Add great open source email services like Tutanota and ProtonMail

[privacytoolsIO]

Tutanota Website: https://tutanota.com/ GitHub Link: https://github.com/tutao/tutanota/

ProtonMail Website: https://protonmail.ch/ GitHub Link: https://github.com/ProtonMail/WebClient Blog Post: https://blog.protonmail.ch/protonmail-open-source/

What do you think?

[vyp]

There is #1204, but it hasn't got much attention. My opinion for protonmail is that I don't see much advantage with doing crypto with the browser javascript instead of just "learning pgp" as Lischka says in #1204. (I don't think there's any current email recommendations on prism break that do crypto in the client browser, but I haven't checked everything.)

It's not just that I think there's no advantage, I think it's just more 'fragile', because browsers are a "complex ecosystem" with multiple js engines across the major browsers, different quirks, api support and all that. So I personally wouldn't recommend protonmail. And it looks like tutanota does client side js crypto as well?

Do you or anyone else think my view of javascript is wrong or inapplicable now? Also, I think cryptocat, which is on prism break, also does client side javascript encryption, so my opinion doesn't necessarily mean prism break outright rejects programs which use client side javascript for cryptography.

[privacytoolsIO]

Both email services are great alternatives to Gmail and are easy to use. I could teach my parents(no computer experts) how to switch from Gmail to Tutanota but not to learn pgp.

[vyp]

Actually, that's a good point. Yes, I do think using tutanota would better than using gmail, and that trying to non-computer-experts to use pgp can be close to impossible (or at least, just understanding how it works and why you would want it). And non-computer-experts are definitely the target audience for prism break, or at least that's what I think.

Perhaps I was worrying too much. @Zegnat do you have an opinion on this? I think, as long as the keys are kept locally (are they?), tutanota at least could be worth a suggestion on the site, as another "email account" service. Because there's only 3 in this section for now anyway.

And one possible point of issue for tutanota could be that they do not seem to provide non-app store downloads for the android application, which I know is a point of issue for textsecure. However, they do provide build instructions right in the readme of their github repository, which is quite promising. Especially for submitting to f-droid if it has to come to that. But this shouldn't keep it off the list entirely anyway, because it's mainly just a web service which you can use using your device's browser instead.

[Zegnat]

As @vyp has invoked my name I will give my 2¢.

The big problem with a lot of these services is that they are only easy when everyone uses them. If you use Tutanota and I am on ProtonMail, most of the ease-of-use goes out of the window. The argument of “just use the Tutanota webmail instead of the Gmail one” goes out of the Window really quickly. You still need to teach non-technical people how to use the encryption option in the webmail, and how to best tell the recipient of the password they set. You might as well set-up a PGP program that automatically encrypts all emails you have a key for, which most of them support.

Tutanota and ProtonMail work a bit like silos. As an example, @privacytoolsIO, if you use either of them, could you give me your public key so I can send you an encrypted message? You probably can’t. Unless you are communicating within these small little ecosystems they offer almost no additional security over any other email service.

After a little digging it seems that Tutanota is not opposed to sharing their users public keys (yeay!), but they have not documented the API the web interface seems to use (boo!), and the “intermail” initiative they started to connect all these different encrypted mail services together seems pretty dead (boo!).

At this point, my problem is not so much with the encryption used (although I couldn’t find any white paper from either of them to look at what they are actually doing and am short on time to dig through the code they open-sourced) but with how hugely dependent you become on their services. There is no way to move out of Tutanota when you have started using them, all the public keys are stored in the proprietary parts of their service. There are no open source add-ons for different email clients or platforms. The list goes on.

(All of that is of course at the highest possible cynicism rating, and things might not be that bad at all, they are just me blowing up little things that I personally do not like.)

And one possible point of issue for tutanota could be that they do not seem to provide non-app store downloads for the android application, which I know is a point of issue for textsecure.

No, the problem with TextSecure is that they make use of APIs only available when Google Services are installed on Android. This meant it was impossible to run it on any of the higher recommended Android forks. If you don’t need any Google services for Tutanota to run, there is no reason to disqualify the app.

[vyp]

@Zegnat Thanks for taking the time to look into this and respond. :)

But I don't understand, why would they not want their users to have easy access to their public keys? Email is supposed to be decentralised like that, if their web browser client can only interact with tutanota addresses, then that goes beyond my intuition honestly. Shouldn't they just be able to "do pgp" in the browser, hence not being tied down to just tutanota? I guess, you're saying they have just chosen not to do that?

In that case, you may as well just use any other service (or host your own if you can) and use pgp with it. As Zegnat says, non-computer experts would have to have something setup for them that automatically handles the pgp things. But then this would be the case for tutanota too then, if the user wishes to communicate with someone not on tutanota, which is obviously highly likely.

