Who is Best Secure Email Provider

gisnb · Apr 2, 2012

Carrier Pigeon.

Thorman · Apr 8, 2012

builtbeast said:
This. I could understand why someone would need a secure email that they will constantly use for a business. But for the average person it's better to rotate so if any one account is compromised then the damage isn't as great as a single one with everything.

Yes...BUT

"Aren't you using your name and home addy when you order by email?"

...seems to me that most if not all the risk is on the buyer (in this transaction).

BECAUSE the seller is never going to put his real return address on the package...only real address is yours.

gimpinator · Apr 9, 2012

any of the sponsors support PGP?

It's totally uncrackable. Source/address/email are logged, but content is encrypted, unless end hosts are compromised.

gimpinator · Apr 9, 2012

Assuming your smart and use an email client/IMAP vs a web interface.

Thorman · Apr 26, 2012

obloxeon said:
x2. To my knowledge as well, they have no way of seeing what account key is tied to what account name the user decides to generate. Even payment information isn't linked to the key.

Me thinks this really doesn't matter. What matters is if they can get the provider to turn over the accounts...they can read WHERE the products is being delivered.

RISK is to the Buyer...not the seller...as seller never reveals his addy.

keith1569 · Apr 26, 2012

gimpinator said:
any of the sponsors support PGP?

It's totally uncrackable. Source/address/email are logged, but content is encrypted, unless end hosts are compromised.

If both people have Countermail it stays PGP encrypted the whole time. I think same with neomailbox

Sent from Samsung Infuse 4G

vdm · May 5, 2012

Without a doubt, hushmail.

bubbafrombama · May 10, 2012

vdm said:
Without a doubt, hushmail.

Bullshit! Read this:

Encrypted E-Mail Company Hushmail Spills to Feds | Threat Level | Wired.com

All the "in the know" realizes that SecureNym is the absolute most secure email provider. I've previously discussed why here:

http://www.professionalmuscle.com/f...82537-secure-email-providers.html#post1253568

keith1569 · May 27, 2012

bubbafrombama said:
Bullshit! Read this:

Encrypted E-Mail Company Hushmail Spills to Feds | Threat Level | Wired.com

All the "in the know" realizes that SecureNym is the absolute most secure email provider. I've previously discussed why here:

http://www.professionalmuscle.com/f...82537-secure-email-providers.html#post1253568

it doesnt bother u that securenym servers are based in the US?

bubbafrombama · May 27, 2012

keith1569 said:
it doesnt bother u that securenym servers are based in the US?

Not one bit. As anyone can easily see in the link I provided, the entire SecureNym system works under a simple basis of ignorance.

A government can certainly try to force us to provide information, as can anyone else via legal proceedings. They do so all the time. Some of the subpoenas are quashed immediately, due to errors or incompetence. Those that survive the initial scrutiny from our attorneys have not been a problem to date.

SecureNym, from day one ten years ago, chose a much different security model than Hush. The whole premise of our security is that we cannot be forced to reveal what we don't know. Ignorance is a simple, and very reliable, defense that has served both our users and us quite well.

We do NOT have any way of knowing who has what account. When a user receives an account creation key, and enters it into our system, the key is securely deleted BEFORE the user is directed to the account creation page. Thus, the connection between an account key and a specific account never exists. This is why we admonish users to be sure to complete the process immediately, because otherwise we have no way of recovering the key.

This means that it might be possible for someone to discover the user's payment to SecureNym, via financial records at a credit card company, but there is no way to prove that the account key was even used, much less what account it might have been used to create. A payment is circumstantial evidence, at very best.

Next, we have no way of recovering a password. SecureNym uses a Catch-22 to make sure that we can't do so, and that no one else could either. All passwords are encrypted and stored in our databases. The decryption key is a cryptographic 'hash' of the account name and the...... password. In short, you must know the password to decrypt the password.

Your messages are all encrypted with that same cryptographic hash, on the fly, as they arrive at our servers. The same rule applies; the messages can be decrypted ONLY with the user's account name and password.

kemical · May 27, 2012

So if you and your source use something besides hush then you're (relatively) safe. But the weak leak seems to be finding a safe way to get shipment/delivery. Would having the delivery made to your address but to an alias name make any difference? At what point do you just say "Aw, screw it" and roll the dice?

keith1569 · May 27, 2012

Thank you for the response

krisiun2 · May 29, 2012

maybe it should go back to cash stuffed in a magazine or something like that

hawks58 · May 29, 2012

kemical said:
So if you and your source use something besides hush then you're (relatively) safe. But the weak leak seems to be finding a safe way to get shipment/delivery. Would having the delivery made to your address but to an alias name make any difference? At what point do you just say "Aw, screw it" and roll the dice?

It doesn't matter who it is sent to if it is coming to your doorstep and you sign for it. Sort of like if someone riding in your car is doing something wrong, the driver is at fault. Now if you don't sign for it and it is a different name, you could argue that it isn't your package. But honestly how often will someone completely mess up and put your house address instead of theirs? I still prefer the old PO box.