it will show you a screen to enter your physical address and says that it will create a security certificate for you. Its unclear, why a certificate is needed when no email is ever sent? basically you are asking people to create Opolis IDs and communicate internally. You show peoples’ email ids as usernames so that they will beleive they are sending emails, whereas they are just sending IMs like GTalk, VChat, iMessage etc. As far as security is concerned, what if someone took the email id Opolis captured and used it as a sender’s address, complete with a physical address in a certificate, one could land in jail for some email that they never sent.
Contacted helpdesk@opolis.eu and waiting for a way to delete my Opolis account. its surprising that deletion info is not given anywhere in their FAQ, help section, or Community pages.
I would like to add https://phantomencrypt.com/ . They offer closed loop encrypted emails for mobile phones.
Just came across this list via Google. While it gives a nice overview, it is a bit outdated. I would really like to see it updated with new encrypted ones like https://tutanota.de or lavaboom.com. Cross-posting the article would make much more sense then!
Hi Sixtus, we keep the list updated throughout the year but emails like lavaboom are still in beta which is why we don’t recommend them. Once its fully functional so that users can grab an email on the homepage, we go ahead and add it to the list. Thanks though.
Lavaboom is no longer in service and should be taken out of your list of recommendations. As of August 27th, Lavaboom has been shutdown.
“Lavaboom has shut down
With regret we have to inform all of our users that Lavaboom has shut down its services on August 27th. The hello@lavaboom.com e-mail address has been removed.
I am sorry for letting you down. “
Hi Onyx, Lavaboom was never listed as it was never made public, someone just post it in the comments. This is one of the main reasons we do not list invite-only providers or new companies, they may close shop after just a couple of months. Thanks for the info though.
@SIXTUS do you have any lavaboom invites? thx
Hi, check out protonmail. Think it is better than Shazzle mail. Had a number of issues with them.
Hi there!
I just read your blog post about privacy conscious email provider
and if it’s ok for you I would suggest you another website to add to the list.
I’m Niko, nice to meet you!
I’m the owner of “https://digitalenvelopes.email/”, I’m a geek guy, FLOSS fanatic and a
linux system administrator. I made up this website to give a chance to my friends,
and actually to all the people that wanna try it, to use something different from big email providers.
We all know privacy is a big problem with big email providers ;)
It’s built 100% using open source software.
With digitalenvelopes.email you can choose between 3 different webmail interfaces
(Horde, Roundcube, Rainloop) and all of them come with the possibility to use pgp encryption,
although unencrypted messages can also be sent.
Horde, Roundcube, Rainloop are all at last version and keep updated.
There are six available domains.
An email is required to register, but registration is immediate so this can be a disposable one.
Although the service is technically ‘free’, digitalenvelopes.email is run just by me,
and therefore relies on donations.
Ads: no
Aliases: up to 5
Terminated if inactive for: 180 days
Encrypted by default: yes
Inbox size: 1GB but effectively unlimited (support for more)
POP/IMAP: yes
Based: Italy
Perfect Forward Secrecy: yes
Privacy policy (https://digitalenvelopes.email/blog/index.php/privacy-policy/)
Antivirus/spam filtering: Clam AV, SpamAssasin
User IP in mail headers: No (webmail & SMTP)
Signup through Tor: No
Max attachment: 50MB (support for more)
Severs in: France, Canada
Connection Security: TLS 1.2, AES256 GCM and SHA384 with ECDHE RSA
As soon as I saw Hushmail listed, I knew you didn’t know a damn thing about privacy and email. How is email that is copied without your knowledge, both incoming and outgoing, and stored by the scammers at Hushmail called private? fuck you…..;this system is dicks
Hi Johnson, yes we know Hushmail has complied with law enforcement once before, but the system is one of the oldest secure email platforms on the market today. And yes we do know Hushmail is not the #1 provider, another reason we note additional providers. Take a look at EFF’s scorecard regarding Hushmail https://www.eff.org/secure-messaging-scorecard, we are not saying Hushmail is #1, its just one of the longest lasting and most trusted providers on the market we believe.
Alongside that, using Hushmail takes you away from the mainstream providers and doesn’t read, target or sell your information.
Why the hate towards Hushmail?
Let me get your logic: you agree that hushmail has abilities to decrypt anyone’s e-mail, which essentially is much worse than Google, because the former creates a false sense of security, but you still recommend them because they are the oldest service around?! Do I need to say anything else?
Hi Torez, we are not saying that. We are saying they have been providing secure email since 1999 and are clearly one of the oldest providers in the game. Their service have been alive for well over 15 years now.
That’s the problem: you shouldn’t be recommending services as secure just because a provider is the oldest and has been alive for 15 years.
Hi, Protonmail.ch is mentioned a couple of times but you don’t give your learned opinion as to their security.
Thanks so much for the article.
We have not personally used ProtonMail, so we cannot give our full opinion on the service and their security. Also, the service is still in beta so not everything is public, meaning things may improve and change over time.
If you want to secure your existing email account can I suggest you check out Jumble (www.jumble.io)? Jumble layers in on top of your existing email account (Gmail so far with iOS support but we’re working on supporting more providers and Android) and has NO access to your email account.
We are free for all individuals and the recipients of your emails do not need to be registered with us to receive an email (they register for free to decrypt the email). We’re bringing more features in the coming months but welcome any thoughts or feedback you have in the interim.
Regarding the above comment, I meant to write SAFE-MAIL.net, not StartMail. I have never used StartMail and can therefore not give an opinion on it. I apologize profusely for the confusion.
