EmailDiscussions.com  

Go Back   EmailDiscussions.com > Discussions about Email Services > Email Comments, Questions and Miscellaneous
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read
Stay in touch wirelessly

Email Comments, Questions and Miscellaneous Share your opinion of the email service you're using. Post general email questions and discussions that don't fit elsewhere.

Reply
 
Thread Tools
Old 7 Jun 2021, 12:38 AM   #16
TenFour
Master of the @
 
Join Date: Feb 2017
Posts: 1,156
Quote:
...and you'll start to regain some ground in reclaiming some of your privacy.
Nope, not unless you stop using credit cards, an Internet Service Provider, banks, telephones, airplanes, cars, etc. Then eliminate your drivers license, your social security registration, your street address, your postal box, your newspaper and magazine subscriptions. Of course, stop using social media, never order anything online, don't sign up for gas or electric service, and never mail a check to anyone. My point is email is only a small sliver of your digital footprint and even if you stop using it entirely you will be tracked digitally with almost every interaction with the modern world. Waste of time, but have at it if you don't mind wasting money for no benefit!
TenFour is offline   Reply With Quote
Old 7 Jun 2021, 01:44 AM   #17
ioneja
Cornerstone of the Community
 
Join Date: Jul 2011
Posts: 623
Quote:
Originally Posted by TenFour View Post
Nope, not unless you stop using credit cards, an Internet Service Provider, banks, telephones, airplanes, cars, etc. Then eliminate your drivers license, your social security registration, your street address, your postal box, your newspaper and magazine subscriptions. Of course, stop using social media, never order anything online, don't sign up for gas or electric service, and never mail a check to anyone. My point is email is only a small sliver of your digital footprint and even if you stop using it entirely you will be tracked digitally with almost every interaction with the modern world. Waste of time, but have at it if you don't mind wasting money for no benefit!
Everyone is entitled to their opinion of course, and I obviously don't share this view. I don't believe it's so binary, it's not so black or white, there are many shades of privacy, as I mentioned. And you can decide how far you want to go. I think I was pretty clear in what I said -- especially the part you quoted -- "...and you'll START to regain SOME ground in reclaiming SOME of your privacy." That's pretty realistic vs a pretty binary take, which is all in or nothing. But you can absolutely start to make a difference with very small steps. I'm not suggesting that people have to live off the grid and disavow any modern conveniences to improve their privacy situation.

I also said, "That includes social media issues, texting, file sharing/syncing, more private means of communications, etc. For those that care and ask me for more info in my family/circle, I give them a quick "risk assessment" discussion and they can make better decisions for their own unique situations and preferences. It empowers them to make their own choices with more info at hand."

I can't say it better than that. I think people need to have more information and make their own decisions based on their own needs and comfort level. But you CAN start to take back some of your privacy bit by bit -- "one bit at a time."

So start with email, move to texting, get rid of certain social media, yes, and so on and on, making conscious/aware choices of what you do... and there are plenty of things you can do to reduce your footprint and exposure while still living in this society. If someone thinks that ProtonMail is some magic wand that you wave and you're suddenly completely private in your life, then of course that person is mistaken. I think I included enough caveats about the grayness of the situation. But something like ProtonMail a great step.

And I ask of anyone who thinks it's not worth it at all, do you feel fine with the situation? Are you fine with this as the status quo? Does this feel like giving up, or are you just resigned to nothing changing? Does it have to be all-in or nothing? Do you think there's nothing that can be gained by educating your friends and family about these topics and hopefully they might make some changes? How much needs to change in society (and in government and in business) before there's any value to services like ProtonMail and anything related to trying to regain privacy? And again, why not be the person in your circle that begins the process of educating your friends/family/colleagues? Is there anything that can be done as a citizen of your country or consumer of a product/service where you can demand better? If so, why not do it?

I think everyone might answer those questions differently, and like I mentioned I still have some family that don't care at all, or don't think it matters, and that's fine, that's their choice. But there are plenty of family and friends that have made changes already and it's some pretty great progress IMO. Some have shut down all of their social media, some have taken deeper steps, etc. Some haven't done anything and probably never will. As for email itself, it's always great to know what I share with some of them has a much lower likelihood of being part of some giant profile, subject to some targeting algorithm, database, leak, ad campaign, etc., etc. Again, nothing online is 100% secure, but security is a different discussion.

