Email and chat privacy. Hygiene and cryptography

Software, tools and methodics for safe communication

1 Like

I personally use Proton Mail. While the server-side code is (unfortunately) proprietary, the web UI is free software, and it’s REALLY good.

I’m pretty uncomfortable with Protonmail’s promises regarding security; they cannot deliver on all of the promises they make. We have to take their word for it that they use encryption at rest and don’t record the (plaintext!!) emails that arrive at their SMTP servers before being encrypted for your inbox. I’m also not very happy about their refusal to implement mail standards like IMAP.

I find it much better to configure PGP with a local mail client and a standards-conforming mail provider that just offers IMAP and SMTP like everyone else.

6 Likes

I use aerc for about ten IMAP boxes in my daily routine. It’s awesome. But everywhere except this case I prefer local-first software.

I’m a little old-school and I use Thunderbird and its built-in PGP implementation. I have it connect to gpg-agent instead of storing private keys in Thunderbird, and use a Yubikey to sign/encrypt emails.

As for IM, Matrix (despite all of its faults) is great for me and the people who get in touch. I do hang around IRC (mostly through a Matrix bridge), but I try to avoid using that for anything important.

Ricochet is a favorite of mine for particularly sensitive IM (no messages history, one time encryption at each conversation, through tor). Otherwise, I like Dino as a client which has OpenMime / PGP on top of XMPP.