PS: Author-Thanks so much for doing this much needed article
Hi Jackson, happy to help! Thanks for your input!
Try https://sigma.email , encrypts using AES 256 in transit and on server clusters with unknown random keys. Its free and unlimited space, users can have their own domains as well.
I have had a sigma.email account for the past month and have got about an eighth of the emails that I was supposed to get- including extremely importing emails from the IRS. Who knows where they went? To the land of the missing singleton socks, perhaps. So be warned as far as Sigma goes. Also the same with Startmail- I got a couple emails then all of a sudden, none. This awful-ness of service made me miss Crucial emails from my lawyer which screwed me in a huge way. Beware!
Another interesting option is https://tutanota.de, a Germany project of privacy.
Hey Brandon-
Nice article and awesome site, congrats.
I’ve been hearing a lot of good things about openmailbox.org, but see no mention of it on your site. I’d love to hear your opinion on it!
Thanks!
Hi Nage,
Thank you! Also just took a look at openmailbox. The service reminds me of a Riseup-type service which is great. Would love to hear others opinions and experiences with it.
Try these guys : http://www.protonmail.ch .. located in Schwitzerland and out of US … I had to wait abot 3 month for a sign up … all the support to them for doing a great job – take care !
I had all my email files and folders transferred to Hushmail from Yahoomail last year, believing that they would provide better security. Hushmail blocked my account three times, twice claiming that they had done it mistakenly and the last time saying tough luck– “You should have read our terms of service [which say] we reserve the right to block any account any time [for no stated reason].” They refused to communicate with me about a problem, explain what any problem was, or allow me to recover my files which contain 10 years of legal documents, receipts for personal purchases and research documents. The reason why this happened could range from a faulty computer-triggered blocking system, absolute disinterest in protecting a customers’ data, or their own internal tracking of my emails and disagreement with my politics (the ONLY thing I was doing at the 3 times my account was blocked was responding to posts on an unmonitored listserve I was scraped to without my permission). What legal action can I take?
I think we can delete American email services from the safe list. It is for them made impossible to provide a safe service. For sure when you need to send a email to an NGO organisation it is hard to find a safe way. All is under control from as well governments as from corruption inside those governments.
Has anyone tried zoho mail? I am looking for a provider that doesn’t collect info, and their privacy policy seems OK:
http://www.zoho.com/privacy.html
Zoho is an american company. Forget it, they can never make it private in the US.
Zoho mail is pretty good, better than google and outlook.com, my company uses zoho for our custom domain, excellent security features is what i can vouch for.
What info on “unseen.is” do you have?
Our team contacted Unseen months ago, but the company never responded, sadly we have limited data from them. Their site and TOS allowed us to deem them a secure provider. Please take a look at our Email Provider Interview category for a full list of information on companies.
Excellent email service with complete privacy:
https://www.openmailbox.org
Rise Up is ridiculous. They simply aren’t taking any more people. I have been an active advocate for privacy since ACTA and I took quite a stand against that then, as I still do now and it doesn’t matter what you tell them, you will be rejected. My search for secure email continues….
I understand that ShazzleMail does not use a central Shazzle-controlled server for the collection and distribution of e-mail.
Question: How specifically does a Shazzle e-mail find its way to the recipient’s device for delivery?
Fantastic list, Brandon.
If you’re looking for secure email, you may want to consider adding Novell GroupWise to your list: https://www.novell.com/products/groupwise/
It’s a top choice amongst compliance-concerned industries (like healthcare, government, and law) because of its many encryption options, it’s feature rich, especially compared to many of the cloud-based systems, and it’s relatively low cost.
Hi Brandon, this is a very good work you have got here. Congratulations!
I would like to hear your opinion about https://www.eclipso.eu/
Cheers
adolfo
Hey Adolfo thanks for the kind words! In regards to eclipso, I have never heard of them. I will go ahead and send them an interview and check out the service in the next coming days. If you want, I will go ahead and reply to you in the comments, or if you wana talk via email we can do that too.
Thanks for the recommendation, going to go ahead and talk with them.
Hello, thanks a lot for very useful information. What can you say about cotse.net and runbox.com? Or you are considering only email providers that keep and send only encrypted letters?
Thanks,
savvag
Hello,
In this post I only refer to email providers who encrypt during transit and store the emails in an encrypted format. In regards to runbox, we did an interview with them here: https://freedomhacker.net/interview-with-runbox-email-provider/
But this post does infact only address providers that store in an encrypted format. That way no data mining can be done on your behalf. Let me know if you have any other questions, don’t hesitate to ask.
https://xcapsa.com (as mentioned earlier this year) uses SSL/TLS for client access and mail server-to-server transmission if the receiving server supports it. It also stores emails on the server in an encrypted filesystem (encryption key set and managed by user, not service). Messages are stored on mail clients using the client’s native/default filesystem (owner’s decision on whether client filesystem is encrypted).
Hey,
I came upon this article searching “eclipso.eu”. Did you perhaps get a chance to check them out? What’s your opionion? I’m specifically interested as they allow aliases for free, but I’d like to hear your take on them.
Thanks,
Joe
Hi! So it’s a year later since this list was published, I’m just wondering if you have found any other recommendations to add to this list, or if you would now edit out anyone that is currently on this list of email providers? It might be fun to see you come out with an annual list of top email providers you would recommend, and see which ones make the list.
Thanks for you work!!
