Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Which eMail provider? ProtonMail Vs. LavaBit Vs. Tutanota
Email Provider Criteria
Email is a notoriously insecure protocol which is generally recommended
against for critical communications, particularly if exposed meta-data
is part of your threat model.
In any of all mentioned provider cases, the provider offers end-to-end encrypted only between users of the same solution. Only PGP is a universal way of sending encrypted emails to anyone, but unfortunately not enough people know how to use this. Zero knowledge encryption means key must be stored on the user’s device otherwise it’s not protected against state-sponsored criminals. Of course, this doesn’t mean they couldn’t give the government plain text messages — just that it would require them to actively attack the user in order steal the required password, up to now they haven’t done it, and most probable will not do so in the foreseeable future. It also means the provider is unable to recover (decrypt) data if password is lost. Tutanota explains that if they were requested to hand over inboxes (keeping in mind that this happens only with a valid German court order for criminal prosecution), all the data will be encrypted, even the Inbox rules are encrypted.
ProtonMail
===========
* Schwitzerland
Supports Tor: https://protonmail.com/tor .. see: https://protonirockerxow.onion/
* Store mailbox password in memory only, not session storage. This means
the user will have to re-enter the mailbox password if the page is
refreshed, but will avoid the mailbox password ever touching the disk if
the browser caches session storage.
* Two factor authentication.
* Public Key Pinning (HPKP)
* Full PGP Support
* Source: https://github.com/ProtonMail/
* CERN/MIT/Caltech/Stanford working on it together
* This service requires two different passwords to get in. The first one
opens the site up, but the second one decrypts all the user’s data.
* Some privacy hardcores don’t like Protonmail because it holds the key on
its servers, sending it to users so they can use it to decrypt in the
browser. It’s a fair critique, but it still takes users much further
down the road of security than Gmail.
* AES-256 symmetrically encrypted 2048 (OpenPGP.js)
* DANE/DNSsec
* Perfect Forward Secrecy
* Penetration tested by https://blog.protonmail.ch/protonmail-security-contributors
* Fully encrypted inbox
* Anonymous registration/payment
* You can also set messages to self-destruct after a number of hours,
days, or weeks into the future. To do that, you'll also need to set a
decryption password for the message. Once the message expires, it
becomes digital dust never to be seen again.
* Apps for iOS and Android
* Won't work on e.g. Thunderbird (third-party wrapper is coming, beta already avbl.)
* Language support: French, German, Russian, Spanish, Polish, Turkish, Ukranian, Dutch.
Pro:
* Auto-destruct emails between Protonmail users. Possible for external users if you set up a password protected email.
* You get a notification on your recovery email when you have a new email.
* Can disable recovery email.
* Asks for a GSM phone number.
* PGP encryption available.
* Servers are located in Switzerland, therefore under Swiss privacy protection laws. Read our article : Data Privacy in the 21st century: Germany vs Switzerland.
* Contacts import-export.
* Auto Unsubscribe.
* PIN protection for mobile apps.
* Auto-responder.
* Custom filters with Sieve.
* Desktop client bridge.
LavaBit
===========
* Dark Internet Mail Environment (DIME) support (for e.g. Thunderbird).
* DANE/DNSsec
* Perfect Forward Secrecy
* Penetration tested by ?
* Fully encrypted inbox
* Anonymous registration/payment
* Open signup is still not being offered; the signup page now requires a
promo code which may have been received by former customers and those
who took advantage of the early signup offer.
* Lavabit claims to have solved their fatal SSL weakness using a hardware security module (HSM). However, this is disingenuous at best, deceptive at worst. Now instead of asking for the SSL key, the US govt will simply ask for the HSM. In other words, the original problem that killed Lavabit still exists. Ladar either doesn't know any better, or isn't being truthful. Neither bodes well.
* Lavabit is strongly touting metadata protection via Darkmail protocol. However, they fail to mention that Darkmail metadata protection only works if you are communicating with an outside email provider, AND critically, if that other email provider also supports Darkmail. Since nobody uses Darkmail at this time, it's rather deceptive also to claim that Lavabit has metadata protection.
* There is still the issue of Lavabit being based in the US. The key takeaway from the first Lavabit was that you can't do secure email in the US. The risk of shutdown or other types of mandatory tampering is just too great, and it is unlikely that the new US presidential administration will be any friendlier than the last one towards privacy.
* Lavabit's biggest failure originally was really that Ladar deceived users and ultimately put them all at risk when he eventually handed over the encryption keys to the FBI. The technical failings and lack of cryptography knowledge were quite severe. Moxie (creator of Signal) has a more detailed writeup about it here: https://moxie.org/blog/lavabit-critique/
Tutanota
===========
* Apps for iOS and Android (plugin for Outlook)
* This service is based in Germany.