In any case, each person has different needs/preferences/threshold, but I've found most people I know are generally ignorant about what's really going on, and that's not a criticism. Some might have a vague understanding but haven't really spent time on it. But in general there's a lot of ignorance and indifference. And those people will continue to feed the beast. However, if someone understands the situation, then at least they can consciously choose. And that's fine too.

On a related note, I think by suggesting that there's nothing that can be done, it's also surrendering IMO to the larger issues, political and otherwise, that set the background and framework of why the situation is the way that it is. The more ignorant the public is, the deeper of a hole we're all in. However, if people are educated about the situation, realize that they have options, understand the issues, etc., they can also (hopefully) demand better from their governments and service providers (and banks and social media and stores and all the other things we use and buy).
ioneja is offline   Reply With Quote
Old 7 Jun 2021, 03:29 AM   #18
somdcomputerguy
Cornerstone of the Community
 
Join Date: Jun 2004
Location: Rupert, WV
Posts: 736
Quote:
Originally Posted by ioneja View Post
And technically any provider will work with PGP if you know how to set it up.
https://www.gpg4win.org/

- Bruce
somdcomputerguy is online now   Reply With Quote
Old 7 Jun 2021, 03:42 AM   #19
TenFour
Master of the @
 
Join Date: Feb 2017
Posts: 1,156
Quote:
...it's also surrendering IMO to the larger issues, political and otherwise, that set the background and framework of why the situation is the way that it is.
It has nothing to do with politics. Google and the others want to target ads to you and they do so by gathering information about your online activity. That's how they make billions of dollars and one reason we have free Gmail and a lot of other free stuff. We made a bargain that in exchange for this great free stuff, that in many cases is far superior to stuff people pay for, we have ads targeted at us. I am not some sheeple that just buys stuff based on ads. I use ad blockers, I have Gmail set up so I don't see ads in my inbox, and I make informed purchase decisions based on lots of other information. Here's one good article on what this is really about if people would take off the tinfoil hats for a moment: https://www.computerworld.com/articl...questions.html

By the way, I wouldn't be surprised if using ProtonMail makes you more vulnerable in some ways to snooping. It certainly paints a red marker on you that you are someone who is worried about your privacy and I suspect major governments have ways of getting at your emails if they want to. Since I doubt you are doing anything nefarious it is not a big worry, but I do wonder how good security really is at some of these small, supposed privacy-oriented email providers. Companies like Google spend a lot of money and have lots of people protecting you from the things you really need to worry about--someone simply breaking in and stealing all your stuff due to some security error or a mistake you make yourself like responding to a phishing attack.

Last edited by TenFour : 7 Jun 2021 at 03:48 AM.
TenFour is offline   Reply With Quote
Old 7 Jun 2021, 09:00 AM   #20
dantheman
Cornerstone of the Community
 
Join Date: Mar 2002
Location: Hot Springs, AR
Posts: 855
Remember vaguely reading somewhere, that those who use a VPN (such as in an airport, for example) are more susceptible of getting unwanted "attention". Could something like this not be equally said to those who use encrypted email services?

- - - - -

(suppose Vivaldi mail doesn't fit in anywhere here).
dantheman is offline   Reply With Quote
Old 7 Jun 2021, 06:58 PM   #21
JeremyNicoll
Essential Contributor
 
Join Date: Dec 2017
Location: Scotland
Posts: 314
Quote:
Originally Posted by dantheman View Post
Remember vaguely reading somewhere, that those who use a VPN (such as in an airport, for example) are more susceptible of getting unwanted "attention". ).
In all the lists of best VPN providers I've never seen an answer to the most important question (apart from "does it work reliably"), which is: how do you find one you can trust absolutely? They're going to see traffic that - as you've decided to use a VPN - you obviously want to disguise.

People seem to think that using a VPN is the solution to all their security concerns, whereas I think it just adds another one.
JeremyNicoll is offline   Reply With Quote
Old 7 Jun 2021, 07:17 PM   #22
pjroutledge
Member
 
Join Date: Jan 2010
Location: Melbourne, Oz
Posts: 87
Quote:
Originally Posted by JeremyNicoll View Post
People seem to think that using a VPN is the solution to all their security concerns ...
Hear, hear.

