I just learned of this one:

https://tutanota.com/blog/posts/desktop-clients/

Secure desktop clients for Linux, Windows and Mac OS (Beta).

Tutanota is an encrypted email service, available as web client
with open source apps for Android and iOS. We invite you all to
test our brand-new open source desktop clients with built-in
encryption.

2018-12-21

- - -

The article is a bit dated, but has anyone here tried tutanota?


--- OpenXP 5.0.49
* Origin: (} Pointy McPointface (618:250/1.9)

Re: another encrypted email solution
By: August Abolins to All on Wed Apr 14 2021 09:28 pm

I just learned of this one:

https://tutanota.com/blog/posts/desktop-clients/

Secure desktop clients for Linux, Windows and Mac OS (Beta).

Tutanota is an encrypted email service, available as web client
with open source apps for Android and iOS. We invite you all to
test our brand-new open source desktop clients with built-in
encryption.

2018-12-21

- - -

The article is a bit dated, but has anyone here tried tutanota?

I have a Tutanota account, which I created back in the day when they allowed it to be created anonymously over Tor. It is getting increasingly hard to create anonymous accounts in communication services.

They work ok. I think their non-web clients don't support Tor, which is a big drawback.

Currently I am using Startmail as my main provider. THey support OpenPGP encryption server side, so you have to trust their service if you want to use it (or run your own OpenPGP client side). The cool features they provide, however, is that they allow the creation of unlimited disposable addresses - which you can create for registering to disreputable websites) and simple message encryption for mere mortals. I like this one.

Basically you can encrypt any message to anybody using a password or a security question, then send it. When the recipient opens it, they get redirected to Startmail's website where they can read the message using the password or security answer. What this means is that you can send somehow-secure messages to computer illiterate people as long as you care to give them the password offband. They can also use the service to send you encrypted responses without the need to install a thing.

I can send you a testing email for you to try it if you want.

--
gopher://gopher.richardfalken.com/1/richardfalken
--- SBBSecho 3.14-Linux
* Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (618:250/24)

Hello Arelor!

** On Thursday 15.04.21 - 03:36, Arelor wrote to August Abolins:

https://tutanota.com/blog/posts/desktop-clients/

I have a Tutanota account, which I created back in the day
when they allowed it to be created anonymously over Tor. It
is getting increasingly hard to createanonymous accounts in
communication services.

Good ol' Tor.

Basically you can encrypt any message to anybody using a
password or a security question, then send it. When the
recipient opens it, they get redirected to Startmail's
website where they can read the message using the password
or security answer.

Sounds like how Protonmail works. I have a Protonmail email
account too, but no one to play with. :(

Tutanota seems a little different because it offers a desktop
app to operate and is not just limited to a webby interface like
Protonmail, for the desktop. But I like the idea of
"portability" with using the webby interface when I am at
another pc.

What this means is that you can send somehow-secure messages
to computer illiterate people as long as you care to give
them the password offband. They can also use the service to
send you encrypted responses without the need to install a
thing.

But it is still a bit too easy for the computer illiterate
people to accidentally disclose content.

This article has a nice comparison chart across the different
comms programs.

https://protonmail.com/blog/whatsapp-alternatives

I can send you a testing email for you to try it if you want.

No need. I think our PGP/GPG solution is quite good.

--
../|ug

--- OpenXP 5.0.49
* Origin: (} Pointy McPointface (618:250/1.9)

Re: another encrypted email solution
By: August Abolins to Arelor on Thu Apr 15 2021 10:03 am

What this means is that you can send somehow-secure messages
to computer illiterate people as long as you care to give
them the password offband. They can also use the service to
send you encrypted responses without the need to install a
thing.

But it is still a bit too easy for the computer illiterate
people to accidentally disclose content.

Yeah, sure. I am afraid there is no fixing stupid. No software can fix dumb users.

I use OpenPGP directly when possible, but sometimes you want to deliver somethng over a channel that is safer than ordinary. It is nice to have the option of delivering encrypted content without having to explain to the recipient how to run OpenPGP, specially because they will tell you to get lost if you try, but won't if you tell them to decode the message using a password.

--
gopher://gopher.richardfalken.com/1/richardfalken
--- SBBSecho 3.14-Linux
* Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (618:250/24)

Hello Arelor!

