Don't go online.
Failing that, use Tor, disable Javascript, Java, Flash, and cookies, and use a good email service like countermail. Abandon anything to do with social media sites (reddit included) except as a lurker and use a service like DuckDuckGo rather than Google searches. Note that "social media" can include things like Ebay and Craigslist as well as Facebook and Twitter. You may also want to use a service like Deleteme to keep yourself off internet name registries.
Or you could trust to the immensity of the internet and your own unimportance to keep you safe.
Based in sweden, I dont get the cd rom part but
1 not open source so how do I know they don't have a backdoor to decrypt my email.
2 headers aren't encrypted same as protonmail but tutanota enyrpts them AFAIK.
I don't know jack shit about anything else, https://countermail.com/?p=services
>and it would be nice if it was encrypted on the server.
>Diskless web servers
>Unlike the competitors, our web servers are diskless. They don't have any hard drives and instead start from a CD-ROM. This will ensure that everything possible is being done to keep your anonymity.
https://countermail.com/?p=server
Though a bit expensive compared to others...
Their website design is prehistoric, but have a look at Countermail (email provider based on Sweden).
This page might be a good reference for messaging apps:
Countermail.com - I believe that Countermail is the most secure email service provider in the world. The main reason why I believe so is a way how your emails have been kept on countermail's disks. Every hour the all your emails are encrypted with your public key. That means, if you even sent a non-encrypted email to any of your contacts, in maximum one hour this email will be encrypted with your public key. If you unloaded and then deleted you private key from Countermail’s server (what I did), that means nobody can read all of your emails without your private key. Even if hackers or officials will get full access to countermail’s servers and to all your emails, without your private key all of what they get will be absolutely useless. I have not heard about any other provider that supports the same policy of keeping your emails at the rest.
I've been a (relatively happy) Countermail customer since early 2014. It's true issues in early 2021 where bothering but still forgivable. I respect very much people who stick to their ideals. Even Gmail has reachability issues from time to time. But today, I am wondering if this "company" is actually a one-man show. Indeed they have not followed up on the refund they proposed a few months ago (as a customer since 2014 I think I should qualify). That's not so bad, because small companies actually need cash. However, suggesting something and not delivering it is a wrong customer service idea. Also, a best practice would be to have a different domain names between :
- company emails
- company website
- company service
Here we had *zero* way to contact them! it is not reassuring for the years to come.
I have my own domain name at Gandi.net and hopefully yesterday I could switch the MX records to Gandi's in order not to lose incoming emails, that was an easy task.
I had in mind, since the previous big 3-days-long issue in early 2021, to switch all my "countermail.com" addresses to my own domain. I will, very likely. My aim is not to renew Countermail in Spring 2022.
What other encrypted means of communication is she using. I recall Gerald using https://countermail.com (OpenPGP encryption protocol, with 4096 bits encryption keys, based in Sweden) while seeking freelancers to develop his platform many years ago. They seem very fond of end-to-end encryption.
Something worth noting: If my understanding is correct, CounterMail requires Java in the browser to perform the client-side encryption, so it would significantly expand the user's attack surface (Java in the browser has been riddled with security holes over the years).
Also, starting with the next stable Firefox release (52), Java and the other NPAPI plugins (with the exception of Flash) will no longer be supported. Chrome started phasing out plugins last year I believe, and it has caused problems for Countermail users. Once all plugins are dropped as the major browsers plan to do this solution might be more trouble than it's worth unless it changes its architecture
You can also check https://countermail.com (swedish based e-mail provider), what I like about them is this one:
>Diskless web servers
>Unlike the competitors, our web servers are diskless. They don't have any hard drives and instead start from a CD-ROM. This will ensure that everything possible is being done to keep your anonymity.
I am in the same position as you have have been struggling with this. Currently i am running a DO droplet with my own configured mail server but want to move away from this to a more secure solution. I'm not saying my setup is insecure but i rather use those 5$ per month to a company or organisation that has a bit more time on their hands to take care of security, patching etc.
There is a REALLY good option https://countermail.com/ but unfortunately they are quite costly. I would personally use them as my "burner mail" seeing that they have been tested by law enforcement before - and they really can't give them any info at all. For my personal e-mail i'd rather use tutanota or something similar.
I have made some search about it for a long time and came to the conclusion that emails will never be safe in their actual states, the only way to make them a bit safer is to host your own mail server, you have one person less to trust.
But if it's not possible for you, I had sort out two services that seams trustful with main priority on security and customers privacy.
https://countermail.com Emails are encrypted on the fly with your public key before being stored on the server, only you have the private key of course.
http://www.neomailbox.com/services/secure-email No encryption on the fly but still encrypted if I'm right. Price are a little lower than Counter Mail and it's hosted in Switzerland.