* Germany (Hannover)
* AES-128 (2048 bit RSA key)
* Two factor authentication.
* DANE/DNSsec
* Perfect Forward Secrecy
* Penetration tested by Syss GmbH
* Fully encrypted inbox: NO!
* Anonymous registration/payment (planned)
* Source: https://github.com/tutao/tutanota/
* Tor problems
(Pro)
* No recovery (email or SMS). The admin can recover for a user from the admin panel though.
* Doesn’t ask for a GSM phone number.
* Auto-synchronization with several devices and browsers.
* Servers are located in Germany therefore under German privacy protection laws. Read our article : Data Privacy in the 21st century: Germany vs Switzerland.
* Dual encryption mechanism.
* Uses DANE on top of SSL and PFS.
Shared features between Tutanota Premium and Protonmail (Plus)
===========
* End-to-end, zero-knowledge encryption.
* Open source.
* Own business domain.
* Each user can set up multiple aliases.
* Multi-platform.
* Web-based on desktops.
* Password protected emails for external users.
* No IMAP/POP3 support.
* No logging of users’ data.
* Local encryption of data.
* Drag and drop messages.
* Bitcoin payments.
* Two-factor authentication.
* Professional plan with multi-user support.
Conclusion
===========
Sadly Tutanota has different ideas about password security than I do. I used a standard 18 lower case character password – without dressing – and it showed as “Password is not secure enough”. Well, as we all know, that’s bullshit. But, I pushed the password out to 27 lower case characters and was welcomed to the club. As an experiment when I added “dressing” [Capitals and #@+*] the “Password was not secure enough” unless it had 11 characters – with a minimum of 3 bullshit characters. I used 2 capitals and a $. If you feel like only using 2 specials the magic number is 17. This is a no-go.
As with ProtonMail, it is certainly not perfect, and should not be considered secure against the NSA – encryption using JavaScript within the browser is not very secure, and Germany is not the ideal location for a privacy service (but then where is?). It is, however, vastly more secure and private than most webmail services, and it has a nice mobile app.
Whether you prefer ProtonMail or Tutanota really depends on what features are important to you – ProtonMail has a much more fully featured interface (Tutanota’s complete lack of a draft function is a total bummer + the Android app is slow and not really well handable), but Tutanota allows even non-user recipients to reply securely to encrypted emails*, and encrypts the subject line and attachments, in addition to an email’s body.
Everyone has a different scale and perception to any external factors. If the comfort of using Gmail is far greater than you perceive the security risks, you might just want to stick with Gmail. What matters is that you are the one in control of your decisions, and that you decide with all cards in hands. Personally I like using daily mails without breaking much, so ProtonMail is perfect and good enough for me, the support is constantly working on it and there usually fast.
Research:
* https://arno0x0x.wordpress.com/2015/09/16/end2end-encryption-protonmail/
* https://www.wired.com/2015/10/mr-robot-uses-protonmail-still-isnt-fully-secure/
* https://protonmail.com/security-details
* https://protonmail.com/privacy-policy
* https://protonmail.com/blog/secure-email-roadmap/
* http://sigaintevyh2rzvw.onion/
* http://deepdot35wvmeyd5.onion/2015/02/16/interview-sigaint-darknet-email-admin/
* http://deepdot35wvmeyd5.onion/2015/04/26/70-malicious-tor-exit-nodes-exposed-by-siganit-org/
* https://tutanota.com/blog/posts/trump-family-encryption
* https://i2pbote.xyz/
* https://www.theregister.co.uk/2014/07/11/tutanota/
* https://tutanota.de/blog/posts/tutanota-and-tor (fixed Aug. 2017)
* https://moxie.org/blog/lavabit-critique/
* https://f-droid.org/forums/topic/tutanota/
* https://theintercept.com/2017/01/20/encrypted-email-service-once-used-by-edward-snowden-to-relaunch/
* http://www.linux-community.de/Internal/Artikel/Print-Artikel/LinuxUser/2015/03/Sichere-re-Mailanbieter
* https://tutanota.com/blog/old-blog/bA7ez.html
* https://tutanota.uservoice.com/forums/237921-general/suggestions/6858986-2-factor-authentication
* https://www.theregister.co.uk/2014/07/11/tutanota/
* https://www.heise.de/ct/ausgabe/2014-4-Die-Schwaechen-der-E-Mail-und-was-dagegen-hilft-2092851.html See: https://tutanota.com/blog/old-blog/bA7ez.html
* https://tutanota.com/blog/posts/data-privacy-germany
* https://techcrunch.com/2017/01/20/security-researchers-call-for-guardian-to-retract-false-whatsapp-backdoor-story/
* https://proturk.com/blog/new-generation-secure-mail-providers-lavaboom-vs-protonmail-vs-tutanota/
* https://landing.google.com/advancedprotection/
* https://en.wikipedia.org/wiki/Threat_model
* https://www.usenix.org/system/files/1401_08-12_mickens.pdf
* http://w2spconf.com/2008/papers/s2p1.pdf
* https://www.nytimes.com/2017/06/23/technology/gmail-ads.html
* https://gsuite.google.com
Serious alternatives
* https://countermail.com/ - Countermail
* https://mynigma.org/en/ - Mynigma
* https://www.virtru.com/ - Virtru
Tests & Addons
* https://www.ssllabs.com/ssltest/index.html
* https://emailprivacytester.com/
* https://addons.mozilla.org/en-US/thunderbird/addon/paranoia/
Setup your own Server
* https://mailinabox.email/
* http://www.iredmail.org/
Credits
* [Your provider] By paying for your email service, consumers help support companies that make spam difficult.
@klosnet