** On Thursday 15.04.21 - 03:36, Arelor wrote to me:

I have a Tutanota account, which I created back in the day
when they allowed it to be created anonymously over Tor. It
is getting increasingly hard to create anonymous accounts in
communication services.

I was reading up a bit more on their system, and they claim to
strip the IP address from the emails. So, even if you couldn't
use Tor, you could still trust Tutanota wrt the IP stripping?

They work ok. I think their non-web clients don't support
Tor, which is a big drawback.

I would have liked something like for my Blackberry, but the app
fails to install. I had Protonmail work fine though, but one of
the last GooglePlay upgrates installed a new version and that
broke Protonmail.

Currently I am using Startmail as my main provider. THey
support OpenPGP encryption server side, so you have to trust
their service if you want to use it (or run your own OpenPGP
client side).

Even at $60/yr, I think it's too much - for me. Ah.. but you
dabble in the dark areas of the web, so maybe some extra
assurances are good.

The cool features they provide, however, is that they allow
the creation of unlimited disposable addresses - which you
can create for registering to disreputable websites) and
simple message encryption for mere mortals. I like this one.

Do you use the disposable emails a lot? I would rather stay
away from dubious websites in the first place.

Basically you can encrypt any message to anybody using a
password or a security question, then send it. ..

..They can also use the service to send you encrypted
responses without the need to install a thing.

Protonmail works the same way. The only drawback I find is that
it requires a live connection to edit a reply. I think an
offline option is much better. I like my Thunderbird + pgp/gpg
solution, but the only drawback is that I can only use that
primarily from one pc.

I can send you a testing email for you to try it if you want.

On second thought, sure.. likewise, I'll send you a protonmail
message so that you have my email on file, if you like. The
only challenge might be creating the password so that you can
"figure it out". I'll see what I can do.

--
../|ug

--- OpenXP 5.0.49
* Origin: my little micronet point (618:510/1.1)

Hello Arelor!

I use OpenPGP directly when possible, but sometimes you want
to deliver somethng over a channel that is safer than
ordinary. It is nice to have the option of delivering
encrypted content without having to explain to the recipient
how to run OpenPGP, specially because they will tell you to
get lost if you try, but won't if you tell them to decode
the message using a password.

The only problem with the password method is communicating that
password in a reasonably secure way.

A live phone call (no recorded messages) is one way, but time
zones could be an impediment.

One cool way would be to reference a page number of a book in
common and then use something like "the first 3 words of
paragraph 2 on page 123."
--
../|ug

--- OpenXP 5.0.49
* Origin: (} Pointy McPointface (618:250/1.9)

Re: another encrypted email solution
By: August Abolins to Arelor on Thu Apr 15 2021 05:33 pm

I have a Tutanota account, which I created back in the day
when they allowed it to be created anonymously over Tor. It
is getting increasingly hard to create anonymous accounts in communication services.

I was reading up a bit more on their system, and they claim to
strip the IP address from the emails. So, even if you couldn't
use Tor, you could still trust Tutanota wrt the IP stripping?

Even if you trust the email provider, there are reasons to tunnel your connection trhough Tor for certain things. For example, for bypassing ISP censorship. The Internet connection offered by inter-city Spanish buses, for example, blocks a lot of websites and services, so in order to access them you have to bypass their firewall using Tor or an VPN.

I don't use disposable addresses _that much_ but I do use them _some_. It is a very nice feature to have, specially because free disposable email addresses are in lots of blacklists. It is hard to use Guerrilla Mail or 10 Minute Mail for a lot of things nowadays.

I agree Startmail is a bit pricey compared to alternatives. I made an account back in the day because I like what they are trying to do and they are very transparent about their service architecture. They offer a document explaining how they have it set up. As a bonus point, you can access your mailboxes using standard protocols (something Tutanota, and afaikl Protonmail, fail to do).

They have a 7 days trial period. And if you get invited by an existing user you get 50% off the first year I think.

BTW, you just don't use clearnet services from clearnet endpoints when doing darknet stuff. It is just not done. It defeats the point.

You are welcome to send me a shared secret (aka stupid password) over email/openpgp, so we can start exchanging protonmail/secured, lockbin/secured and startmail/secured messages for testing.

