Encrypted mail black.com

gammexane · October 7, 2024, 3:23pm

Hello all. A friend of mind has recommended me black.com an encrypted mail services that I had never heard of…
It hasn’t a free services, it is 3.5€/m, 25gb, aliases… and I quote:

“Emails are zero-access encrypted (AES-GCM-256 with RSA-OAEP-4096 key sharing) with a password-derived key, which means that not even we can access the contents of your emails at rest. Our system encrypts subjects, headers, message contents, attachments, email drafts and push notifications.”

Any of you know it? any review already?

Thank you very much.

anonymous230 · October 7, 2024, 3:24pm

Sounds like proprietary trash. Say no!

gammexane · October 7, 2024, 3:34pm

There are others proprietary software recommended in PG, like Tresorit.
I just want to know if someone knows it…

user1 · October 7, 2024, 3:53pm

No pgp, no audit, no in depth info on the site, dubious privacy policy, one developer?
TLS in transit as an asset?
Come on, same old good red flags.

Regime6045 · October 7, 2024, 3:58pm

Sounds like what Startmail and Posteo are doing. The problem is that when you access your email (via browser/webmail or app/IMAP) your stuff gets decrypted temporarily. So it’s just privacy theatre. Happy to be proven wrong in this case though.

delosmzp · October 7, 2024, 4:14pm

Nothing about it screams it is genuinely private and secure - with communication tools, if not open source, not worth using it.

Also, it has AI with “private email service”? How stupid do the developers think people are.

AI = Surveillance

gammexane · October 7, 2024, 5:22pm

Tuta deleted the accounts I had, one of them even paid… Proton (I was visionary) doesn’t have a single product that is not half baked. I use Linux, I can only use SimpleLogin and barely the web mail.

gammexane · October 8, 2024, 6:20am

Thank you very much. I will.
I will have to buy “a server” and host my own services…

bigdzi · October 8, 2024, 12:40pm

Agree. Thats NOT that hard BTW: If you can afford, buy your own physical server. Dont go with VPS/dedicated. This will cost you higher, but its one time payment.

As of red flags: here is another one:
Zrzut ekranu 2024-10-8 o 14.46.22

freddy · October 8, 2024, 1:51pm

Not always, but often.

Anyway, its a very slick website - but its not going to be anywhere near as private as any of our recommended providers.

These are all valid concerns. I also enjoy that 2FA is listed as a feature too.

Cool domain, pretty website, substandard service. We won’t be recommending it unless quite a lot changes.

jerm · October 8, 2024, 2:01pm

Website doesn’t load without JavaScript…

Lukas · October 8, 2024, 3:16pm

Reason: lack of options.