I actually update this list as often as possible. It is hard to find actual secure email providers, so if you check back you may see a provider removed or added. The list has stayed the same for some time due to these begin the top providers.
If you want, we could come out with an quarterly, annual, or monthly list of secure providers we see fit? But I think the list right now is great. Let me know.
I LOVE YOU! THANKS!!!!
Thank you for the kind words!! If you have any questions don’t hesitate to ask!
I have used gmail for years but they scan tons of stuff. I want to switch to a secure provider to protect my privacy. Someone raised this question earlier, but how do you protect the content of your email that ends up in someone else’s mailbox? Should I also have a program that encrypts my email? I am not very tech savvy.
If you want to send encrypted emails to other mainstream providers, use technologies such as PGP. If you don’t know what you are doing, it can make it tough. And I would personally not trust a program to do it for you. If it can automate encryption or do it automatically, I would guess it is either built by the government, low level, or broken easily.
They will also likely hold the private key, meaning they can decrypt the data at anytime if they log emails and are demanded to by a court order.
Thanks Brandon. Have a great weekend!
Happily! If you have any questions about any more of this don’t hesitate to contact me. I can really look in depth into the services if you desire. Regardless, have a great weekend too!
Hi Brandon,
Like I mentioned in number 4 above Im currently using PGP. I was considering the other options as a way more convenient and easier to set up for other users (friends, spouse, etc.)
I wouldnt really go for Hushmail as it offers so little space for the free account nor Riseup as you must email the owners and convince them to set you an email and still the quota is pretty low not to mention its based in the U.S.
The two options I see convenient and more flexible other than PGP are Sendinc and Galaxkey which I would appreciate your view on it
Regards
Hi yes I understand that, I saw you noted PGP but I just thinks its the best and most convenient.
Hushmail offers little space, but as long as you delete your emails, the 25MB limit could hold a couple thousand emails. Emails don’t contain a lot of data, most of the images you view via email are hosted on servers elsewhere, so you are viewing the image, not an attachment. Personally I think hushmail is great. Fast, free, and simple layout. For Riseup, you don’t have to convince them. You really just have to open a ticket, and they will manually approve the account. It just helps reduce spam, attacks, and various other junk from filtering in their doors. Most emails are created within a few hours. Also they noted they will shutdown or be another Lavabit if they are forced to give up data.
But for either program, I honestly don’t know. I think whats more paramount is having a secure provider. That way its encrypted, and emails transmitted through them are encrypted on both sides. I would recommend paying for an encrypted email, rather than services to encrypt emails. Encrypted providers have to charge as they don’t sell your data and that’s the only way they can make money. With those providers you get automatically encrypted emails, PGP keys, and all that. Personally I haven’t used either services, and can’t really give an opinion as I don’t see a need for them. I understand its automatic and gives encryption to all emails even in insecure providers, but I would stick with PGP. You could give them both a try and see what you like best, they both seem to offer high levels of crypto.
Hushmail is good but they cancel in about two weeks if you don’t log in. For those that might say it’s three weeks, that’s not true. I’ve put them to the test and I got bumped off in two weeks and one day. Too bad, the email is simple and fast.
This is true, it actually says that when you sign up. And actually I have had 4 accounts expire after three weeks. I have left free accounts inactive for over 2 weeks just fine. Right when it hits the third week a day after my accounts expired. Not sure what issues you had.
Maybe try contacting support, or was that in the past? Just recently had an email expire after three weeks just fine, left it for two and nothing happened.
But agreed, they are my first choice for email.
Thanks a lot Brandon. I have tried several email encryption services and I would like to add my experience and know your recommendations as well
1. Virtru
Not really convinced with how its encryption works as the encryption is done automatically on the recipients webmail (gmail, outlook, etc.) Lets assume that I received an encrypted email but I forgot and left my computer open, any person can simply open my mailbox and decrypt the message. My recommendation here is that a password to decrypt as an extra layer of security should be added. The only pro here is that its very easy to use with no complications what so ever.
2. Galaxkey
Very easy to use and the recipient receives an encrypted email and then he has to open the encrypted file through the smartphone app or Galaxkey web portal (which requires a password) in order to see the encrypted message. I would like to see your opinion on this since the free version is really good and the paid version subscription is very cheap. I do believe that you can convince others to use because its very easy and requires no effort at all
3. Sendinc
My experience was very similar to Galaxkey but If you want the extra perks, it costs way more than Galaxkey
4. OpenPGP
Currently what I use on my pc (Thuderbird) and phone (K-9 mail) and I find it the best option among all imho but it may get confusing for others to set up and use
Hi yes I understand you are looking for some more privacy, and using these applications that encrypt the email in transit correct? If so, why not just use PGP? If you have PGP keys, only you and the recipient can decrypt and read the emails. I don’t really understand why your using these services. Do they offer more flexibility? I just see it as, sign up for a secure provider such as hushmail or riseup, then grab yourself and your friends keys, and email with the PGP keys back and forth. These services that encrypt email seem a bit shady per say. You sign up for Virtu, and send a message. If it goes to an outlook inbox, how does that recipient decrypt the message? Do they have the private encryption keys, or their own set to decrypt the message? I see it as, if it automatically decrypts when they open it, then Microsoft can just scan the contents and read it. If both parties use hushmail, the keys are automatically sent and automatically negotiate in the WebUI. Both parties are using their keys automatically with no hassle on either side. Hushmail will by default encrypt all messages sent via their own service.
