41
Are private email providers worth it?
(lemmy.zip)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 03 Sep 2025
41 points (97.7% liked)
Privacy
41621 readers
735 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
Proton does offer what is essentially a self-contained PGP portal. You send anyone an email and they get a "hey, this is me, open the message below" thing and then a link to a message that's hosted on Proton servers. So your Granny doesn't need to set up a public/private key pair, you can just send the encrypted portal option.
No idea of Tuta or others do this.
Plus, no matter who you chose, you personally aren't feeding the Google algo. You can do what I do, which is you leave all the hyper data hungry services in the data eating world, just feeding on each other alone. Then you have real conversations over email or fediverse.
Tuta does too.
Yeah. I chose proton over tuta because of this option to send the link to the encrypted message. I think tuta does have it, but it didn't show the entire conversation. If you wanted to see the entire chain I think you and to either find the mates email to get the latest URL, or open each URL by itself.
The problem with those is that you have to exchange the password by some other means than the email itself, so it's really not practical for the other person
Signal message should be good enough. Though I think part of the Proton version is that by virtue of opening the email you are validated to open the message. Not sure if that means it can be forwarded or what.
No.
No. Email is just a non-centralized protocol. While not everyone uses it the same way, most normal people never use email to communicate with companies, who are increasingly forcing people to use chatbots anyway. So it's not even a reasonable point to make. Password protected emails are meant to be between people who have an established relationship. If a company needs someone to send them encrypted message, they'll have a platform for that, just like Wikileaks or ProPublica, so you're not making a valid argument about that.
If some Youtuber is someone that does anything privacy-related enough that they should be receiving encrypted emails, their public PGP key should be on their YT profile and you can send them an encrypted message anyway with that. Protocols and methods exist already to accomplish what you're talking about. You need to complain to the Youtuber for not practicing good security and privacy, not to Proton for not creating some mind-reading Diffie-Hellman scenario. Really, do you think that you can just send some random person a message that says "click link to open secret message!" and not expect it to just look like phishing?
If you'd rather use signal, use signal and send them an attachment encrypted with their PGP public key. This isn't hard, I don't even know why you're trying to argue all these weird non-existent edge cases like they're everyday issues.
i'm not trying to argue "weird non-existent edge cases". all i've ever used email for is for formal communications wit govenrments, companies, special cases like my landlady. that is also true for everyone i know. i believe if this wasn't a general thing, then people wouldn't me using messenger apps, they would just b eusing email. but that is not what hapens. i don't know your case, but for me using email is non optional. i can't "just use signal". i need an email for my government, i need an email because i need a github account, i need an email for any site i want to use, including lemmy. i just want to be able to do it privately. i'm just trying to determine if protonmail is actually private or just one big "trust me bro. we wont read you unencrypted messages as they enter or leave"
OK. Well, respectfully, I think it would be beneficial to find out more about how encryption, email servers, and encrypted messaging works. I think you're quite confused about the details here, and just getting a sense of the parts will help you in the long run. People use email differently - I don't use FB, so my main means of communication with family that is not Signal messages is email.
By "just use signal" I mean for sharing a password for a password protected email. Which you should only be sending to people you know already and can coordinate with. You're not sending password protected emails to random people or the government because it's not necessary for the reasons I explained earlier. If someone needs an encrypted message from ANYONE they will provide the method. Otherwise, they don't want encrypted messages and can't be trusted with data that should be encrypted.
Proton is secure, and I know because I had an old account I wanted to get access to and lost access to the recovery email, but had one on the same domain. I spent about a week doing back and forth emails with some guy who was trying to ask me to verify aspects of the account, which was my spam shield and dummy social media account and I hadn't used it for about a year. All he could see, when pressed, was header info: sender/receiver, date, time, ip address, sending agent. All things that are needed to route the message. It ended up being me able to confirm IP address and sending agent and access (I sent an email to my recovery address from an IP in this range on this date, last logged in on on this date, etc.). It was a pain for both of us.
OK. Let's leave this topic here, because we are talking about different things and have different concerns. It seems I know all I need to know about the topics you described, because I started this thread asking to check if there is something I'm missing, but none of the answers have mentioned anything that I didn't know. Proton emails are encrypted at rest, and use LTS while sending and receiving. But none of this guarantees that they are not scanning / profiling me because they do have access to the plaintext emails while they enter and while they leave. I wasn't looking for alternatives. I was just checking if it was actually worth the switch considering there are no privacy guarantees.