Having tried VPNs a few times, usually after reading articles about how 'if you don't do anything else, you must use a VPN', I've always found that they have added no apparent (or real) value. If anything they just seem to get in the way.
I have noticed, though, that VPN service providers always mention that you can use them to get around geographic/regional restrictions on streaming services' content. Sometimes I suspect that this might be a bigger market than security. (Although I'm yet to be convinced there is any value in that for me personally.)
pjroutledge is offline   Reply With Quote
Old 7 Jun 2021, 07:22 PM   #23
TenFour
Master of the @
 
Join Date: Feb 2017
Posts: 1,156
Yep, the Colonial Pipeline hackers apparently got in via a VPN : https://www.newsweek.com/colonial-pi...report-1597842
TenFour is offline   Reply With Quote
Old 7 Jun 2021, 08:47 PM   #24
TenFour
Master of the @
 
Join Date: Feb 2017
Posts: 1,156
Here's an article titled "Stop using encrypted email" https://latacora.micro.blog/2020/02/...encrypted.html
TenFour is offline   Reply With Quote
Old 7 Jun 2021, 10:53 PM   #25
ioneja
Cornerstone of the Community
 
Join Date: Jul 2011
Posts: 623
Quote:
Originally Posted by TenFour View Post
It has nothing to do with politics.
It is directly related to politics in so many ways, this forum is not big enough to cover the issues and history of it. If you're interested, use your favorite search engine to read about the origins and controversies, lobbying groups and proposed revisions to the GDPR, HIPAA, US Privacy Act, GLBA, FISMA, NIST 800-171, CCPA, EU-US Privacy Shield Framework, etc. Also look up basic info about Five Eyes, Nine Eyes, Fourteen Eyes and other similar alliances around the globe along with how those countries execute warrants, gag orders, and how their court systems work re: privacy issues. While you're at it, spend some time looking into the potential upcoming encryption legislation in the US, Australia, and Germany, and the history and reasons behind the banning of certain services and protocols in various countries like China and Russia. That's a good start. Then when you get a chance, take a look at the technical/maths behind how encryption works, from TLS to OpenPGP, symmetric and asymmetric approaches, the standards, algorithms, vulnerabilities, and history of how those work and have been improved and validated and tested and retested and improved over the years, along with open source software and how auditing works.

Quote:
Originally Posted by TenFour View Post
Google and the others want to target ads to you and they do so by gathering information about your online activity.
Of course, this isn't in question. This is one side of the story, and if you look into lobbying groups above, and the authors behind some of the proposed legislation around the globe, you'll also see that it is also profoundly related to politics.

But even if it were JUST about Google's business model, why choose to continue to use their services if you know they are building and using and researching and selling a profile about you? An ad blocker will block only the tiniest fraction of the profiles that Google, Microsoft, Facebook, etc., are all building on you. But yes, an ad blocker is a perfectly good small step.

Quote:
Originally Posted by TenFour View Post
By the way, I wouldn't be surprised if using ProtonMail makes you more vulnerable in some ways to snooping. It certainly paints a red marker on you that you are someone who is worried about your privacy and I suspect major governments have ways of getting at your emails if they want to.
If any government wants to get a valid court order to get their hands on my emails with my sibling about my travel plans this summer, or what gifts my nieces and nephews might want for their birthdays, those governments can waste the time and resources to do so. At least those plans won't be sitting in a Google profile.

And on a related note, every security expert that I've read has acknowledged that the real bad guys have easy access to far more private communication channels, not to mention tools on the dark web, to carry out their plans. ProtonMail is a "consumer" encryption product that doesn't tolerate illegal activity and they cooperate with valid court orders, just like all the other legit encryption email services (just read their TOS!), so they are not infested and crawling with criminals and evil-doers, and it's just FUD to paint a picture that using such services marks you or makes you a government target. Of course there will always be bad guys using any service, including ProtonMail and GMail and Facebook and FastMail and Yahoo Mail and Tutanota and everything in between. The vast majority of ProtonMail users are normal human beings who want more privacy, and ProtonMail helps them achieve a degree of that. Used wisely with your circle of contacts, so can FastMail and Runbox and any of many paid email providers, using PGP or no PGP. Even just FastMail to FastMail is vastly better than using GMail. Various governments already CAN and WILL get access to what they legally want on those platforms, so the real red flag are people using the dark web and other tools.

And the argument that all email is insecure and therefore all this effort doesn't matter is immaterial to this discussion, because that's a security question, not a privacy question. But if we want to talk security, I'll still take ProtonMail over Google any day. The idea that you need a vast army of private developers versus a small company like ProtonMail is silly -- ProtonMail and similar services benefit from the vast number of developers in the open source community and didn't build their platforms by themselves.