Am I seeing this right @privacytoolsIO?

No, the problem with TextSecure is that they make use of APIs only available when Google Services are installed on Android.

Good catch, my bad. Thanks.

[privacytoolsIO]

You all make good points but seem to ignore the current problem on prism-break.org: The only recommended email account providers are

Autistici/Inventati Proprietary, for activists only on request (my request got rejected btw) and got it's servers seized in the past: http://www.autistici.org/ai/crackdown/

Riseup Proprietary, US based and got it's server seized: https://www.eff.org/de/deeplinks/2012/04/may-firstriseup-server-seizure-fbi-overreaches-yet-again

Kolab Now: Proprietary and expensive.

So if you ask me Tutanota and ProtonMail look pretty good compared to the current recommendations.

[Zegnat]

But I don't understand, why would they not want their users to have easy access to their public keys?

Maybe they want to give you access and simply haven’t yet. I don’t know. For these systems to transparently encrypt things for non-technical people they have abstracted all key management to the background.

When Alice sends Bob an email, both on Tutanota, Alice’s client will transparently grab Bob’s public key from the Tutanota API and encrypt before sending. But say Alice is not a Tutanota user, this means Alice’s client has no idea how to get Bob’s public key. Even if Alice got the key from Bob, her client still wouldn’t know how to encrypt something according to Tutanota’s encryption scheme.

Shouldn't they just be able to "do pgp" in the browser, hence not being tied down to just tutanota? I guess, you're saying they have just chosen not to do that?

Both Tutanota and ProtonMail have chosen not to use GPG/PGP. They instead use their own internal system, which again makes it so only emails within their user base is encrypted. (Note that the system is their own, but they use established AES encryption and are smart enough not to roll their own thing.)

So if you ask me Tutanota and ProtonMail look pretty good compared to the current recommendations.

Governments have come down on A/I and Riseup, and yet both are still actively used. This is because they have – over time – proven themselves to be pretty resilient and take privacy extremely serious. They log nigh to nothing about their users, and emails are stored encrypted.

Kolab Now is just as proprietary as Tutanota and ProtonMail. All of these three use an open-source webmail (GUI, so you will) while keeping their server structure to themselves. In the case of Tutanota (and possibly other such services) this is even more damning than with Kolab Now. I can use imapsync to copy all my emails from Kolab Now to a different server and run my own GUI. I could try to do the same with Tutanota but all the encryption (public) keys are stored in their proprietary service and can never be decentralised.

My issue is not so much with them not looking “pretty good”, but with the fact that the average users (mom and dad) @privacytoolsIO wants to get onboard with this might think the encryption is doing more for them than it is really doing. But email to and from colleagues are still not protected and their privacy-conscious son using Thunderbird on Linux still can’t send them encrypted messages.

The other issue I have with them is that things become less decentralised. These services are terrible at communicating with each other. Again, see the now-dead Intermail initiative. ProtonMail didn’t even want to join in with Tutanota to get their users securely talking with each other. Let alone with smaller email providers.

If either of these was truly open-source and would allow me to set-up my own node: I am sold. For now? Not so much.

Maybe some Tutanota / ProtonMail user could comment on how they believe they are making email as a whole more private? For themselves and others.

[alerque]

I concur completely with what @Zegnat is noting as issues with these services. Sadly the upshot of the whole thing is that email as a medium just sucks and there is no easy way to fix it that can be whole heartedly recommended here. But that shouldn't push us to recommend something that is may seem shinny now but that we know will cause headaches down the road. These services are walled gardens and I would not be comfortable adding them to the recommendation list.

[jinformatique]

I agree with @alerque, that's why I'm impatient to see a stable release of MailPile and CaliOpen hit the web. This way I can teach my parents to use it. And am sure I won't have the silos problem as discussed previously.

[Zegnat]

Putting this here as a note to future discussion, randomly stumbled onto this.

• Tutanota Encrypted Email service - Malleable Ciphertext (AES-CBC with no MAC), by Scott Arciszewski from audit firm Paragon Initiative Enterprises.

[lukateras]

Tutanota's iOS and Android apps are proprietary: https://tutanota.com Also, mentioned by @Zegnat, their key servers seem to be proprietary. ProtonMail's phone apps are proprietary.

Riseup is not proprietary, as long as you don't treat private keys and configs as software. They only use free software, and they are public in what particular implementation they use for each service. See https://0xacab.org/riseup and https://0xacab.org/riseuplabs.

Same with Kolab Now, backend is free software. I'm only not sure about Autistici/Inventati.

[lukateras]

This issue should be resolved similarly to #1075: both ProtonMail and Tutanota freed their web clients (but not Android and iOS clients), but using them in practice requires proprietary server component that can't be self-hosted.

This also seems to be consesus in this thread.