|
Fastmail seems almost perfect
I am this close to moving my personal domain to fastmail. I love the technical expertise and security emphasis (esp. regarding spf/dkim/dmarc). The web interface is lightning fast and has awesome functionality. The features (tons of aliases), rock solid stability, honestly a top notch service.
The only reservation I have is that I would like some option to encrypt my Inbox. I believe fastmail says that data is encrypted at rest, but these servers are always up, right? So that seems moot, unless I misunderstand. One of the main reasons I am moving from more mainstream services is to eliminate the possibility of my e-mail provider accessing my mail. I literally don't want them able to read them at all. I have read fastmail's reasoning why they believe it's important to be able to access my mails, but I have no need to search mails on the web interface, or use any of the other organizational features through webmail interface. I use Thunderbird and K-9 Mail on my phone and can search there easily. I would only access through a browser occassionally. Given that fastmail is in the US & Australia, I would like them to be unable to reveal the contents of my Inbox or any folder to anyone, because it was encrypted. Maybe someone wants to make my day and tell me that I'm misinformed, and that fastmail cannot access my mails on their server? If so, I will be signing up right away. If not, I will likely go with a mailbox.org or posteo and keep my eye on fastmail to see if they offer this type of feature in the future. But for sure, a superlative service. |
What you are looking for is something that is extremely difficult to provide in a usable form. First, reflect on this: mainstream IMAP mail clients have no facility to automatically decrypt messages dynamically at the client end. A first requirement will be some kind of add-on to handle encryption/decryption. In fact, such a facility does exist: a few PGP products can be set up to automatically encrypt messages when sending, and decrypt them whenever they are read.
As an alternative, you can use an email system where the provider has clients to handle decryption on your computer/tablet/phone. If this is browser-based, it will be insecure. If it is a native application on the device, it can be completely secure, in theory, but good luck in finding a niche service with support for MS Windows, OSX, Android, Linux, iOS and whatever other platforms you might need supported. Apart from the above, there are some performance costs (and losses in functionality) but only one "tiny" remaining issue. It assumes that everyone else who corresponds with you is willing to use a compatible system. Good luck with that! I am able to communicate with anyone who asks using PGP, but have given up trying to educate others on its benefits. Although not really hard, it seriously affects the usability of ones email system, and is anyway too much trouble for most people, even for transmitting sensitive messages. Sad to say, for all practical purposes, email communications cannot be made fully secure for general correspondence. If you want a suggestion on what you can do that your correspondents can use when you send them something confidential, you can put the message in an encrypted archive using a widely supported format like ZIP files. You let them have the password. Just do not expect them to send stuff to you that way! |
You seem to be concerned about two different types of snooping: internal, by Fastmail staff, and external, by government agencies.
As for internal snooping, you are correct that (some) Fastmail staff has the ability to read the contents of the emails stored on the servers. You are also correct that data is stored at rest, so if the CIA/FBI/NSA busts the door at Fastmail's data center(s), they'll get a whole lot of nothing, fast. As for external snooping, first read this: https://www.fastmail.com/about/privacy.html. If that doesn't put your mind at ease, then you should unfortunately sign up with someone else. |
This talk about PGP reminds me about this op-ed on Ars Technica last week:
http://arstechnica.com/security/2016...ing-up-on-pgp/ One comment, from an editor at AT, had me laughing hard: http://imgur.com/a/vwWzE Tragicomical, yes, but mostly comical. By the way, there's now a counter-op-ed up: http://arstechnica.com/information-t...t-replace-pgp/ |
Thanks for the feedback!