If I could get some more info on why you need these services that may help. PGP = Pretty Good Privacy. Grab yourself and your friends keys, and you should be all set for free.
Thank you for prompt response and effort. Looking forward for your upcoming reviews!
Went ahead and made a list of a few secure smartphone messengers here. I will be looking into a couple others and keep the list updated as time progresses.
https://freedomhacker.net/secure-messaging-apps-for-smart-phones/
In terms of Galaxkey, that is an somewhat email”ish” service that allows for encrypted emails and documents to be sent back and forth. Its not a smartphone messenger. If you want, I can still take a look into and and let you know what I think of it. Either way, let me know what you think of the article in the comments of it, and enjoy!
Thanks a lot. Im really looking forward to. I would appreciate if you review Galaxkey as well. I also would like to know why some people hate closed source software. Does open source always mean better security? When can we trust a closed source?
Alright I will look into the application and post the article tomorrow as I need to review it all.
Also closed source source software can be a security or privacy risk. As the community or peers can not see the underlying code, the company may have gaping holes in security, backdoors for government agencies, or just commonly known exploits out in the open. Open source software allows for everyone to view the source. That means a larger network can help build the infrastructure and patch the software. This also allows for better innovations. FireFox is built off its community, and bugs, security risks, etc are patched at rapid rates. Open source allows for better transparency.
You can never really “trust” closed source per day. Any company can go rouge at any second. If a company believes in transparency, the code should be able to be reviewed by their peers. EFF has been building open source projects since their beginning, same with Mozilla. Yes the projects can be hijacked and cloned by hackers per say, but open source transparency is far superior. Look at huge successful companies, Mozilla, Linux, Tor Project, EFF, those are all open source projects.
True transparency online is shown through open source projects. So you can never truly accept closed source softwares without suspicions.
Hello and thanks for great list of secure email solutions. Can you also review protonmail? Can you also provide a review for secure messaging apps for smart phones?
Hi thank you for the recommendation. I went ahead and sent them some interview questions, but will have to wait for their reply. But the service looks somewhat similar to lavaboom which is great. I will update you when the interview is posted. But I will go ahead and provide a review of some great secure mobile messaging applications and post it tomorrow. For the time begin, here is one article I wrote about secure instant messaging.
https://freedomhacker.net/secure-chat-on-ios-android-and-computer/
I have been quite happy with ProtonMail. the UI could use some work, but they just released a poll for new designs and they look gr8
I have become partial to Thexyz Webmail since I migrated last year, I have tried Fastmail, Lavabit but thexyz seems to offer greater mobile features.
Taking a look at it, it does seem to support SSL which is nice. But the whole entire website has multiple analytic platforms tracking users. They also seem to have virus scanning filters built in which makes me think the whole mail box may not be encrypted. Regardless, I will take a look into it. Thanks for the recommendations.
What about others that email you? If they have a provider that is not “secure” doesn’t that make it worthless that you do? So, basically, everyone must be in order for it to be relevant. Or am I wrong?
Somewhat true. Transmitting data to an insecure provider such as top providers does make the data available to them. But when you receive newsletters from your favorite blogs and are searching online you cannot be targeted. If you are looking up security products and use hushmail, Google can’t scan and target you since your not signed into your gmail harvesting yourself. Transmitting data in and out of secure providers doesn’t allow third and first parties to collect data and target you. This is implying you haven’t input all your personal info into Google along with setting forwarders.
Its not useless, but the data does become targeted by the top providers email scanners. In turn though, you cannot be targeted as your emails and personal information is not in the hands of those providers. There is a lot more to this, but this is just the very watered down version. If you want to know more, don’t hesitate to contact us.
I don’t know who you all are but, thank you for the information!
Tim
Hi,
Is anyone using notsharingmy.info here? My emails not coming anymore from them, I tried to write them, but my message can’t be sent to them too. (hello@notsharingmy.info) What happened to them? I can’t change my email to some services now, because emails won’t get forwarded to me. -.- It started this month… It’s dead for a long time, I hope they fix it.
Just tried it, and it seems the emails go through, but the receiver doesn’t get the email. It had been working fine in the past, now it seems to have broken. I would wait a day or two, and see if its a small backend problem. If it continues, even though you cannot recover what has been lost, MaskMe is the best alternative, and better than NotSharingMyInfo.
Ok, thanks, I’ll try it. But I wanted to ask, I head about their program DoNotTrackMe before… Should I use it or not? Because I use built in Tracking Protection in Internet Explorer with Easy and Fanboy’s list.
Thanks.
Hello again, yes DoNotTrackMe is superior to most if not all internet tracking softwares. Ghostery and DoNotTrackMe are the two best tracker blockers. Also, Fanboys list is alright, but DoNotTrack and Ghostery do a better job, and block Google bots on top of Analytics, Beacons, Widgets, etc. I would also recommend you update your browser to Mozilla FireFox. Internet explorer is known to have many holes, and is very outdated. In recent security tests is proven to be semi-secure, but FireFox has better Add-ons, privacy features, and whatnot. If you want, take a look at my settings up Mozilla FireFox guide, and try that. If not, Internet Explorer can work, but I don’t recommend it.
