I Tested 5 Secure Email Providers (THIS is the best Gmail alternative)
Summary
TLDR本文对比了市场上五款主流的加密电子邮件服务:ProtonMail、Tutanota、Mailfence、StartMail和Hushmail。分析了它们的隐私政策、地理位置、移动应用支持、加密技术、安全性以及价格。强调了端到端加密的重要性,同时讨论了零知识架构和两步验证的重要性。推荐了ProtonMail和Tutanota,因其提供全面的隐私服务和最佳性价比,并强调了使用YubiKey作为账户保护的重要性。
Takeaways
- 💼 用户上个月花费238美元订阅了5个市场上流行的加密邮件服务。
- 🔍 他想要比较这些邮件服务之间的差异,包括功能、位置、移动应用以及成本。
- 🏢 这些服务提供商代表了一种隐私和无广告的替代选择,如Gmail、Outlook或Yahoo。
- 🔒 所有这些加密邮件服务都拥有超过十年的业务历史,为用户提供了一定程度的信任感。
- 📍 邮件服务的地理位置对于数据隐私法有重要影响,如瑞士、德国、比利时、荷兰和加拿大的法律。
- 🔑 尽管数据加密可以保护隐私,但“加密”一词有多种含义,服务的软件架构也很重要。
- 🔒 零知识架构允许用户完全控制加密密钥,如果用户丢失密钥,服务提供商也无法恢复。
- 🔐 推荐使用2FA安全密钥,如Yubico的YubiKey,以增强账户安全性。
- 📅 邮件服务与日历和云存储紧密相关,Proton和Mailfence提供集成的加密日历和云驱动服务。
- 📱 移动应用对于邮件服务的访问很重要,Proton、Tuta和Hushmail有自己的移动应用。
- 💰 这些服务的平均价格是48美元,Tuta提供最佳价值,而StartMail是投资最高的。
- 🛡️ 用户推荐Proton Mail或Tuta,根据用户对别名数量和隐私服务的需求进行选择。
Q & A
为什么作者上个月花费238美元订阅了5个流行的加密邮件服务?
-作者想要比较这些邮件服务之间的差异,包括它们提供的功能、所在地、是否拥有自己的移动应用程序,以及它们的价格。
作者提到的这5家加密邮件服务公司分别是什么?
-文中未明确列出这5家公司的具体名称,但提到了Proton、Tuta、Mailfence、StartMail和Hushmail。
为什么选择这些加密邮件服务提供商?
-作者选择这些提供商是因为它们有着超过十年的业务历史,这为它们提供了一定的信任度,让人觉得它们会持续运营。
在比较加密邮件服务时,为什么数据隐私法律很重要?
-数据隐私法律对于保护用户数据安全至关重要,不同国家的隐私法律严格程度不同,这可能影响到用户数据的安全性。
为什么加密邮件服务的地理位置可能影响服务的安全性?
-地理位置影响数据隐私法律的适用,以及政府对数据的访问权限,即使数据是端到端加密的,服务器的地理位置仍然可能影响数据的安全性。
什么是PGP支持,它在加密邮件服务中扮演什么角色?
-PGP(Pretty Good Privacy)是一种标准的电子邮件加密技术,它确保邮件内容在传输过程中的安全性。
什么是零知识架构,它在加密邮件服务中有什么优势?
-零知识架构是一种安全模型,所有加密密钥和处理过程都由用户自己掌握,这意味着即使服务提供商也无法访问用户的邮件内容。
为什么作者推荐使用2FA密钥,如YubiKey,来保护加密邮件账户?
-使用2FA密钥可以提供额外的安全层,即使密码被猜测或泄露,没有物理密钥也无法访问账户。
Proton和Tuta是唯一接受YubiKeys的邮件服务提供商,这有什么重要意义?
-这表明Proton和Tuta提供了更高级别的账户安全保护,因为它们支持使用YubiKey这种强安全性的2FA设备。
为什么作者认为邮件服务不仅仅包括邮件本身,还应该包括日历和云存储服务?
-因为邮件、日历和云存储服务在日常工作中是紧密相连的,将这些服务整合可以提供更流畅的工作流程,同时保护用户隐私。
在提到的加密邮件服务中,哪些提供了集成的日历和云驱动器服务?