--
gopher://gopher.richardfalken.com/1/richardfalken
--- SBBSecho 3.14-Linux
* Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (618:250/24)

Re: another encrypted email solution
By: August Abolins to Arelor on Thu Apr 15 2021 08:34 pm

Hello Arelor!

I use OpenPGP directly when possible, but sometimes you want
to deliver somethng over a channel that is safer than
ordinary. It is nice to have the option of delivering
encrypted content without having to explain to the recipient
how to run OpenPGP, specially because they will tell you to
get lost if you try, but won't if you tell them to decode
the message using a password.

The only problem with the password method is communicating that
password in a reasonably secure way.

A live phone call (no recorded messages) is one way, but time
zones could be an impediment.

One cool way would be to reference a page number of a book in
common and then use something like "the first 3 words of
paragraph 2 on page 123."
--
../|ug

I usually just give them a business card with a password writen in the back of it. People gets that idea very easily. Specially if they are dealing with stuff they care about. A lot of people won't go to the trouble of setting PGP for receiving reports or whatever, but will like the idea of having them delivered over a secure channel.

--
gopher://gopher.richardfalken.com/1/richardfalken
--- SBBSecho 3.14-Linux
* Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (618:250/24)

Hello Arelor!

** On Friday 16.04.21 - 03:07, Arelor wrote to August Abolins:

..The Internet connection offered by inter-city Spanish
buses, for example, blocks a lot of websites and services,
so in order to access them you have to bypass their firewall
using Tor or an VPN.

I don't blame them (the buses)! ;) If I were to operate an open
wifi in my shop, I would limit it to just view my catalogue or a
local copy of my website.

You are welcome to send me a shared secret (aka stupid
password) over email/openpgp, so we can start exchanging protonmail/secured, lockbin/secured and startmail/secured
messages for testing.

I sent 2 via protonmail about 8 hrs ago. One should arrive in
the clear, and a second one requires you to solve the puzzle in
the hint.
--
../|ug

--- OpenXP 5.0.49
* Origin: (} Pointy McPointface (618:250/1.9)

Hello Arelor!

** On Friday 16.04.21 - 03:10, you wrote to me:

One cool way would be to reference a page number of a book
in common and then use something like "the first 3 words of
paragraph 2 on page 123."

I usually just give them a business card with a password
writen in the back of it. People gets that idea very easily.

Good idea. That's fine when you can meet the people in person.
But I am talking about a situation when you are dealing with
people you are never likely to meet and where email exchange is
the primary form of comms.

Specially if they are dealing with stuff they care about. A
lot of people won't go to the trouble of setting PGP for
receiving reports or whatever, but will like the idea of
having them delivered over a secure channel.

One thing I hate doing is calling people when their special
order's are in. I'd rather have a BBS that they can log into
and check status. <g>

When I call, most of the time the "local" calls are long-
distance due to people using cell-phones as their primary
phones. Some people have v-mail some do not. Some with v-mail
claim that they never received the messages. Most seem to have
lousy reception and delay. Some numbers that people give me are
wrong.

--
../|ug

--- OpenXP 5.0.49
* Origin: (} Pointy McPointface (618:250/1.9)

Re: another encrypted email solution
By: August Abolins to Arelor on Fri Apr 16 2021 08:53 am

One thing I hate doing is calling people when their special
order's are in. I'd rather have a BBS that they can log into
and check status. <g>

When I call, most of the time the "local" calls are long-
distance due to people using cell-phones as their primary
phones. Some people have v-mail some do not. Some with v-mail
claim that they never received the messages. Most seem to have
lousy reception and delay. Some numbers that people give me are
wrong.

Funny enough, I usually don't have that problem. But then I usually bill special orders in advance, so it is in their best interest to pay attention.

In the end of the day, I try to phone once in the morning, once in the afternoon, and if that does not work I send an email. If after all that trouble they can't bother to contact me I write that off as their problem.


--
gopher://gopher.richardfalken.com/1/richardfalken
--- SBBSecho 3.14-Linux
* Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (618:250/24)

Hello Arelor!