The use of ProtonMail is not a magic wand as I've said, but it can absolutely reduce your footprint, rather than just handing over your content to the processors and peddlers of profiles. Used intelligently with several other approaches like limiting or eliminating social media, using a VPN, etc., etc., you can manage your digital footprints much better and minimize your profiles. No one ever said you could *eliminate* your profile. ProtonMail obviously doesn't suddenly make you go off the grid, no one has suggested that. It's all gradations of privacy. If you're informed about what's going on, you can make better choices about what suits your preferences and needs.

Somehow some people have gained the incorrect impression that ProtonMail is some panacea that solves all their problems. It doesn't. In that I agree with you. It's just one tool, one step. My whole first response in this thread was very much about the shades of privacy. But definitive proclamations that encryption services like ProtonMail are useless and a waste of money are missing what ProtonMail CAN successfully be used for. If you are trying to escape the notice of nation states going after you, then ProtonMail is not the solution. But if you are trying to limit your exposure to the giant profile processing machines, it is a great tool in your arsenal, one among other tools. My first post was quite a bit about gradually expanding your circle of contacts into more private communications as one step in a longer process. And my first point was, if no one uses these kinds of privacy services in your circle, why not be the first person in your circle that tries to make a difference?

Quote:
Originally Posted by TenFour View Post
I do wonder how good security really is at some of these small, supposed privacy-oriented email providers.
Again, security is a different discussion, but I'll take an open source audited platform (depending on what encryption service we are referring to, each has different aspects of open source they use and/or have audited), over a closed-source proprietary system that has a long history of data breaches, leaks, "research" in profile algorithms that wind up used in political campaigns, and blanket government surveillance, any day of the week.

Anyway, it's clear we disagree and you are of course more than welcome to keep using services like GMail with all the ad blockers in the world. GMail has tons of features and is a mature, convenient platform, that's why so many people use it. Go for it. That works for you, and demonstrates that people can and do differ on their approaches and reach different conclusions about what really matters. Cheers!
ioneja is offline   Reply With Quote
Old 8 Jun 2021, 06:43 PM   #26
hadaso
The "e" in e-mail
 
Join Date: Oct 2002
Location: Holon, Israel.
Posts: 4,581
Quote:
Originally Posted by TenFour View Post
Yep, the Colonial Pipeline hackers apparently got in via a VPN : https://www.newsweek.com/colonial-pi...report-1597842
This is not the kind of VPN service that people that want to avoid surveillance use. It's an access point into the internal network of a company. My employer, a university, has such a VPN service. We use it to access the LAN from home, for services such as access to the students' database, or to files on a network volume' or some other services that are only available on internal network of the organization.
hadaso is offline   Reply With Quote
Old 8 Jun 2021, 07:05 PM   #27
TenFour
Master of the @
 
Join Date: Feb 2017
Posts: 1,156
Quote:
This is not the kind of VPN service that people that want to avoid surveillance use.
Sure, but basically the same idea. This VPN provider describes many of the possible ways VPN's can be attacked: https://blog.orchid.com/what-happens...n-gets-hacked/
TenFour is offline   Reply With Quote
Old 8 Jun 2021, 11:34 PM   #28
dantheman
Cornerstone of the Community
 
Join Date: Mar 2002
Location: Hot Springs, AR
Posts: 855
Smile

Spotted this on TechSupportAlert - pretty handy i'd say!

https://privnote.com
dantheman is offline   Reply With Quote
Old 9 Jun 2021, 03:49 AM   #29
somdcomputerguy
Cornerstone of the Community
 
Join Date: Jun 2004
Location: Rupert, WV
Posts: 736
Quote:
Originally Posted by dantheman View Post
Spotted this on TechSupportAlert - pretty handy i'd say!
Similar to this service. - https://dead-drop.me/

- Bruce
somdcomputerguy is online now   Reply With Quote
Old 9 Jun 2021, 06:10 AM   #30
hadaso
The "e" in e-mail
 
Join Date: Oct 2002
Location: Holon, Israel.
Posts: 4,581
You can only trust these services if you check the code of the webpage every time you use them, unless you know the website owner and trust them not to cheat. Sending you to check the code on Github means nothing if that code is not the code your browser downloaded. It's like those websites that tell you that your credit card data is safe with them because the webpage displays a gif of a lock.
hadaso is offline   Reply With Quote
Reply


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Forum Jump


All times are GMT +9. The time now is 02:39 PM.

 

Copyright EmailDiscussions.com 1998-2013. All Rights Reserved. Privacy Policy