1991 views
 owned this note
"Secure" email providers === There are various "secure" or "privacy respecting" email providers out there. So I decided to check them out to see how easy to use they are, how they handle encryption and other things I noticed. ***Disclaimer:** After the comment disaster in my last blog entry where I compared stuff, I'll leave the "staring"/rating to you and just tell you my experience. So whatever you like or dislike on these services, this is my personal opinion on these services and I'm not about to discuss too much about them. At least not in the comments. But feel free to text me on Twitter, Matrix.org, IRC or any other social media if you want to discuss* Easycrypt --- [Easycrypt](easycrypt.co) was the first candidate I tried to use. Or let's say, I was interested in, because it's no real email service but they offer a user-friendly web interface for existing email accounts and services like gmail. ### UX From a UX perspective easycrypt is pretty nice. You put your mail address into the field. As it doesn't offer own mailboxes, I used a gmail account to see how easy it is and yes, it's very nice. You get an email to confirm it's your account, set a password for the easycrypt account and have to authorize an app for gmail. That's it. Very easy to do and intuitive. The UI of the webmailer is modern and easy to use. People who are used to the gmail UI will like it pretty much and find various things in similar places. A green lock indicates that a person has its PGP key registered on easycrypt and this way you can communicate end2end encrypted without any additional need. ### Encryption By default they provide you a 4096 bit key which is generated on your local machine, encrypted and uploaded to the easycrypt servers. This by itself makes it pretty easy to use and of course the communication pretty secure. When I tested they used [OpenPGP.js](https://openpgpjs.org/) version 2.3.3 to encrypt and the message I send to my regular email account. Just as information: The latest release of OpenPGP.js at this time was 3.0.0. Let's say they don't want to be too edgy, there is still version 2.6.2 before 3.0.0 with [more than 180 commits difference](https://github.com/openpgpjs/openpgpjs/compare/v2.3.3...v2.6.2). I just hope they'll update in near future even when there were no serious security issues since this version. ### Other things I noticed… As their ["Under the hood"](https://easycrypt.co/under-the-hood/) page was so interesting, I decided to send them an encrypted email with some questions to their info address. As it turns out, the key they provided on their webpage wasn't the one I should have used. Okay, shit happens, no problem. I got the right key and was able to successfully get my questions delivered. What I got as response was a bit frustrating. First of all as it turns out their "metadata avoidance" isn't built yet. I have to admit that this was mentioned in their FAQ but I didn't read it completely. On the other hand none of the mails they send to me were encrypted. As they pointed out this was because my public key was missing. Well, as it is usual I send my public key within my second (yes, I forgot to add it in the first mail) mail as attachment. Also it's uploaded to various key servers. But easycrypt has an own way to provide PGP keys of external users, which is pretty interesting, but you need to know that otherwise communication becomes really frustrating. Here how it works: You send an email to `registerpublickey@easycrypt.co` with your public key as attachment (as I did when I send it to the info address first). Once you did that, an email, encrypted with this key, is send to the source mail address, containing a validation link. This way they made sure, that the PGP key belongs to the mail address. Very nice. :+1: for this! While this works pretty well and is a well designed idea, it has some problems. For example as a easycrypt user I can't initiate an encrypted conversation with people who didn't register their public key this way. Also I have no way to add a persons public key to an own GPG keyring so mails can be encrypted in future. The only way is this registration. ### Vendor lock A nice thing on easycrypt is that they allow you to download your public as well as your private key. This allows you to use external clients like [Thunderbird](https://www.mozilla.org/en-US/thunderbird/) with [Enigmail](https://www.enigmail.net/) as well. You can also import a keypair to easycrypt and this way use your existing keys in their webinterface. This basically makes easycrypt vendorlock free, but they plan a non-standard way for sending emails between easycrypt users for the metadata avoidance. So there is probably a future vendor lock. Protonmail --- A very popular and fast growing service for encrypted emails. It provides a [web client](https://mail.protonmail.com/login) as well as apps for [Android](https://play.google.com/store/apps/details?id=ch.protonmail.android) and [iOS](https://itunes.apple.com/us/app/protonmail-encrypted-email/id979659905). ### UX From a UX perspective Protonmail is very intuitive. The UI looks modern and once you provided your PGP key to external users, PGP encrypted emails instantly appear decrypted in your inbox, but with a green lock which indicated that the conversation is encrypted. ~~And here comes the sad part: When you try to answer to a non-Protonmail users, you can't send a PGP encrypted mail.~~[^1] Instead you have to use a symmetric way, means you provide a master password for the email and maybe a password hint and the other side needs to get this password in one or another way. An even bigger problem is that these symmetric encrypted mails are only available for 28 days. That's very bad for the other side. ### Encryption As I already started with the encryption: Yes, while incoming PGP is completely normal, ~~outgoing PGP is completely missing. This basically breaks the whole purpose of the service.