Gmail, popular and feature-rich though it may be, isn’t immune to criticism. Privacy concerns often arise regarding Google’s web services, including Gmail. The company has faced scrutiny for allegedly scanning users’ emails to tailor advertising. For those wary of mainstream email providers due to privacy issues, we’ve curated a list of the best encrypted email services. These services offer end-to-end encryption, ensuring your private conversations remain secure from unauthorized access.
Remember, Gmail encrypts emails, so random hackers are unlikely to access them. However, Google can decrypt them and must comply with U.S. laws, potentially handing them over to law enforcement with a court order. If privacy is vital to you, consider these services:
1. ProtonMail
Founded at CERN in Switzerland in 2013, ProtonMail opened to the public recently after being invitation-only. It’s the most popular encrypted email service, accessible through the website or mobile apps on Android and iOS. ProtonMail supports end-to-end encryption, ensuring messages stay encrypted from sender to recipient. The company utilizes AES, RSA, and OpenPGP encryption, along with vetted open-source cryptographic libraries, reducing the risk of backdoors.
With end-to-end encryption for emails, the service employs two-factor authentication and browser-side decryption, ensuring emails are decrypted locally on the client’s computer, not on the company’s servers. ProtonMail allows sending emails to both ProtonMail and non-ProtonMail users, with the latter being password-protected and accessible only through a unique shared key. Additionally, you can set an expiration date for mails, ensuring messages are permanently erased from ProtonMail servers after a designated period.
Despite its security, ProtonMail has drawbacks hindering its popularity. It lacks IMAP or POP3 access, preventing viewing in email clients like Microsoft Outlook and Mozilla Thunderbird. Additionally, setting up non-Proton email accounts for sending is impossible. This security measure deters many from fully adopting ProtonMail.
Visit Website (Free, Premium plans start at $5 per month)
2. Lavabit
Lavabit, an open source, encrypted email service, was founded in 2004 by Leder Levison. It gained prominence when Edward Snowden, a former CIA employee and NSA contractor turned whistleblower, used it to leak classified information about U.S. government surveillance programs. In August 2013, Lavabit defied a U.S. court order to hand over its SSL (Secure Sockets Layer) private keys to law enforcement agencies investigating the Snowden leaks, leading to its shutdown. However, Lavabit has recently reemerged with an overhauled architecture, addressing the issues that caused its demise four years ago.
In its latest form, Lavabit boasts numerous security enhancements, rendering the service more secure than ever. Addressing the SSL key issue, the company stores its private keys in a tamper-resistant format, which triggers destruction of both message and associated metadata upon detecting intrusion attempts. Additionally, unlike its initial version, the company lacks access to SSL keys for messages sent through its platform, reassuring users concerned about online anonymity.
What’s intriguing is the all-new DIME (Dark Internet Mail Environment) platform that the company promises to use for redesigned end-to-end encryption of emails. The open-source platform, largely developed by convicted hacker Steven Watt, aims to replace existing security protocols, OpenPGP and S/MIME. With DIME, you not only encrypt the message but also obfuscate metadata, including potentially crucial information like sender and receiver identities. Until recently, Lavabit 2.0 was only available to original users who lost access to their accounts after the service shut down unceremoniously in 2013, but the company has now opened registrations to all.
3. Tutanota
Tutanota is one of the newer entrants into encrypted emails, entering the industry just a couple of years ago. However, in this short time, it has become a respected name in encrypted email services, using 2048-bit RSA keys for end-to-end encryption and AES-128 protocol for transmission, ensuring email safety. Right off the bat, the service has similarity with ProtonMail. Like ProtonMail, Tutanota offers mobile apps on Android and iOS, and like ProtonMail, you get free tier alongside paid services with more features. However, while ProtonMail offers only 500MB of storage to free users, Tutanota offers up to 1GB, which is welcome. If 1GB isn’t enough, you can upgrade to the paid tier for just 12 Euros per year.
Despite its similarity to ProtonMail, including interface design, there are major differences. Firstly, the service lacks message self-destruct timers, meaning emails persist on the company’s servers unless deleted manually, albeit in encrypted form. Additionally, non-paying users cannot create alias email addresses, while paying users can create at least 5, depending on their chosen package. However, Tutanota employs an open-source encryption algorithm licensed under GPL v3, independently verified by cybersecurity professionals. Similar to ProtonMail, Tutanota hosts its servers in Switzerland, benefiting from stringent privacy laws beyond the reach of agencies like the NSA and FBI.
4. CounterMail
CounterMail, built on a custom Squirrel email interface, stands as a beacon among security and privacy-centric webmail services, hailing from Sweden. As one of the oldest encrypted email services, it’s renowned for its longevity since the nineties. Similar to its counterparts, it employs end-to-end encryption via OpenPGP, coupled with SSL-MITM to thwart Man-In-The-Middle attacks.
What sets CounterMail apart are its distinctive features. Messages and data reside solely in the memory (RAM) of the company’s live CD-powered servers, eschewing traditional hard disk storage. This approach renders data irretrievable even to computer forensics once lost. For enhanced security against keyloggers and brute force attacks, users can procure a USB dongle housing a custom keyfile. This keyfile necessitates conjunction with the password for two-factor authentication.
CounterMail stands out among its competitors by offering a trial instead of a free tier. After the one-week trial, users must pay $19 for 3 months, $35 for 6 months, or $59 annually. Additionally, it supports Bitcoin payments for enhanced privacy and enables users to create aliases, maintaining anonymity.
However, like other secure email services, CounterMail also has drawbacks. The price is high, and not using hard drives for data storage means limited space. The 1-year plan offers 500MB, while the other two provide half as much. Additional storage is available but at high prices.
Visit Website (Premium plans start at $19 for 3 months)
Top Encrypted Email Services to Consider
Several services claim to safeguard mails with end-to-end encryption, but few offer details about data storage, encryption protocols, and policies when faced with demands from authorities. It’s wise to stick to the tried and tested.
Most of us have little to hide and may not need airtight encryption, but we’re entitled to privacy. If you value privacy but prefer familiar webmail providers, you can install encryption software to send encrypted emails through Gmail or Yahoo Mail, but sharing encryption keys with recipients is necessary.
Pritam Chopra is a seasoned IT professional and a passionate blogger hailing from the dynamic realm of technology. With an insatiable curiosity for all things tech-related, Pritam has dedicated himself to exploring and unraveling the intricacies of the digital world.