-Proton和Mailfence提供了集成的加密日历和云驱动器服务,而Tuta的TutaDrive正在开发中。
为什么作者建议在选择加密邮件服务时考虑2FA安全密钥?
-2FA安全密钥如YubiKey可以提供更高级别的账户保护,确保即使在邮件服务加密的情况下,账户登录仍然安全。
根据作者的推荐,如果用户需要一个具有无限别名和其他隐私服务的邮件服务,应该选择哪个提供商?
-如果用户需要无限别名和其他隐私服务,如VPN或密码管理器,作者推荐选择Proton Mail。
如果用户只是想要性价比最高的加密邮件服务,作者推荐哪个提供商?
-如果用户只是想要性价比最高的服务,作者推荐选择Tuta。
作者提到了一个网站,用于获取关于加密邮件服务的完整信息和更新,这个网站是什么?
-作者提到的网站是allthingssecured.com/secureemail,用于获取关于加密邮件服务的完整信息和更新。
Outlines
🔒 加密邮件服务比较
本文段讨论了作者花费238美元订阅了市场上5种最流行的加密邮件服务,目的是比较它们之间的差异,包括功能、位置、移动应用程序以及成本。这些服务提供商代表了一种隐私保护且无广告侵扰的替代选择。所有这些服务提供商都拥有超过十年的业务历史,提供了一定程度的信任。文章还提到了数据隐私法律的重要性,特别是服务提供商所在国家的法律。例如,Proton位于瑞士,享有高度的隐私保护;而Tutanota、Mailfence和StartMail分别位于德国、比利时和荷兰,都受到GDPR的保护。Hushmail位于加拿大,虽然隐私法律不错,但可能不如瑞士或欧盟理想。尽管端到端加密可以保护数据,但加密的具体实现方式也很重要。服务提供商支持PGP加密,但软件架构也同样关键。例如,StartMail可以解密恢复账户,而Proton、Tutanota、Mailfence和Hushmail声称采用零知识架构,这意味着公司无法访问服务器上的电子邮件。此外,还讨论了2FA密钥的重要性,尤其是YubiKey,它为账户提供了额外的安全层。
📅 邮件服务的附加功能与推荐
本段继续讨论了除了基本的邮件服务外,日历和云存储服务的重要性,以及它们与邮件服务的整合程度。Proton和Mailfence提供了与邮件服务无缝集成的加密日历和云驱动器,而Tutanota的TutanotaDrive还在开发中。StartMail和Hushmail目前仅提供邮件服务。此外,还提到了移动应用程序的可用性、别名数量、自定义域名使用以及额外费用等问题。在价格方面,Tutanota提供了最佳的性价比,而StartMail则是投资最高的。作者推荐Proton Mail或Tutanota,具体取决于用户对别名数量和隐私服务套装的需求。最后,作者强调了2FA安全密钥的重要性,并建议购买YubiKey以确保账户的最高保护。文章还提供了一个链接,供读者获取更多关于安全电子邮件服务的详细信息。
Mindmap
Keywords
💡加密邮件服务
💡数据隐私法
💡PGP支持
💡零知识架构
💡2FA安全密钥
💡YubiKey
💡移动应用程序
💡别名
💡自定义域名
💡定价
💡集成服务
Highlights
上个月,作者花费238美元购买了市场上5种最受欢迎的加密电子邮件服务的订阅,以比较它们之间的差异。
比较的电子邮件服务包括功能、位置、移动应用程序以及成本等方面。
所有比较的电子邮件提供商都拥有超过十年的业务历史,为用户提供发送和接收电子邮件的服务。
Proton基于瑞士,享有高度隐私保护的声誉,不受美国和欧盟管辖。
TutaMail、Mailfence和StartMail分别位于德国、比利时和荷兰,都属于欧盟和GDPR的管辖范围。
Hushmail位于加拿大,拥有良好的隐私保护法律,但可能不如瑞士或欧盟理想。
尽管数据是端到端加密的,但服务器的位置可能仍然重要,因为加密的实现方式可能有所不同。
所有服务都提供PGP支持,但软件架构也很重要,例如StartMail可以解密和恢复账户。
零知识架构将加密密钥和处理过程放在用户手中,如果用户丢失,公司无法帮助恢复。
Proton、Tuta、Mailfence和Hushmail声称采用零知识架构设计。
使用2FA密钥,如YubiKey,可以提供比单一密码更强的账户登录保护。
Proton和Tuta是目前唯一接受YubiKeys作为2FA的电子邮件提供商。
Proton和Mailfence提供与电子邮件产品无缝集成的加密日历和云驱动器。
Tuta有一个非常好的加密日历,并且正在开发TutaDrive。
StartMail和Hushmail不提供日历和加密驱动器功能,严格来说是电子邮件提供商。
Proton、Tuta和Hushmail开发并发布了自己的移动应用程序。
Proton、StartMail和Hushmail允许无限数量的别名,而Tuta和Mailfence根据计划限制别名数量。
所有加密电子邮件提供商都允许使用自定义域名,但StartMail要求额外支付每月0.85美元。
这些服务的平均价格是48美元,Tuta是最佳价值选择,而StartMail是最高的投资。
作者推荐Proton Mail或Tuta,具体取决于用户对别名数量和隐私服务的需求。
建议购买两个YubiKeys作为2FA安全密钥,以确保账户的最高保护。
Transcripts
Last month I spent $238 buying subscriptions to 5 of the most popular encrypted email
providers on the market today. Why? I want to compare the differences between these email
services side by side: what features do they offer, where are they located,
do they have their own mobile apps and, of course, how much do they cost?
These are the five companies we’re looking at today and each of them represent an
alternative to Gmail, Outlook or Yahoo that is both private and not inundated with ads.
When stacking each of these encrypted email providers side by side,
I think it’s important to note that all of them have been in business for more