Yeah but it does the same, right? I have Adblock Plus for IE, because Easy + Fanboy adblock list (it’s one list now) isn’t available for IE. But it uses around 80MB + it makes my browser slower, since I have just 2 GB of RAM and slow laptop. So I don’t like to use many addons. Anyway, I don’t like to install all bunch of stuff. That’s why I use IE, it works well for me + I can’t uninstall it, I don’t wanna have 2 or more browsers installed. Some tests show that IE is more secure, some people says IE is more secure, some that Firefox is more, so it’s hard to trust some tests, the same way I don’t trust anti-virus tests. I use MSE with MBAM PRO + MBAE, I don’t care it is low it AV tests, these test are maybe paid anyway. Before MSE was among the first, now last, huh? The only free alternatives I see are Avast and Avira, Avast is bloatware (if you have a slow PC, you can see big slowdown, but I can’t see any with MSE + MBAM PRO + MBAE), and I don’t trust Avira anymore, packaging adware (ask.com toolbar) before. For me, it’s just malware. Btw, I’m very serious about privacy and security, I’m carefull, so I don’t even remember when I caught some virus. I use MBAM for years, never found malware with it, but I like to be secured. I know I should use Linux for better privacy, but I’m playing games, so I have no chance.
I would use Firefox or Chromium, but I think Chromium is not for Windows. But yeah, IE works good for me, it’s not slow as every hater says. IE6-7 was slow. The last ones are fast. Most of them actually didn’t try IE much, and they just jumped on the hate bandwagon just to be cool / IN. IE is fine since like IE8.
The same with Windows Vista hate, most of them are just blind sheeps, followers… Most of them didn’t even try it. Like one guy said (so I don’t have to type it again): Vista haters were ,mainly peopel who couldn’ affor dot upgrade from XP, had just upgraded to XP or jumped on the Vista hate bandwagon and said, I’ll wait for Win7 (just to be cool of ocurse). Meanwhile Vista was more secure and just as fast as XP, as independant tests here have proven, and yet was still parroted to be garbage by the followers of the countless people who’d never used Vista to begin with and yet said it was junk. The stories were identical in every complaint to what we heard here when XP was released. So, now it’s Win7 time. People who hated Vista now HAVE to say Win7 is better, as they were so smart and ahead of the game that they couldn’t possibly be wrong after all that bitching and arguing. Having used Win7 I do like it, but Vista is pretty slick now anyway, always has worked like a well oiled machine for me anyway (and I run more apps than most users as my needs span several fields). So, some will jump on the Win7 bandwagon and continue to say Vista is junk, just because it didn’t run well with half the required ram on a box designed for XP (just as XP failed on most Win2K boxes). The rest will eihter stick to Vista, upgrade for free to Win7 or sim[ply download it for free and hope it runs on their older box. Win7 is different than Vista, just as Vista was different from XP, which as different from WinME, which was different from Win2K, which was different from Win98SE, which was different from Win85…see a pattern yet? And every time something is DIFFERENT, a certain group of very loud people scream, bitch and whine that it is garage when in actuality they just fear change period.
The same with Windows 8. Hurry jump on the hate bandwagon… -.- Windows 8 is actually good, its main problem is just that new start menu “Metro”, but standard start menu can be installed back anyway. Also I don’t like Windows 8 integrated online account… I have a feeling it has some security / privacy holes. And it wants you to install everything through market place… and you need account for that. I like Linux, but it miss a lot of GUI, and it’s not good for gaming. And my favorite Windows softwares aren’t supported by Linux. Not interested in setting up Wine.
Also, I love all these Windows Vista haters. They hate Vista, but love Windows 7. Seriously? They are almost the same systems, Windows 7 is just faster, and have some few more tweaks / changes. I know, hate bandwagon… I know a lot of people who hate on Vista, yet they never tried it. They just say: Vista sux! (because others says that, people are such a sheeps).
If you install all Vista updates, and you have at least 2GB of RAM, you are fine. (I would recommend at least 3GB). Also, I uninstalled / disabled some Windows services (like ReadyBoost and others) And I see big improvement in speed (Also I got much more free RAM now in IDLE). People also complain about RAM usage, well, they should disable SuperFetch and other stuff if they mind that much. Funny how they don’t mind about Windows 7 RAM usage. Which does the same. Haters and fanboys are so annoying. Windows Vista is much better than Windows XP. Much more secure, easier to use, supports more stuff. Yeah XP is maybe faster, but that’s all. You need better PC for Windows 7 too, so what? XP is old system. I got both Vista and 7, also I used Win 8 beta. I use Vista since 2007. I didn’t understand PC much back then, and I wanted to go back to Windows XP, because I had Vista and it was really slow. But I found it was because that guy gave my system only 1GB of RAM… so I upgraded to 3GB RAM, and everything was fine.
Really, people who hate on Vista never really tried it, or they have really slow PC, or they just jumped on the hate bandwagon just to be cool, or they just can’t handle it.
I got a friend, he told me that Vista sux. I told him: how could you know? You have a Windows XP. He said he tried it in school, that he didn’t like its look / GUI. Now he has Windows 7 and not a single comment about its look, and he says it’s best Windows. Seriously?
A good example of someone who just jumped on the hate bandwagon. People can’t use own brains nowadays.
Also MaskMe sadly isn’t for IE.
But thanks for the tip, I’ll try someday. I’m done with NotSharingMy.Info (even if their service will be back on, it’s down like 1-2 weeks already). What if you expect important email?
Sorry for very long post, and my english.
Also I like how NSA says they are fighting for people’s freedom and against terrorist. (something like that). Oh yeah? They are just spying on us, and making childish excuses. Someone should kick their asses. Governments… they think they can do whatever they want… and people letting them to. They act just like dictators.
