Elude - a new anonymous email service

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hello /r/darknetmarkets! Since the fall of 
sigaint.org, there has not been an email service
on the darknet that offers the same simplicity 
and security. Elude is here to fix that. Elude 
is a simple email service made with 3 things in
mind: security, anonymity, and simplicity. 

Elude is hosted on the onion network, meaning 
it is only accessable through TOR. Elude's webmail
client does not use javascript anywhere. We don't 
require any phone number or identity verification
to use our services. Passwords are encrypted with 
strong hashing algorithms. All server traffic and 
all stored data is encrypted. You can completely 
delete your account at any time. Best of all, it 
is totally free. 

Elude.in

http://eludemaillhqfkh5.onion/
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEyQ73J2Zbf1nUjMF3VZ2QZ/199UEFAlmsMzIACgkQVZ2QZ/19
9UHwbBAApnnHY6cBECBX6awnoGtPcMdPIdcsVi8G7knFZjPIkllJ3QtpdV3jNdqj
AuICK7rWXY9iGj2BX5/F+sxsFEBr65Ur5xbNQotzSDZnEZltAnFA2GUEC7GLWCfD
tgphgZFJa03pJIbH8idAr8J6EEhtv7wLWTnJYx7Mj7IHMFlf3qXE1dSLuHzC3hcr
AgtlgQLllM+l6dbMyw6ud21iBqXtXLBRl5rfSVmfroM2hBKl4u5mGvMtHJI4FqXJ
d7RG/DjUo1wyCOb4JtlcnUEuqWHtuTh792XVMm4muh/ggRgsCwywOFhUQG/nCCFW
ao5dzWCv2+iUnQ07QP49DrwyLBgL18a+Z+W71Q+ZFWtfo6mSa57AJWGB6/S+aD6M
elJUPvKVjolnaFMHJoZkeZ+FVEWc9+wE59EGXXq1yaIVklmui1fZiWG8V07jXFU7
TZMJfAwL9xJRj2e7nn4lW0/zvlT5U60Q8njwJVpIocokcZfHOQ0nWYCNo9LL/2G6
p2vDoC2KW8ewghbwsIiZF2/MNqFV4XrVzoGTTNTmDy4Hw8S+XbxnaEfoWEgZQf7P
0ikEuFJQ7c9xDz4/HuGTHGdXz1NIEiaouGKucPyyid4EqX7YVBacrPzohpBei+0T
izl7ZuP8GYxg8HqlC96zKcHbVb61lQe1NgJwPeaJ7nFfLrmYxkE=
=lLqv
-----END PGP SIGNATURE-----


Comments


[8 Points] DooshNozzzle:

Waiting for one of our resident computer science specialists to scope this out before I click....


[8 Points] wombat2combat:

sigaint.org

that was only their clearnet 'face', the actual service was only available through their hidden service.

onion network

*Tor network

TOR

*Tor

Passwords are encrypted with strong hashing algorithms.

someone with basic computer knowledge knows that hashing is not encrypting.

All server traffic and all stored data is encrypted.

hidden service traffic is encrypted e2e by default, nothing new. all your stored data is probably not encrypted. or do you also encrypt the id of the users in the db?

edit: from your tos:

We are not liable for any damages related to the use of this service.

wow you really found a loop hole there! now law enforcement is powerless and can not take you down any more. /s you are of course liable for the actions that the email accounts of your service do and you will often also face the consequences for it.


[3 Points] None:

[deleted]


[2 Points] Needhelpwithblotter:

Really clean interface, fast, doesn't require JS, seems pretty legit to me


[1 Points] None:

[deleted]


[1 Points] mymuse100:

pop3, smtp, iamp?


[1 Points] needlesandspoons:

Does it work with clearnet e-mail services?


[1 Points] opsectips:

Perfect!!! Right what i was looking for!


[1 Points] P-e-t-a-r:

Is it opensource?

Can I selfhost it for non comercial use?


[1 Points] HarrieReddit:

Question (first post, be nice?)

SHA1 Fingerprint mismatch between what is printed on their site and what is actually used. In-use cert was signed 4 days after the site how-to specifies (both indicate self-signed certs)

http://eludemaillhqfkh5.onion/clients#basic-client-configuration lists

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512

As of July 24, 2017, the following are the fingerprints for Elude's certificate:

. eludemaillhqfkh5.onion SHA1 fingerprint: 69:95:91:7E:14:B2:DF:D8:CC:14:1A:2E:E6:86:8A:8D:0C:4F:92:22

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJZdTtoAAoJEFWdkGf9ffVBPZkP/Ax/mfO36KhpR9ZruuqnqH+L STZ/igoPyKzXTGPYF+sEBJgSAxrNzfHSDGGj4yjWMpmhytR4kjYWPjxPYrmjribI 3KqIWDRcOP8UR0rhNrgnG/iuZ60FdioD9uOlIGg/MaXofpZRoF/8eyUtBu6splPF BfR7K7MfMZdLiNYtlgkZM39N4haMlxoCjTVKASvseuY7CdMlV3lfm6mBOKUKlpaf yvwrxNx3eMlIjR27Y9zyMY8nBQb6wXzFI+jwHr7ZT9XKAhbM20/1nsdiU4x47Om2 8USKJQg6SfaHnSzqHmweSW78iyAibPpc71+Ce7sVymhcRYHyzlEhvrLwGV1NOHeO xj1UsvwZqzAedtFS2T2Hp2XONQUMpuDBiBO6io6euyV3oLdHrKXx6Pj/pIfQyZRX BqY4seWPzwUajG3IBC54AclZqh82c6/eLnt8kJtiBmho/PvhciDIO8T4Z0gOvAg6 s6BAkyclGCSohFvTr/W47nfmH2DNZeMDeuCiDvy++80kYedWTAF5nn2IhXd6XVzd QMRQU8ywXCIIyF8Imbho2U48aEtoQQ1FVXSHoXliaOLySJ3kYaLJTReTAGXdWU9X jfyI09sSCXLR7AT+eQY6EsUowEmPTNnBriqBxyqRZCdG6CVNfw1E+9jQFW7Xgfg2 JAXkBcMaZzxan1uLCENL =QwwE -----END PGP SIGNATURE-----

However their cert currently used, self-signed 30 JUN 2017

SHA256 Fingerprint: 27:54:38:12:01:BF:20:C8:D5:67:A0:21:88:45:07:D9:A0:B0:7D:B0:F1:3F:19:B3:59:E8:62:C6:1E:8D:77:45

SHA1 Fingerprint: 5C:5E:BF:55:37:4C:58:00:E2:11:39:19:4A:3F:E5:14:E9:77:DF:CD


[1 Points] CookyDough:

You were added to the /r/emailprivacy .onion hidden service email providers list recently. I hope your service sticks around for a long time. Thanks for providing a free service!


[1 Points] DogsMakeBetterCats:

I created an account, yet cannot log into the webclient. I can manage my account through /panel but that's all.


[1 Points] AutoModerator:

To format PGP encrypted messages, signed messages or keys properly on reddit please follow these instructions.

I am a bot, and this action was performed automatically. Please contact the moderators of this subreddit if you have any questions or concerns.