Privacy:  Using Email

No easy method exists to secure email using any typical provider.
Gmail and Yahoo and other free emails DO collect and sell your private information to varying degrees.

If you want privacy on your end you need to use a service like Tutanota.com which is free for basics and encrypts all of your emails.  But even if you use this, if those you share emails with others who don't, what you send them becomes exposed on their end.
 


Probably the most used medium on the internet is email. It is the life blood of business and commercial communications. In the majority of times any emails you send are going to be "plain-text" meaning anyone who has access to your data as it moves about the internet could potentially read every word.  This is one reason you are advised to NEVER send sensitive information such as your credit card information via an email.

The two most common methods we access our emails are via a web reader in a browser or by using a locally installed email client such as Outlook or Thunderbird to download and send out messages via your choice of mail server.

Your messages may or may not be secure depending on factors that may or may not be under your control. Most mail servers today do provide the option of encryption but you may need to specifically enable that function in your client.

Web based email is normally encrypted via SSL as well.  In either case this only encrypts the message as it travels from your computer to the mail server.  You have no control over what happens to that email once it is sent.  The message is not permanently encrypted or the recipient could not read it so it will return to it's original plain text format for final delivery on the other end.

While it can be a little inconvenient for your recipients, you can add very strong encryption to your message before it is even sent so that the email while in transit and as delivered will remain unreadable. When using this security method you must provide what is called a "public key" to any recipients who are authorized to read your messages.  They will also require a password.  Send those privately of course.

Thunderbird is a very nice email client that can provide for secure email messages. We do not plan to try to explain the technical aspects however you can read more about this HERE.

We do NOT recomend that you rely on any encryption or other security measure being provided by any major internet company. It is widly believed that they have agreements with government spy agencies in many countries to provide back door access to their encryption products. OpenSource encryption is available from sites such as THIS and other similar sites.

How does a VPN affect my email security?

When you are using a VPN the data sent from your email or web mail account is encrypted IN ADDITION to the SSL encryption provided by your client or web browser.  However !!!  Once it arrives at your recipient's mail server it will still be plain text and no longer secured. If you really MUST be totally protected in your communications you will need more than one solution.  A VPN protects you on your end and if you also send your emails with PGP or some other secure encryption and the intended recipient has your keys and passwords to unlock your messages you should be pretty well protected so long as your recipient has not been compromised or shared your key files.

The nature of email is such that if it is truly secured it cannot be totally anonymous for the obvious reason that anyone intended to receive it must know who you are and be in possession of your key files.  You cannot send an encrypted message to a stranger...they could never read it so what would be the point?

You can also encrypt different file types containing your messages and then attach them to an email to add yet one more layer of protection. Perhaps send your text message as an encrypted, password protected PDF file or locking inside a protected ZIP file for instance.  Each layer is one more layer for your adversary to unravel.

Yes you can encrypt an already encrypted file. If the first encryption is cracked the result is another file to decrypt.

Service Providers:

Countermail ($60/Y) is a provider located in Sweden and uses CD ROM not hard drives to move your messages so they can never be recorded or saved while in transit.  There is an option to require you to insert a USB Dongle in order to decode emails. You must coordinate with your recipients by an exchange of keys in order for you to read each others emails.

Tips on Key Exchange...

 

//