And what freedom? What privacy? We have less and less of both. NSA are the guys who are they looking for. :)
(Also about Ghostery and DNT+, and Easy+Fanboy list… too bad you can’t check what is and what isn’t blocked with these, and if it blocks everything). Easy+Fanboy list is long, DNT+ creators offers list too, which is very short, maybe they use it in their DoNotTrackMe+ addon?
Firefox would of been nice to trust if it didn’t have obvious masonic symbolism.. It had potential but I can’t put my total trust in it after noticing how blatantly obvious it is. For example go to in the address bar on firefox “about:mozilla” and it’ll show you a satanic biblical like text. It’s called “the book of mozilla” it’s creepy. All spin-offs of firefox have it too like iceweasel “about:iceweasel”, palemoon “about:palemoon”, seamonkey has the mozilla one and abrowser has the mozilla version as well. Then the Epiphany broswer has one in Latin called like “the prince” or something talking about perfection when there’s nothing left to add to achieve it.
Lets then focus on the logo itself. The Firefox logo is very much inspired by the oroboros (snake that eats it’s own tail) very masonic.
You don’t have to take my word for it. Look it up. I’m not the only one who thinks this way. Take under consideration that I’m an Atheist too but know there are psychopaths that believe so much in a religion, that they’d go out of their way to force it on others.
Now, if you want to go even deeper. Lets take Linux and GNU/Linux, their logos in general are spot on right in your face satanic masonic symbols. 666, Baphomet, and the all seeing eye. From OpenSUSE, Ubuntu, Debian, Arch, and Fedora (which has the symbol for eternity a figure 8 the 8 is faded but visable if you look at the “f” close enough.) to GNU/Linux which occultist Zionist Richard Stallman or RSM has promoted and made profit on like Gnewsense, Pabola, and Trisquel. People are so blind and sold on the freedom thing and false heroisms of thse con artist co-intel pro agents that they’ll believe it’s a “safe haven” and 100% trustworthy because they speak their language and sound convincing.
Unity isn’t any better look at their logos and their BDS distros some have been reported to leak information to the NSA like how SElinux is a tool for or made by the NSA on most Linux distros and you can only shut it off not delete it because it’s embeded into the kernel. Not to mention Unity is and has been used for DARPA projects. Their code assists making DARPA robotics such as drones and other types of high tech machinery.
Sadly, I’ve come to a dead end. I mean there is Risc OS but it’s outdated and hardly anyone uses it. It’s not very ideal for really anything other than programing. It had potential to go far but Windows came in and knocked it out of the water.. Either that or build your own OS which I have no idea as to go about doing that.
At this point it’s like choosing the lesser of the many evils.. Hard to trust anyone these days, there’s so much disinformation…
I’m using Tutanota right now but I spoke with the owners and asked about zionism and why they support bitcoin when it has 0 backing and possibly is the NWO currency we’re headed towards. They said they aren’t allowed to disclose their political beliefs but say they “promise protection” and “are transparent about privacy and take it very seriously” not very encouraging in my opinion..
Hey Santa Claus – you are totally wrong about Vista – SP1 and SP2 were crap – a pig with lipstick – or a highly polished turd. I speak from experience I used it extensively, not to do office and web-browsing I used it for real work – Mapinfo,, Visual Studio, SQL Server, Eclipse, Apache, IIS etc etc, installed and reinstalled it on several boxes and laptops, best thing I can say about it is that it was consistent – consistantly crap. I suffered through months of working all day on that frankenstein OS until I finally convinced my manager to let me return to XP – which on SP3 blew Vista away.
I guess it wasnt the worst OS Ive seen though Win 8 and Win ME can fight it out for that title.
When Win7 came out it was fine from day one – by that time Vista actually worked so maybe you were talking about that SP3 Vista or maybe you were just impressed by the way it ran notepad?
Thanks for info but im looking to keep someone from hacking my phone
How does DoNotTrack and Ghostly rank up against Disconnect?
Hi Onyx, we actually have an article regarding this coming up later this week. Stay tuned! But just for a quick answer, Ghostery for sure.
Onyx Risc,
Your comment has been a sort of eye-opener to me, thank you. What would be your view on Tails system though? You gotta trust someone these days, as you have no other option, unless you can build your own os from scratch. Thanks.
We gotta throw our hat in.
http://www.lavaboom.com is the most secure email provider available to the public. And it’s totally free.
Public beta coming April 2014.
-Bill
P.s. drop me a line anytime at @billfranklinuk – I’d love to hear what you think!
checked out lavaboom and its almost october……any idea when its going to be ready for all??
Any email server based in the US is subject to the Patriot Act. That means all your data can be requested by the NSA. Also, the people running the US based email server are not allowed to admit to you, to the media or anyone else, that they pass your information to the NSA…
That is true, but if they are gagged providers are aloud to shut down and open overseas. Providers have done it before, and if the emails are encrypted and only the end user holds the encryption key, encrypted services cannot be turned over. SpiderOak, and similar zero tolerance companies cannot turn data over, as its physically impossible, and has been shown to work time and time again.
Holy crap, I’ve arrived in an alternative universe. Having been involved with computers since the early 80s, I’ve burned out since due to some serious health issues, now I am way behind obviously.
Where does an aging inept boomer begin to catch up? With Yahoo now and want to hit the email reset, where is the start button?
