Let's talk email providers...

I noticed grams have switched to cock.li as their email provider now sigaint is down.

I did a little digging and the dude (cockman) seems to be transparent and competent despite playing the role of being a cock. He kinda reminds me of myself 10 years ago.

He has full disclosure of all subpoenas and also publishes his replies. He has a warrant canary up.

He is also refreshingly honest about the fact your emails could be read by the server admin or intercepted by LE along the way so you need to PGP everything. This was true of sigaint/lelantos too although they weren't explicit about it.

He has had his servers seized in the past and LE knows where to find him so that could happen again. He apparently has a remote backup system in place which would preserve our data and allow him to continue the service if that happened. If we are PGPing everything that doesn't really matter though?

He has imap/pop/smtp open so you don't have to fuck with webmail.

The only alternatives (mail2tor and torbox) have issues with clearnet->tor emails at times. Although that's not a big issue if you're communicating with other people on the same service, it does limit their usability in services outside the darknet somewhat.

So what do people think? Yay or nay?

I'm thinking yay.

Oh and thoughts on lavabit reloaded? Riseup's new warrant canary? Protonmail? Or fuck it how about clearnet services in hard to subpoena countries like yandex? They are like the Russian google, allow tor connections to their imap servers, are extremely reliable and not blacklisted anywhere... I use yandex addresses where a tor address would look sketchy (exchanges etc).


Comments


[4 Points] pinochetHA:

You should assume any email provider is spying on you and handing over everything they can to law enforcement, because unless you are your own mail provider you can't know otherwise. Too many people who contact me don't care about gpg and make noob mistakes. If Sigaint was leaking or corrupt (I do not think he was) their mail is no longer private.

Cock.li seems like a solid guy but is not anonymous. He will comply with warrants, which sigaint refused to do. If you aren't doing anything bad and use encryption that doesn't matter. Personally if I had to choose I would pick a mail provider who either wouldn't comply or would use a legal team to slow down compliance and not be intimidated.

Edit: Also some default encryption which makes it difficult to read your mail is nice, not because it will actually prevent them from reading your mail if they really want to, but because it gives them plausible deniability if questioned about the content. Protonmail I think offers this.


[3 Points] alt_DNM_helpful:

yandex works with icedove and is based out of Russia

protonmail is OK, however, I wouldn't really trust the location of their servers as much.

There are other Russian options as well if you do some digging.


[1 Points] lordredvampire:

Protonmail will do nicely, they also offer service via TOR.


[1 Points] lordredvampire:

Any definite speculation on what happened to sigaint?