than a decade sending and receiving emails for folks. In other words, while there’s always a
risk that a company could go out of business or be bought up and have their services shut down…
Skiff
…I’ve chosen these email providers because they have a strong history
that lends a certain amount of trust that they’ll be around for a while longer.
We’ll dive into encryption in a moment, but first let’s compare the data privacy
laws of the countries in which they’re located. Proton is based in Switzerland, which is highly
regarded as one of the best for privacy not just because of their strict data protection laws,
but also because they are outside the jurisdiction of both the US and the EU.
Tuta, Mailfence and StartMail are based in Germany, Belgium and Netherlands respectively,
all of which are part of the EU and the GDPR which is the
self-proclaimed “toughest privacy and security law in the world”.
And finally we’ve got Hushmail based in Canada, which from what I can understand has good privacy
laws and is better than the US for sure, but perhaps isn’t as ideal as Switzerland or the EU.
But does location really matter when we’re dealing with encrypted data? In other words,
even if a government requested my data or the email server was compromised in a breach,
it shouldn’t matter where that server is located as long as
the data is end-to-end encrypted, right? Hopefully that’s the case,
but the problem is that the word “encryption” can be used in a lot of different ways.
All of these service offer PGP support, which is the standard for email encryption. But the
software architecture is important as well. For example, StartMail is encrypted, but it
is possible for them to decrypt and recover an account. According to their whitepaper,
doing so requires two separate senior members of the management team who
reside in on different continents and thus are under different jurisdictions.
The obvious benefit to an architecture like this is that you have the safety net of a recovery
process in case you somehow lose access to your account. Zero-knowledge architecture,
on the other hand, takes all the encryption keys and processes and puts them in your possession,
so if you lose it, there’s nothing the company can do.
This zero-knowledge architecture is the way Proton, Tuta, Mailfence and even Hushmail
claim to be designed. And I feel like I need to put a disclaimer here that parsing all the
marketing language and whitepaper explanations is not easy and doesn’t always result in a
black and white answer. There is nuance and some of it is honestly above my pay grade.
In theory, though, these companies can never access your email on their servers,
which from a privacy standpoint is a strength, but that also means that you
are solely responsible for your account security. No “forgot password” recovery option available.