~~[^1] ~~But according to their help center they [plan to support PGP](https://protonmail.com/support/knowledge-base/sending-a-message-using-pgppgp/) somewhere in the future.~~[^1] ### Vendor lock Protonmail is pretty good on marketing. They provide a lot of nice stuff, but when it comes to switching away from Protonmail it gets complicated. First of all you can't simply get your email using imap or pop3 as long as you are on the free plan. If you are on a paid plan, you have to use their imap/smtp bridge, which then again provides all emails unencrypted in your local mail client. At the same time, they don't allow you to download your private key using the web interface or anything else. If you still want it, you have to use an API call or [export it from the web console](https://medium.com/@salomoko/how-to-download-your-protonmail-pgp-private-key-994b7794baaa). That's very user unfriendly. Also you can't upload an own private key so you have to trust what was generated for you. ### Other things I noticed… After the huge disappointment when it comes to encryption, it's also kind of annoying that everywhere a "Upgrade now|This feature is only available for paid users" is shown. It really pushes you to buy a premium account. I completely understand why, as it's super expensive to provide this amount of infrastructure without any ads or crypto mining in the frontend, to respect user's privacy. And I really value this but it's also kind of annoying, just leave the features away if they are not available for me. Also by default Protonmail uses its one password mode, where it encrypts the PGP key and authenticates to their servers, using one password as master key but generates an own one for the PGP key as a subkey of the master password. My personal preference was to use two passwords and so I switched to their legacy two passwords mode, which then asks you for a login and a mailbox password. All details: https://protonmail.com/blog/encrypted_email_authentication/ Tutanota --- [Tutanota](https://tutanota.com) is another "secure" email provider. Less known than Protonmail but recommended by a [brochure of the Vienna University of Economics and Business](https://www.wu.ac.at/fileadmin/wu/d/i/ec/Privacy_Brosch%C3%BCre/Brochure_final.pdf). ### UX From my perspective it was a bit less intuitive than easycrypt and Protonmail but it's still easy to use. A bit confusing was the availability of the paid features without being on the paid plan and as soon as you want to use them, you get a popup with a hint to upgrade. But all in all it's modern and usable. ### Encryption Tutanota explicitly [doesn't do PGP in their setup](https://tutanota.uservoice.com/knowledgebase/articles/470724-why-does-tutanota-not-use-pgp). They also use symmetric keys that need to be exchanged outside of Tutanota. As in case of Protonmail, this basically defeats the whole purpose of using such a email provider. Other than Protonmail, they don't even use PGP internally. Instead they use an [RSA private key that is encrypted with the user password](https://tutanota.uservoice.com/knowledgebase/articles/470721-where-are-my-keys-generated-and-how-is-my-private) and encrypt the emails with AES128-CBC. [Their help page](https://tutanota.uservoice.com/knowledgebase/articles/470715-what-is-encrypted-and-what-can-you-read) tells us they use these keys to encrypt the subject, as well as the message itself and attachments. All in all it's a custom implementation which only adds a tiny bit more privacy. ### Vendor lock Tutanota neither provides any way to export emails, nor does it really send out encrypted mails. This makes it completely locked. ### Other things I noticed… During my final tests, I wasn't even able to deliver my email to their services. It got rejected with a timeout. Mails to my mail address were successful. Earlier tests were successful and at least allowed me to send usual mails between my Tutanota account and my private mail account. About all of them --- All services I tested provide a free plan and provide their clients open source. Another happy thing is that all services provide a Tor access. But that's it with the good news. The bad news is that none of the services either send out their email PGP signed by default. Only easycrypt signed the mails when they were sent out encrypted. Apart from that, no provider explicitly showed a sign when an email was PGP signed but not encrypted. There was no indicator and no way to check. TL;DR --- Don't use any of them. They are all nonsense and most of them try to lock you into their ecosystem. Simply use a regular mail provider like mailbox.org, posteo.de or even gmail (if you don't care about metadata usage) and use the [Email-Self-Defense Guide of the Free Software Foundation](https://emailselfdefense.fsf.org/) to learn how to use PGP. Conclusion --- All in all, I'm very disappointed. None of the provided interfaces allowed to use PGP as people, who are already used to it, would expect it to be used. Easycrypt failed when it comes to get public keys provided, even when I like their way of verify a public key. Protonmail and Tutanota not even offer to use PGP with external users. Apart from that, in case of Protonmail and Tutanota, the users are told to get into a really private world but are bound to the provider in one or another way and are unable to use encryption with external users. Easycrypt sells more than they have done yet and the missing two factor authentication hurts. If I would ask me to recommend one of the tested services, I would actually go for easycrypt. Compared to the other services it's the only service in this comparison that really uses PGP for everything and is compatible with the world outside. (And even better, most people don't have to change their mail address to use it) [^1]: This has changed recently. Protonmail now allows to send PGP signed and encrypted emails. [See their announcement](https://protonmail.com/blog/protonmail-v3-14-release-notes/)