Thanks
Hey man things are changing rapidly. I would recommend you read the detailed top 5 we compiled and find the email that you think best suits you. The best way to get back into the infosec game is to begin reading the security blogs then take a dive yourself. Forums are great and there are dozens of places to get started for free. Check the sidebar, we have a post for the top 5 free sites to learn cybersecurity. Cheers :)
HUSHMAIL apparently turned over info to the “feds”, and they are a Canadian Company. The North American Union [step into the global TYRANNY of the bankster rothchilds] AND Northcom, are THE NEW WORLD ORDER , ….FREE COUNTRY ? Its all but the, ..WAKE UP moment, for the aMERICAN FOOLS, TO REALITY.
xcapsa.com is another privacy-oriented service but takes a fundamentally different approach to data security. Instead of creating a shared infrastructure like most of the services listed here they instead create a personalized cloud server for each customer. They provide email (webmail or IMAP/POP) and network storage/sync (i.e., like dropbox). All data is encrypted “at rest” (on disk) and during transmission. You enter an encryption key when you first receive your cloud server and again if a reboot is required. Since only you have the encryption key, it doesn’t matter if data is examined by anyone other than yourself as they don’t have the key to decrypt it.
My personal favourite is CryptoHeaven http:\\cryptoheaven.com thats running encrypted email since 2001 and is the codebase for SaluSafe http:\\salusafe.com
It uses well tested RSA 4096 with AES 256 and is designed with perfect forward secrecy and zero-knowledge pass through servers for storage.
Checkout the source code on GitHub. The source code was recently posted on GitHub, but apparently it was always available on company’s website.
Thank you for this list. I do have a question about which I hope you may have some insight.
Concerning Shazzlemail, which seems like a great idea (kind of like torrents?), but I have a concern about the app and its permissions on my android device.
I usually do not install anything that asks for permission to read call data or any thing past network access. I want to use Shazzlemail but they ask for phonecalls, contacts, and more. Is this truly a trustworthy service? I know I am using an android so my privacy is a joke anyway, but I would appreciate hearing your take.
thanks for your time.
Hey and thanks for the comment. Many people hate on Android for privacy concerns, but Android can be turned into a privacy product if executed correctly. Now personally, I am unsure as to why ShazzleMail would want that type of info. I understand they may want you contacts, as you can add emails into users contact fields on your phone. But call data, not to sure. If you want, I would recommend you root your Android phone. I don’t have any guides, and can’t take responsibility if anything goes wrong in the process, but I personally have done it. I would then recommend you flash the PAC man rom, or paranoid android. Paranoid Android and PAC Man both allow for you to set app permission. Now don’t only flash your phone for ShazzleMail. Many Google applications completely obliterate privacy. Such as the Google Play store having access to listen to your voice at any time. I have personally installed PAC Man on my Galaxy S III, and couldn’t be happier. I have denied almost every Google application any rights to spy on myself. I have also done the same for %99 of other apps. I have too uninstalled almost all bloatware apps per-installed. I personally believe my Galaxy S III is somewhat proofed from dataminers, etc. Obviously the N.S.A. and others could still probably tap into it.
I also feel Google is a lot more open than iOS. They tell you what permissions the app will have. Lets me ask the ShazzleMail team, and I will post an interview with them in the near future.
Thank you for reading and best of luck!
Did you speak to the ShazzleMail team? I would be interested in hearing more about this as I want to change email providers and cannot decide who to go with – currently thinking either lavaboom or shazzle. I do not know much about the internet but think I understand that these two providers work in different ways – one encrypting and using keys, and one using an app system rather than webmail. Which is better / more secure? Are there any particular reasons to choose one above another? Which is likely to have the most longevity?
Thanks for any feedback.
Hello and yes we actually did speak with the Shazzlemail team. The two are great, Lavaboom is a zero knowledge provider, something all privacy advocates have waited ages for. ShazzleMail is an email infrastructure that can’t be touched.
Both are great, and it depends on what you want. ShazzleMail is a local email hosted by you, and ONLY you have access to your emails. Shazzlemail has no servers that store any form of data. You load shazzlemail on your smartphone, and have all of your emails encrypted and stored on your smartphone. Your smartphone also acts as the host, so if you smartphone is off, your email is off. Your hosting is provided by you, so the NSA could not steal your emails, or snoop on you in any way without stealing your physical phone, or siphoning data out of the phone somehow. Either way, Shazzlemail has no emails, no data, and is harmless. I wrote an article on how it works and why its game changing here. https://freedomhacker.net/shazzlemail-the-everything-proof-email/
In turn, Lavaboom has all your data stored on there servers. Your email will always be online 24/7, encrypted by them. If a law enforcement agency tries to extract data, it will not be possible as they don’t have the keys to your data. They can’t read your data even if they tried, or servers got seized. Its all encrypted, and available 24/7, whenever you want it.
In all honesty, it depends on what you want. For longevity, both will be survive, as they are new emerging technologies that many users are using right now worldwide. It depends, do you want full control of your data and only you but have to have your device always on, or want another offshore company holding your data but begin physically unable to access it even if they wanted to.
i would reccomend lavaboom because of their awesome ui and gr8 support team. just requested an invite
Thanks for an exhaustive and informative list of secure email providers.
Here’s another one: Runbox (https://runbox.com). Our servers are located in top security facilities in Norway and are protected by some of the strongest privacy regulations in the world.
Additonally, our Webmail is provided over Extended Validation SSL with Perfect Forward Secrecy, our services have no ads or tracking cookies, and it’s all powered by renewable, hydroelectric energy.
Hi – one more for your list, ShazzleMail.