Part of the security that I recommend, is what is known as a 2FA key, like what you see here from
Yubico. When you’re dealing with secure email, you want to know that your data is encrypted,
but you also want to know that your account login is protected. Using a password alone
isn’t enough when we’re dealing with secure email. A physical YubiKey means that even
if somebody guessed your password or stole it in a breach, they couldn’t gain access
to your account unless they physically had this key to plug into their device.
YubiKeys are an important part of my personal security and something I recommend for everybody
I know. They’re actually the sponsor of this video and as you can see here, Proton and Tuta are the
only providers that accept YubiKeys right now. Mailfence, StartMail and Hushmail all provide
2FA via a text message or authenticator app, but we’re dealing with encrypted
email here - in my opinion, you should be able to use the strongest form of security, right?
Well moving on, as I’ve gone about testing these different email providers, basically trying to
replace my reliance on Google services, the thing I’ve noticed with email is that it’s not a single
product. What I mean by that is that my email is very closely tied to both my calendar and
my cloud storage. I need to send and receive calendar event invitations as well as download
or upload attachments. And if you care about the privacy of your email, you likely also care about
the privacy of your calendar - I don’t want Google or Microsoft knowing exactly where I
am at all times and who I’m meeting with - or the privacy of your stored contacts or your
cloud drive. When you separate those services, at least for me, it really disrupts my workflow.
This is an area where both Proton and Mailfence already have an advantage in that they offer an
encrypted calendar and cloud drive that integrate seamlessly with their email
product. Tuta has a very nice encrypted calendar and I’m told the TutaDrive is being developed,
but as of this filming it hasn’t been released yet. So be aware of that.
Unfortunately, calendar and encrypted drive features aren’t
offered by StartMail and Hushmail, both of whom are strictly email providers.
Ok, at this point I’m going to power through a list of other features that
are important but I don’t want to go into great detail about.
First, if you want a native mobile app to access your mail on your phone or tablet - something you
download on the iOS or Android app store - Proton, Tuta and Hushmail have developed and released
their own apps. In terms of aliases, which is the number of unique emails you can create to forward
to your inbox, Proton, StartMail and Hushmail all allow for an unlimited number of those. Tuta and
Mailfence limit you based on your plan, starting at 15-20 aliases, at least using their URL.
All of these encrypted email providers allow you to use a custom domain,
but StartMail is the only one that for some reason requires you to
pay $.85 extra per month to do it. I don’t understand that, but whatever.
And finally, the pricing. The average among these five services is $48,
which makes Tuta the best value and StartMail the highest investment.
So what do I recommend? After using all of these encrypted email providers, for me it boils down to
either Proton Mail or Tuta, which I’ll explain in a moment. I like Mailfence and Startmail,
but for Mailfence I really wish they would add Yubikey support and for StartMail,
the same thing applies but they also simply lack the calendar and
drive services that I need in order to fully migrate to a new email provider.
At the end of the day, I suggest you go with Proton Mail if you value unlimited aliases
and the suite of other privacy services they offer like a VPN or password manager.
If you just want the strongest email at the best value, Tuta is the way to go instead.
And whichever you choose, if you don’t already have a 2FA security key,
then go purchase two YubiKeys for yourself - one primary and one backup - that will ensure
the highest possible protection for your account. These keys can protect multiple online accounts,
which I’ve talked about in a previous video, but it just doesn’t make sense to
me to invest in a secure email service without having YubiKey protection.
I’m sure there are other things I’ve forgotten to include in this comparison which you can leave
in the comments, but if you want to see a full breakdown, visit allthingssecured.com/secureemail
which I’ll keep updated with any changes long after this video goes live.
Weitere ähnliche Videos ansehen
AWS re:Inforce 2024 - Explorations of cryptography research (SEC204-INT)
翻墙须知,避免喝茶!你的翻墙软件VPN安全吗?这些中国背景的VPN千万别用!
Self-Hosting Security Guide for your HomeLab
Lecture 4 - Diffie-Hellman Key Exchange
Panel 3 | Digitalización de la cadena de suministro en el nuevo escenario económico
2000万中国人都在翻墙!“墙”究竟是怎样工作的?你的翻墙方法真的安全吗?现今主流翻墙技术存在的缺陷
5.0 / 5 (0 votes)