Email isn't private

Email isn’t private by design. Every mail you send will come from, pass through, or end up in a google, apple, or microsoft server. Using a “private” email only works if the other person does the same. Proton, tuta and other services generate and handle their own keys. You can’t change the encryption on existing mails in these services. You have to trust that they won’t copy the plaintext before you send the mail. You have to trust that they’re running the same code on the server that they claim to have open sourced.

It wasn’t designed from the ground up to be secure and private like e2e messaging apps. Using IMAP or POP doesn’t change anything since the unencrypted mails are stored in the mail server before you download them.

The only way to get privacy is to encrypt the mail beforehand using technologies like PGP. So that means only in cases of in-person communication through IMAP with a mail client. Putting a proprietary bridge like Proton’s makes it worse. But even then, due to the design of how email works, the metadata is not encrypted.

The mail providers logs IP addresses, payment information and also ask for a lot of unnecessary personal information due to the government restrictions. And hence they have no choice but to hand over entire mailboxes to the government.

Email for most use cases is not private unless you both sign up anonymously through tor using something like cock. In that case you might as well use signal or briar.

So most services are not that better than say gmail on a business account if you were to properly use imap with pgp. Because even google will claim to not sell or use user information unless you ask them to.

2 Likes

This is something that everyone already knew, and it’s even written on the site.

4 Likes

… yeah but it is decentralized, and it is good enough to reminds us where we come from and where should be heading to.

1 Like

soo… should i just be using Gmail?

No.

I think the terms of “is or is not” private are kinda useless. Everything exist on a scale of privacy/security. Not a yes/no function.

Email metadata is always exposed to collection because that is how the protocol works. Certain information must be externally viewable in order for the routing to work. However, the content of email can be private if E2EE. You can do that a number of ways.

I think I read something in the latest “most requested feature” from proton where there would be a way to e2ee non protonmail user contents with protonmail user content? I have no idea how that would work, to me it doesn’t make sense, but they might have found a way somehow.

Hi, this feature is already implemented, you can read more information here.

Email is gradually becoming less a platform of communication and more a platform for account administration. I agree that email as a form of communication between two or more people is insecure for the reasons you said. But I disagree with the conclusion that you may as well use those mainstream services like gmail. Tuta and Proton both have far superior security for accounts and logging in, and they have the benefit of not being all-your-eggs-in-one-basket like gmail is (though Proton is slowly becoming more like that).

Just to name one example, Tuta allows you to use security keys (eg. yubikey) and force that as your 2FA, while Gmail and Outlook always have a fallback mechanism (if not another email address or phone number, they may also ask you questions such as regarding the contents of your inbox).

Also, gmail and outlook are a huge target in the same way Windows is compared to MacOS and Linux.

You should at least use Tuta and Proton for account logins. Ignoring the privacy benefits, the level of security that you would be gaining by using them is huge. And I’m specifically talking about protecting against hackers trying to get into your account, not the communication protocol. I couldn’t care less whether the automated emails I get from various online sites eventually pass through an insecure (or non-private) server. Unless that site uses plaintext to send you a new password after a password reset, you’ll be fine.

Lastly, what better options do you have? Obviously PGP will not help you for this purpose (there are almost no sites that send automated email using PGP, the only ones I can think of are ones that focus on security, though facebook surprisingly allows it).

Email should be used thoughtfully. It should not be used for sensitive information, but since it’s still used for management of online accounts, you are much better off using a secure email provider.

1 Like

Hi, this has been around for a couple years now. I’m talking about this, but without the use of a password. I’m pretty sure I saw something about it somewhere, but I can’t seem to find it.

Other than the option I mentioned above, the alternatives are as follows:

End-to-end encryption with PGP: If the recipient uses PGP encryption, you can exchange public keys and send fully encrypted emails without using ProtonMail’s password features.

Encrypted attachments: You can encrypt files before attaching them to your email using third-party encryption software.


I would be grateful if anyone has additional information to add to this, it will help me for educational purposes.

I found it:

See what people wants the most:

“For Proton Mail, 59% of respondents want an easier way to send end-to-end encrypted emails to non-Proton users”.

Meaning there will probably something coming that will be easier then what we currently have.