This comment has been minimized.

Copy link

commented Sep 3, 2018

Of those three providers, only 1 declined to cooperate with a NSL. Lavabit. He turned over his private TLS Key, however you would have had to logged into lavabit during that short time period for the Feds to capture your password. Your password to log into Lavabit is the password that unlocks your private key and decrypts your inbox server side. So if you didn;t log in during those three days when the feds had the key and before he shutdown the service, your inbox stayed fully encrypted and completely unreadable by anyone, including the Feds.

Protonmail can not be trusted. The fact that they are "based out of switzerland" does not mean ANYTHING. They routinely cooperate with American legal demands. Keep in mind Lavabit was in the US, and they DID NOT cooperate. So basing their operations out of switzerland is deceitful at worst, and ignorant at best.
Protonmail has your private key. They can read the content of your encrypted emails.
Lavabit, on the other hand, does not store your keys used to encrypt your messages and never has access to your plaintext emails.
Tutanota has many advantages. #1 Privacy minded team that does not require identifiable information to sign up, and allows sign ups over TOR. Their email service has NO BRIDGE to enable IMAP or POP which makes it even more secure knowing that no one can steal your login credentials and make a full backup of your inbox simply but logging through Thunderbird or Outlook.
Their mailboxes are fully encrypted, the user has no control over the keys which I personally dislike.
Also, Tutanota strips your IP address out of the email headers, which is nice.

Lavabit is the best, and once their Volcano app is released it will blow these feds --err i mean protonmail -- out of the water

@thwaller

This comment has been minimized.

Copy link

commented Apr 8, 2019

Good work on a detailed comparison between the providers. I think the statements on Tutanota in the Conclusion segment are a bit out of place. You are comparing email service providers that center on privacy, and criticize one for being, in your opinion, overly secure. I think your opinion should be included, but you seem to dismiss Tutanota based on them having higher password standards than you do.

I personally believe that password requirements need to be enforced on users better by service providers. So many people are given a false sense of security by service providers marking the passwords used as secure when in fact they are not, in my opinion. I recently had a conversation with the team behind LastPass. I proposed that the method of the password generator was poor and offered some ideas for change. I was met with a statement summarized as ... it would be a waste of their time to change anything as they believe no one would use the enhanced features anyway. This is very unfortunate and only forces me to either use a different generator or get quite familiar with the button to regenerate until I see something acceptable (example of not having repeated characters in a row).

I would welcome to hear why you think that 18 lowercase characters is secure for someone concerned about privacy as I may not be considering your justification for that. I do not think there is any service provider that can be called 100% private and secure, but there is surely a defined line between those that make the effort and those that do not. Email is after all a service of convenience. One could always use local products to encrypt a message and email the encrypted text, but that is more effort. Each is responsible for their own threat assessment and creation of their personal risk / reward balance.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.