I definitely understand that email is fundamentally insecure. I'm also familiar with pgp and know how to use it with any provider. Though frankly I'm not super interested in using e2ee very often. What I'm looking for is something akin to what a couple of providers offer. Some allow you to upload your public pgp key and set all incoming mail to be encrypted with it before it arrives in your inbox. That's fine and accomplishes my goal, but an approach I like better is what posteo allows you to do, which is they encrypt all incoming emails, attachments, meta data, everything, using your account password instead of your public key. The result of this encryption is that you alone can see this content, and the entire contents of your inbox are inaccessible to the email provider or anyone else who doesn't have your password (with posteo) or your private pgp key(with for example mailbox.org). I respect what fastmail says about their approach to privacy, and I believe them. Nonetheless, if a law enforcement official showed up with a warrant or put a gun to their head, so to speak, they would be capable of turning over my plaintext emails. With the systems I describe from other providers, they are only capable of turning over encrypted data. Additionally, I have checked out tutanota and proton, whose closed system certainly keeps everything secure, but seems extreme to ask people to abandon their normal platform and follow links just to read an email. I mean after all, I'm not doing anything sensitive, but I do like the idea of my inbox is for my eyes only. I have no illusions of being able to thwart any type of serious, governmental wire tapping situation, nor would that ever be aimed at me. Anyway, thanks for your input. p.s. Loved those ars articles, I read them as they were published. Totally pertinent to the discussion. |
Quote:
|
Quote:
As long as end-to-end encryption is not employed, your email host has the possibility to see all your incoming and outgoing email at some point. And if they do, so does anyone they (are coerced to) cooperate with. PGP or the like is the only solution to that problem. Don't know why, but I'm reminded of this. :-) https://xkcd.com/538/ |
Quote:
Do you really expect Fastmail to make major changes (that many do not want) just for you? It is my opinion that you are using this thread as a ploy (to get what you want) while stirring everyone up, under the facade of posting a compliment. |
Sounds to me, Correo, that you should be taking a look at ProtonMail.com As I understand it, end to end encryption, mail stored in Switzerland which is about as far from the reach of legalized snooping as end users can get. A basic account is free; upgraded accounts are a bit more expensive than Fastmail but may not be needed depending on your mail volume. ProtonMail is only available as a web app on the Mac desktop. It has an excellent iOS app. The website will have information on use with other operating systems.
|
There have been several requests that the Enigmail add-on for Thunderbird support encrypting the existing contents of the inbox. It didn't make it to either the "developers to-do list" or the "feature wishlist for v2.0".
https://sourceforge.net/p/enigmail/f...read/b0940ad0/ There is a IMAPCrypt utility that supposedly lets you encrypt the contents of an existing IMAP folder using Gnu Privacy Guard (GPG). I ran across another project that uses gpgit to do the encryption and pipe2imap to upload the encrypted message. https://www.chrisleephd.us/projects/imapcrypt.html https://www.grepular.com/Automatical...g_Email_Part_2 |
Quote:
Unless the message is protected with strong encryption from the time it leaves your client, the big security agencies should be assumed to have a copy of it intercepted while in transit. There are a number of MitM mechanisms they can use for this. As for your mail provider, even if they claim no copy of your password is retained by them, how do you know this is true? Even using an asynchronous encryption method like PGP, you only have the mail provider's word that it is used. |
I wholeheartedly agree with the points made here by BritTim and petergh. The reality is that just about any provider that claims to provide secure encryption of your email inbox is ultimately just giving you "security theatre" in the classic sense. It's a feel-good solution for everybody who is obsessed with the idea of encryption without understanding the nuances of how Internet email technology — or even proper encryption — actually works.
The very nature of SMTP and MTA/MDA processes is that the messages must live in plaintext on the systems at some point. Now, it's theoretically possible for that to occur only in a protected memcache, but there are still many points of vulnerability in such a design, and I'd honestly want to see very detailed, in-depth technical analyses on how this is all done before I'd truly trust such a system. Similarly, the minute a provider supports IMAP or POP retrieval of email, the MUA enters into the equation, and suddenly you're dealing with another plaintext attack vector. While it would be theoretically possible for an IMAP client to decrypt messages with a symmetric or asymmetric system after download, there is basically no major group of email clients that provide any standard support for this at all, so it's unlikely to see buy-in from any provider. Ultimately, such an idea is niche at best right now. Even providers that use webmail services rather than standard IMAP/POP protocols have their own issues to wrestle with, and requires very careful design to ensure that your keys are not being disclosed to any server-side processes. It's not an insurmountable problem, of course — many file-based services like SpiderOak and Sync.com have managed to a address it, but it's also not trivial to design properly. Finally, consider that any system that uses symmetric encryption (e.g. your account password) and allows you to change a forgotten account password will by necessity have a vulnerable point of access. If you can change your account password without knowing the original one, then so can the provider. In addition to the normal design and engineering challenges that often leave wide holes for hackers, there are many points of access that a law enforcement agency or bad actor within the company can take advantage of to get access to your data even in the best designed system, as it's just a limitation of how email technology works. The problem is not that email providers like FastMail are unwilling to provide robust encryption solutions — the reality is that they're just not capable of doing it properly, and wisely don't want to contribute to "feel-good security theatre" that doesn't actually help anybody at the end of the day. Honestly, at the end of the day your best option if you're that concerned about securing your inbox is to either not leave it online at all — use POP to download all of your mail and file it locally on your own computer, or move messages from your IMAP INBOX to local folders in your mail client — or simply run your own mail server that remains under your own control. |
In my opinion FastMail has a big advantage over mailbox.org or Posteo, Protonmail etc.
