I’ve been looking to switch from gmail to a different email provider that’s more private. I’ve been hearing about Tuta, are there any drawbacks to it? Are there better options?
For a while I was planning on making the switch to protonmail but that’s off the table now due to the recent events surrounding them.
Tuta’s product is snake oil.
If you don’t care about their (nonstandard, incompatible, and snake oil) end-to-end encryption feature and just want a freemium email provider which (purports to) protect your privacy in other ways, the fact that their flagship feature is snake oil should still be a red flag.
Is there anything about Startmail (company that does Startpage.com) that is worth avoiding? I’ve never paid for mail but if it’s solid and avoids Google I might.
StartPage/StartMail is owned by an adtech company who’s website boasts that they “develop & grow our suite of privacy-focused products, and deliver high-intent customers to our advertising partners” 🤔
They have a whitepaper which actually does a good job explaining how end-to-end encryption in a web browser (as Tuta, Protonmail, and others do) can be circumvented by a malicious server:
The malleability of the JavaScript runtime environment means that auditing the future security of a piece of JavaScript code is impossible: The server providing the JavaScript could easily place a backdoor in the code, or the code could be modified at runtime through another script. This requires users to place the same measure of trust in the server providing the JavaScript as they would need to do with server-side handling of cryptography.
However (i am not making this up!) they hilariously use this analysis to justify having implemented server-side OpenPGP instead 🤡
Wow, that is very disappointing. I had started using startpage as a Google alternative. While it still may be preferable to Google specifically, their mail product is definitely out.
I didn’t like that Tuta didn’t support IMAP which means I am locked in to using their client. I self host my own CalDAV and carddav servers for calendar and contacts and wanted a single client for mail/calendar/contacts. Without IMAP support I could not do that. I ended up going with fastmail and am okay with the privacy tradeoff of no end to end encryption.
I am very happy with Proton.
What did proton do wrong? Legit question, I’m out of the loop.
Nothing. It’s just FUD.
Here’s an article about it: https://medium.com/@ovenplayer/does-proton-really-support-trump-a-deeper-analysis-and-surprising-findings-aed4fee4305e
Even if the CEO did support the orange turd, I would personally still be able to separate his personal opinion from what the non profit is doing.
He explicitly supported the republican party in its current guise. That’s enough for me to run. Fastmail is where I’ve temporarily landed - would prefer somewhere away from Aussie jurisdiction, but it felt like the least-shit.
Great source, thanks :)
That was informative, thanks.
I agree with you, I would be extremely surprised if the Proton CEO supported Trump… I would say very unlikely.
deleted by creator
no
Care to elaborate?
chodi joined lemmy 55 minutes ago. Ignore their non-reply and block
I’ve seen two posts by this individual so far. Both useless.
Edit: Make that 3 for 3 in the useless category. There’s one below me here.
yes
Haven’t read anything bad about Tuta so I guess it’s fine. Other good ones are Proton, mailbox.org or posteo.de. Anything that’s not by Google, Microsoft, and so on.
I’ve been using it for a few months now. Works just fine, doesn’t do anything fancy but it doesn’t need to. Filter rule creation is pretty limited, and the desktop client doesn’t play well with my VPN for some reason, but otherwise it works fine.
Yes.
I’ve tried tuta before. It seems pretty okay, but it doesn’t support IMAP meaning you have to use their app, and (at least for me) it was SLOW.
I personally use disroot, but there’s loads of other options, like mailfence seems like a decent alternative. Just pick one that supports IMAP
I’m using Tuta and their app for a few years now. The app was slow indeed but it’s good now, no problems so far. Lack of IMAP support is justified with security, they say. I personaly don’t need IMAP as I’m completely satisfied with the app, which is available officially in f-droid btw.
yk, fair enough. if you like it, that’s fine by me
No single organization should be trusted. “Emails paint an intimate narrative of ourselves — the people we talk to, the books we read, the politics we practice. This information is powerful. When we lose control over it, it can do great harm to ourselves and our loved ones.” https://ideas.ted.com/why-we-should-all-care-about-encryption-really/
What’s the practical takeaway here? Just don’t have an email basically
Take control of your data. Host your own email or use a provider that cares about your privacy.
We talk about this so often in privacy communities because, although emails are particularly difficult to secure, they’re so important. Swapping your email provider or hosting your own is so easy to say and so hard to do, but so worth doing. I would suggest taking some steps towards FLOSS/FOSS and other privacy-friendly options in other areas first to get used to the idea of change and some of the difficulties you’ll handle in that realm
What’s the practical takeaway here? Just don’t have an email basically
@[email protected] The takeaway here is not “don’t use email at all.” You can employ OpenPGP, and encrypt your emails. Also, host your own keys. Perhaps don’t allow a single corporation to have your private key and access to your encrypted messages simultaneously.
I’ve used Tuta for more than 4 years. It’s a solid choice if you accept a couple few things:
-
they’re a small company, doing their best to survive.
-
you have to use their client apps. They take security very seriously and assume all of their users do as well.
-
prices might go up every few years but I am still paying my original rate, for my original features.
-
the search function does work but is very slow.
But otherwise, I’m very happy and expect to stay with them for the forseeable. Good luck in your search.
-
I’ve had a bug with the android app where sometimes notifications for emails just don’t happen. I’ve received a new email notification, opened the app, and found that the notification was for an email received 5 hours ago, and I didn’t get any notification for the email 3 days ago or the email 1 hour ago.
Despite this issue and several other minor issues, I still recommend Tuta. Mostly because I can’t find anything better.
This happens to me as well. It’s a bit annoying but I still prefer it over others.
If you’re on Android, by any chance, have you gone through all the battery optimization, background process killing, and startup settings? Some OEM’s versions of Android are real bad in that way. Giving the app the right settings and permissions may decrease the number of delayed notifications like that.
I am using Android until I can find an alternative. I’ve turned off all optimisations I can find. I haven’t had the issue in a few weeks, but it did happen once since changing settings. I’m hoping that something random I did (like a phone restart) somehow fixed everything.
I am using Android until I can find an alternative
You mean you’re considering something like PostmarketOS? Just wonder where people are looking for alternatives.
I’m looking everywhere I can. I haven’t found any OS that works with my current phone (Nokia G42), and the aren’t too many phones that meet my needs (dual Sim, small, headphone jack, repairable, runs open source OS).
I’ve given up actively searching and I’m mostly browsing Lemmy and hoping to stumble across something useful. Please let me know if you have any more suggestions.
I recommend mailbox.org instead.
I started using fastmail, best thing I decided to do in awhile
No PGP support kinda kills it imho