** On Friday 16.04.21 - 13:31, you wrote to me:

..I usually don't have that problem. But then I usually bill
special orders in advance, so it is in their best interest
to pay attention.

Advance payment is something that the shop has traditionally not
done. Most of the time, the locals would be honourable and
commit to their requests and pay upon receipt of merchandise.

But I am guessing that in light of people getting more and more
familiar with ordering online at the place that starts with A
and the place that starts with I, and maybe even other online
books shops, they probably change their mind on the initial
special-order with me when they can get a lower price elsewhere.

I ought to at least insist on a non-fundable deposit or
something.

In the end of the day, I try to phone once in the morning,
once in the afternoon, and if that does not work I send an
email. If after all that trouble they can't bother to
contact me I write that off as their problem.

I just hate using the phone - period.

I'm also not happy with the model that I have.
--
../|ug

--- OpenXP 5.0.49
* Origin: (} Pointy McPointface (618:250/1.9)

Re: another encrypted email solution
By: August Abolins to Arelor on Sat Apr 17 2021 09:33 pm

In the end of the day, I try to phone once in the morning,
once in the afternoon, and if that does not work I send an
email. If after all that trouble they can't bother to
contact me I write that off as their problem.

I just hate using the phone - period.

I'm also not happy with the model that I have.

I hate phoning people because I hate most people. Customers get a pass because I am getting their
money :-)

I don't have much trouble with dishonorable customers, but sometimes the customer makes the order
and then gets run over by a car... that means they don't pick the order until they leave the
hospital (for example). With the COVID thing going on, I have had a bunch of customers place an
order and then being thrown into lockdown because they got the virus. I can't really afford to have
unpaid wares gathering dust in the delivery cabinet for a month :-)

--
gopher://gopher.richardfalken.com/1/richardfalken
--- SBBSecho 3.14-Linux
* Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (618:250/24)

Hello Arelor!

** On Sunday 18.04.21 - 17:46, you wrote to me:

I just hate using the phone - period.

I'm also not happy with the model that I have.

I hate phoning people because I hate most people. Customers
get a pass because I am getting their money :-)

My solution would be to ask for a deposit or full payment. As it
sits now, I'd rather throw out the orders and just record them
as losses as I continue this slow retail death. Surprisingly,
some people from even ordering something 3 months ago appreciate
the reminder. But the lockdown restrictions are confusing people
as they are lead to believe that books are not essential and
therefore they are not allowed to leave their homes for that or
they might be caught and fined by the police. :(

I don't have much trouble with dishonorable customers, but
sometimes the customer makes the order and then gets run
over by a car... that means they don't pick the order until
they leave the hospital (for example).

Yes..I've heard several "detained in hospital" stories too.

With the COVID thing going on, I have had a bunch of
customers place an order and then being thrown into lockdown
because they got the virus. I can't really afford to have
unpaid wares gathering dust in the delivery cabinet for a
month :-)

Can you make the deliveries yourself?

Apparently, a lot of businesses here claim that's what is
sustaining them - it keeps the customer happy and prepared to
order again.

BTW.. one of your emails from @startmail did not decrypt. (I
sent you a screenshot of the problem.) I was able to integrate
your PGP key into the ProtonMail system. Test messages between
my @kolico and @protonmail addresses works well.

I did not think that I could use ProtonMail with external PGP
keys! But it's nice to know that it can be done.
--
../|ug

--- OpenXP 5.0.49
* Origin: (} Pointy McPointface (618:250/1.9)

Re: another encrypted email solution
By: August Abolins to Arelor on Tue Apr 20 2021 09:21 am

With the COVID thing going on, I have had a bunch of
customers place an order and then being thrown into lockdown
because they got the virus. I can't really afford to have
unpaid wares gathering dust in the delivery cabinet for a
month :-)

Can you make the deliveries yourself?

Apparently, a lot of businesses here claim that's what is
sustaining them - it keeps the customer happy and prepared to
order again.

Mine is mostly an online and delivery store at this point. However, if people places an order and wants to pick it up at a delivery point in order to save the delivery fees, then they get no delivery done unless the order was elegible for free delivery anyway or the customer is well known.

--
gopher://gopher.richardfalken.com/1/richardfalken
--- SBBSecho 3.14-Linux
* Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (618:250/24)