We tossed aside client/server architecture and connect sender/receiver directly (p2p) using sender’s smartphone as the server. Works with iOS and Android devices and on PC or Mac with POP3/SMTP clients or we have an email client as well. No copies, no data mining, no email to turn over since we never get your email. Private and secure? You bet. Free? Yep. Check us out at shazzlemail.com. Would be happy to give you a demo or call to discuss. Thanks.
Thank you very much. Love to see “we the people” locating privacy related correspondence.
Just a suggestion…. Firefox (and Opera) have extension(s) like “Lock the Text,” which Encrypts the Text, no matter where the Text is 1.highlighted and copied from a web page or written in a word processor than copied into a “webpage” form, THAN 2. Right click and choose “Lock the Text.” 3.Pasted into the “Lock the Text” Popup. 4. Encrypt. 5. Write a “Password” or better yet a Pass Phrase. 6. Paste the “encrypted” message into a email, messenger, SMS.. ect and SEND. Any “Form” on any web page with httpS, (bank, credit union, secure login page, etc,) could be used to paste from a word processor, and than highlighted again, and than Right Click find “Lock the Text” in the Right Click Menu > LOCK.
Using Tor messenger or some other 256 Bit (and UP) secure based messenger, or a secure SMS, to send the password beforehand, really ensures the correspondence to be SECURE. There are even secure Android calling to transfer passwords and to Talk on, like Red Phone for one.
By the way, it takes a whole lot LESS time to do all those steps, than it does to learn that procedure. And changing the Password and or Passprase randomly, and often is a whole lot safer to keep the correspondence more secure.
Again thanks!
Makes sense what you say, but if the website is poorly coded and doesn’t lock the text by default its generally a coding error. As far as I am concerned a plugin would not be able to fix that. Since thats a backend issue, I don’t see how that would make it anymore secure. I may find it less secure since you are asking a plugin to encrypt a certain amount of text. But maybe I am completely wrong, and maybe some websites don’t even encrypt a certain amount of text when you send it.
Also, along with redphone and whatnot we have
https://freedomhacker.net/how-to-encrypt-phone-calls/
https://freedomhacker.net/make-anonymous-phone-calls/
https://freedomhacker.net/secure-chat-on-ios-android-and-computer/
Maybe elaborate a bit more, or email me about this author[at]freedomhacker.net
Thanks for the comment, and support.
You’ve GOT to be Kidding! Who is going to do all that every time they send Email. I’m fed up. I’m going to chuck it and go back to writing letters. I prefer to get them myself, too.
I’d suggest you take a look at http://www.unspyable.com
http://www.gmx.com is some of the best email I’ve ever used. VERY FAST and easy to navigate!
gmx collects and stores everything about you and they will block you whenever they want
e.g. when you log in from different IPs. They do not reply to your e-mails.
I haven’t personally used them, but I have noticed an unbearing amount of spam from their service. On various emails GMX is the number one spam provider, I get hundreds of spam sent from @gmx emails daily. I have not personally used them, just wanted to add to what you saying.
I have used gmx…yes, they must be tracking. The ads reflect my “interests.” They advertise as being able to provide exactly what you want. Not true. There is very little ability to configure. One of the most annoying features is automatic logout “for your security.” There’s no way to turn it off or adjust the time, so be sure to save your composition if you need to pause for more than a few minutes. Then, when you log back in, the condescending message “You forgot to log out!” is displayed. There’s no way to turn that off, either. I am looking for another provider.
I agree totally. I have been using GMX for years and they are quite open that they monetise you through cookies etc. Loads of spam. What annoys me more than anything else is that the forcible log you out every 24 hours or so, making you sign in every day. Sometimes I have missed emails for 12 hours. When I complained, they replied cheerily, 24 hours should be good enough for everybody! That is the reason I am here, looking for an alternative. :-(
gmx.com is very unsafe. It is hosted in Munich with direct access of the authorities.
gmx,de & gmx.net are hosted in germany, gmx.com is hosted in the US.
The server hosted in the US is a lot more secure from government snooping than the one in the US, where the government is very keen on privacy & does not collect any data. wow, what a revelation, who would have thought that.
gmx is totally insecure crap.
Government has been storing all of everyone’s data for years now.
GMX is totally insecure, and switches off Https at every opportunity, carrying out spying on it’s customers like nobody’s business. To be avoided at all costs. Spam is unbearable after they were hacked a while back, including all of the customer email addresses and contacts.
From FAQ:
“Why Cyprus, Czech Republic, Hong Kong, Iceland, Netherlands, Norway, Panama, Russia, Sweden and Switzerland?
Answer:
These countries are either known for their strong privacy laws and minimal government actions against web sites and operators and/or lack of cooperation with other countries and their data retention and disclosure policies.”
Ha-ha-ha. Russia “known for their strong privacy laws and minimal government actions against web sites and operators”? Really? Hey, guys, where are you from? I’m from Russia. At present my country is “digital prison” aka ГУЛaг https://en.wikipedia.org/wiki/Gulag. Do you value email privacy ? Go away from russian hosting immediately. We have own PRISM. It’s called СОРМ-2 (СОРМ-3) http://en.wikipedia.org/wiki/SORM
I’ve been using http://www.mailfence.com and I can tell you it is really secure and safe :)
Without the ‘s’ after http, it’s NOT secure.
it is secure and safe. Unfortunately they have horrible support, lied about phone support, have no app that provides notifications and when asked about that was told to install another email client to provide the notifications essentially making any security through their service worthless. I had multiple sent emails that ended up in my spam folder that were never received and the list goes on and on.