Are you using Tutanota email ?

[tungfa]

Are you using Tutanota email ?
please join the conversation:
https://tutanota.uservoice.com/forums/2 ... our-platfo

[BitcoinNewsMagazine]

Email services like Tutanota may be convenient but you need to be aware of the security tradeoffs. Tutanota only uses 2048 bit encryption while experts like Snowden recommend 4096. You can easily use 4096 bit PGP yourself with a utility like gpg4usb.

As important as the strength of your encryption is metadata in email headers. Three letter agencies love collecting metadata which can often help identity the sender of an email. If you want to eliminate metadata you need to look into a provider like sigaint which strips metadata from your email headers and sends your email over the Tor network.

[BitcoinNewsMagazine]

To reiterate that services using 2048 RSA encryption are no longer secure see the FAQ recently published by the NSA.

According to the NSA the following are no longer secure:

• ECDH and ECDSA with NIST P-256

• SHA-256

• AES-128

• RSA with 2048-bit keys

• Diffie-Hellman with 2048-bit keys

All the popular auto PGP email providers like Tutanota and ProtonMail still use 2048 bit RSA and should be avoided. Use PGP yourself with a key strength of 4096 (stronger keys are possible to create but commercial PGP clients have trouble handling.)

[bitkilo]

To reiterate that services using 2048 RSA encryption are no longer secure see the FAQ recently published by the NSA.

According to the NSA the following are no longer secure:

• ECDH and ECDSA with NIST P-256

• SHA-256

• AES-128

• RSA with 2048-bit keys

• Diffie-Hellman with 2048-bit keys

All the popular auto PGP email providers like Tutanota and ProtonMail still use 2048 bit RSA and should be avoided. Use PGP yourself with a key strength of 4096 (stronger keys are possible to create but commercial PGP clients have trouble handling.)

Thanks for pointing this out, i don't keep on top of this stuff like i should.

I signed up with ghostmail not long ago for a new email address but just checked and they are still using RSA 2048.

Can you recommend another free client that is still safe?

[BitcoinNewsMagazine]

To reiterate that services using 2048 RSA encryption are no longer secure see the FAQ recently published by the NSA.

According to the NSA the following are no longer secure:

• ECDH and ECDSA with NIST P-256

• SHA-256

• AES-128

• RSA with 2048-bit keys

• Diffie-Hellman with 2048-bit keys

All the popular auto PGP email providers like Tutanota and ProtonMail still use 2048 bit RSA and should be avoided. Use PGP yourself with a key strength of 4096 (stronger keys are possible to create but commercial PGP clients have trouble handling.)

Thanks for pointing this out, i don't keep on top of this stuff like i should.

I signed up with ghostmail not long ago for a new email address but just checked and they are still using RSA 2048.

Can you recommend another free client that is still safe?

I do not know of any free email services using automatic PGP encryption at 4096 strength yet. I also have some concerns storing private keys in the browser. Really, gpg4usb is pretty simple to use, just check their online manual. Because gpg4usb is portable you can take it with you on a flash drive or store it in a Veracrypt container to protect your private key from snoopers.

While it is a good idea to use an email provider that does not log your IP and minimizes metadata you would be better off just using local PGP with Gmail than one of those email providers who encrypt and decrypt in your browser.

For a good comparison list of free and paid email providers check out privacy conscious email services one should work for you. One thing everyone agrees on is to stay away from Safe-Mail and Hushmail.