14 Comments

Summary:

With both Lavabit and Silent Mail shut down, we wondered if there were any other options for those seeking secure email? Here is a handy list of some that are still open for business.

It  has been tough week for those who love secure email clients and platforms. First, Lavabit, an asymmetric encrypted email service abruptly shut down on Thursday and was soon followed by Silent Circle, which preemptively shuttered its own client, Silent Mail. The presence (or potential presence) of government involvement, lawsuits, gag orders and the possibility of turning over information were all contributing factors to the shutdowns. That prompted us to wonder — is there anyone left who can pick up the slack left by the exit of these two players?

While there are many ways to secure email away from prying eyes, including browser extensions, one-off encryption websites and even building your own server, there are only a handful of standalone email services that offer encrypting features for private messaging.

Hushmail

The Canada-based private email service offers both business and personal email accounts, including an extra HIPAA-compliant client for hospitals. Mail sent between Hushmail users is automatically encrypted and decrypted, while outgoing messages sent to users on other platforms like Gmail can be opened via a secure passphrase. While the U.S. cannot directly request data from Hushmail, the company states in its FAQ that it is obligated to comply with Canadian law.

MyKolab

Run by the Swiss KolabSystems, MyKolab is a secure mail service that can also be downloaded for native desktop use. In addition to calendar features and a handy sync with mobile, MyKolab offers users the benefits of Swiss privacy policies on data storage and conforms to unique domain names to boot. However, it’s important to note that while the service can facilitate secure messages, it doesn’t actually provide encryption. In order to do so, there’s some extra finagling with a native email client like Kontact.

RiseUp

An anonymous collective devoted to privacy and social change, RiseUP offers a bare-bones mail service that encrypts all traffic on the site. The collective won’t store any sensitive data, including IP address, and utilizes StartTLS symmetrical encryption. For best use, the collective recommends pairing RiseUp with another client, like the open source Thunderbird. RiseUp is based in the U.S., so it remains at-risk for government shutdowns.

S-Mail

This longstanding email service may look a bit archaic, but still offers plenty of encryption for messaging needs. S-Mail utilizes encryption and SSL to send secure mail to other S-Mail addresses, keeping message and meta-data safe. But, it lacks end-to-end encryption in emails sent to addresses outside of the S-Mail system, so there’s a chance that emails can be intercepted on the recipient’s end. Also, while the website doesn’t list any specific contact information or address, a WHO.IS lookup indicates that the site is registered to an address in Scottsdale, Arizona. It’s highly likely that it is an American service, and so it remains at risk.

This is a short list, but one that may expand or contract within the coming weeks. As it stands, per the PATRIOT Act, the government can only request the data of U.S.-based companies. Whether more companies capitulate, or even rise up in defiance, to the government’s orders, the landscape of encrypted mail is turbulent at best and endangered at worst.

You’re subscribed! If you like, you can update your settings

  1. I never thought about encrypting much. I did tinker with PGP around 1995. But …

  2. Legislation beats cryptography Sunday, August 11, 2013

    On the subject of cryptography, this article by the CEO of Kolab Systems is also worthwhile:
    http://blogs.fsfe.org/greve/?p=609

  3. Is it worth launching a new one? Tell us by singing up here http://hello.guantanamail.com/

  4. I recommend getting i2P. It’s what I use and have chosen to switch to for the purposes of personal email.

    i2P is a tool that is, for the sake of conversation, similar to Tor. You download some software and install it. This begins a service that will route encrypted data through your computer, just like what happens with Tor (only you will never send traffic to the unencrypted open Internet).

    i2P offers many services, one of which is email. It is necessarily limited in how much data you can store in your email so you will need to stick to exchanging email with your friends and family (avoid mailing lists and the like). However if you want secure mail then this is one of the best ways to get it, and it’s free.

    As always, both you and the person(s) who you communicate with will need to use i2P for the messages to be “truly secure”. Considering it’s free however I see no reason to not consider it.

  5. opolis secure mail Wednesday, August 28, 2013

    whats still left and for free is http://www.opolis.eu … point-to-point encrypted free email service and the sender decides what the recipient is allowed to do with your message ….

  6. https://www.mail1click.com could be a valid option on my opinion and it’s free

    1. Yes, I like it too.

  7. A different email system may solve the problem.

    We are developing a new protocol that allow to distribute emails without using email servers: the mails travel directly from peer to peer and are stored temporarily in other peers if the recipient is offline.

    The mails are always encrypted, and there is no need to manually distribute the public keys because the clients publish them automatically in a distributed hash table.
    More info here: http://igg.me/at/flowingmail/x/3978171

    1. Not to stop your deveopment, but you’re reinventing the wheel. i2p-bote (http://www.i2p2.de/techintro.html#app.i2pbote) does exactly this, while at the same time doing it over a psuedo-anonymizing network (i2p).

  8. I want a flip cover for lava iris 405

Comments have been disabled for this post