FastMail has app-specific passwords (and with different restrictions). Much better than any other provider. Don't want, that my routers firmware knows my private mail-password, etc. I really like mailbox.org and it's Open Xchange System behind. But only one password for an account seems to be outdated. |
From my point of view, running your own server from your house or using POP with a conventional email client is the least secure method of using email. A few years ago a burglar pulled out the security alarm telephone wires, broke in through a rear door, and stole my PC. It was an all-in-one PC with a large screen, so the thief probably thought it was a television. They stole the wrong power supply, so my guess is that they threw it away when they couldn't get it to power up. If I had used the default (retrieve all messages and delete them from server) POP3 with an email client, all of my stored email would have been permanently lost. A similar situation would result if your hard drive failed and you didn't have a recent backup. Of course, all of my friends who have their passwords on Post-It notes on the side of their PC monitor are in real peril if someone breaks into their residence.
I think that many people improperly consider the risk of various events. My guess is that the risk of an improper government request for your messages is several orders of magnitude less than your PC hard drive failing, a fire burning up your PC, or a thief or family member stealing your PC. I trust the reliability and security of my Fastmail email store much more than anything I could manage myself at my house. Bill |
Quote:
My reasons for running my own server were always more about certain features that I could deploy myself that other providers don't have (Sieve editheader and proper iOS push support were two really big ones, not to mention some enhanced server-side folder rule scripting on the message stores for auto-filing). iOS push is something that FastMail implemented last year, and did a really good job of it, and it was at that point that I decided I could live without the other features in favour of the stability and reliability that FastMail provides. I've been telling my colleagues for years that, compared to most other mainstream providers, FastMail offers almost all of the features you'd want from running your own server anyway, and it's pretty much true for all but the most esoteric advanced features. Even leaving aside all of the risks n5bb mentions — in my case I run multiple, encrypted backups both on-site and off-site, use IMAP to pull down all of my email to two client workstations, and used full-disk encryption on the server — you're also left having to keep up with the latest security updates, deal with the issues of hardening your server, and of course you're a victim of the stability of your own Internet connection, which for most people is just a typical home-grade connection. I'm fairly confident that a professional service provider like FastMail is going to be far more on top of creating a secure computing environment than anything that I want to be bothered looking after on a regular basis. |
Quote:
|
Every device I use for mailing or pushing mails knows my password (because I enter it inside the routers firmware, mail software or devices like iphones itself). So it's much better to have app specific passwords.
|
Quote:
|
Quote:
|
Quote:
I obviously originally assumed he was concerned that his router's firmware was potentially intercepting the password in transit :) |
Quote:
At this point you log in or your client logs in with your plaintext password, decrypting the mail store on the server, and it's game over. The fact that it's stored encrypted at rest and requires your password to be applied to decrypt it (on the server) would only have value if you knew in advance that you were being monitored and immediately took steps to make sure you never logged in again. Ever. In which case you don't have access to your email any more, either the old stuff or any new incoming emails (though the law enforcement people would get new emails, because they'd compel a copy be taken before being encrypted) It's a cool idea from a cryptonerd perspective, but it's useless as security against any actual real-world threat. (speaking of which "l33t haX0r breaks into provider computers and tries to read your email" suffers from exactly the same issue, sure they can only access your email while you're logged in and your vault is decrypted, but like I said - that's going to at least once per day, so they don't have to wait long. You're only safer if your provider notices them before you next log in and shuts them down) |
I just want to contribute a little bit with an article on browser based cryptography - https://tonyarcieri.com/whats-wrong-with-webcrypto. The point is that you can not trust the browser to isolate you from the server, mostly because you dynamically load unsupervised code for execution (from the server) - but not only. This means that services like ProtonMail and Tutanota are not as secure as advertised, at least in principle (and we have witnessed that principle manifest, sooner or later).
I myself am paid user of Tutanota, although I do not actually use it and consider this a donation for the development of the field, so this is not bashing. To have really secure client side encryption, you need a client, where code is not loaded dynamically, that is - not a browser. And this is just for the storage of messages - incoming and outgoing messages are still subject to interception. For real end to end encryption, the base mail system would have to be extended, which means that it will be generally incompatible with most of the world. |
What about discontinuing TLS1.0 and TLS1.1 with Fastmail?
Some news over here? |
| All times are GMT +9. The time now is 04:44 AM. |
Copyright EmailDiscussions.com 1998-2022. All Rights Reserved. Privacy Policy