Welcome!

By registering with us, you'll be able to discuss, share and private message with other members of our community.

SignUp Now!

Mathematical

Silver Coder
Hey there.

A while ago, there was a thread circulating this board that was all about digital-privacy. It was mainly just a debate and argument sort of thread in my opinion though, but I feel like creating a thread that we can all discuss the issues of privacy in a civil manner, would be great. Plus, privacy is a hot topic right now, especially with governments and corporations building apps designed to track and detect Covid-19 using a variety of methods and technologies.

Please, I encourage you to talk about all things related to privacy: encryption(Using technologies like GPG to encrypt and hide the contents of files and emails); the Tor network; surveillance devices like security-cameras; location-tracking; privacy-issues with operating-systems; and many other things relating to privacy and security.

I ask that you do not go out of your way to gain advice that could be used to perform illegal activities. While there is very little chances of stopping you, beware that gaining knowledge and advice to have it used in illegal activities not only goes against the law, but also CF's rules( ). I understand that some may have weird tendencies, are an anarchist, or believe in certain things that society generally frowns down upon nowadays. But please, again, do not use any advice or knowledge gained here for illegal activities. Not only will you be putting yourself at risk, you'll also be putting CF at risk of investigation.

Also, please be civil and kind to each other. If things start to escalate a bit, try your best to calm things down. If things do not de-escalate, please contact CF's administration or moderation team to resolve the issue.
 
could be used to perform illegal activities
Any question asked here could be used for this, I wonder where this comes from the encryption is always negative. Like you only encrypt when you're trying to hide something illegal.
Not related to you now, but that was the impulse to bring it up because it seems to be the general opinion.
 
Tealk said:
Any question asked here could be used for this,
Yeah, I am aware of that. I simply posted that statement just to warn people who do come here to gain knowledge and advice for illicit purposes.

Of course, there is also no way of knowing what somebody is going to do with the knowledge they gain, so there is nothing we can really do about them. We can't stop them. The only thing that can be done when suspicions arise is deleting their account and contacting the appropriate authorities in their country. Again, that's when suspicions do begin to arise.

Tealk said:
I wonder where this comes from the encryption is always negative. Like you only encrypt when you're trying to hide something illegal.
Regarding encryption, not everyone uses encryption to hide something illegal. Some use it because there is sensitive information they want to hide until it gets to the recipient(E.g. Secret documents for a project at work). Some use it because they have reached a state of paranoia that can be considered unhealthy. And some use it just because they want to keep themselves protected as well from hackers. There are many valid reasons to use encryption for non-illegal things.

The government and authorities like to put encryption as something bad, as it prevents them from catching criminals. But of course, in the West, they're actively trying to demolish encryption, as to gain backdoors into everyone's system. Why, I really don't know.

But again, encryption has it's good and bad. You would simply need to ask the person what exactly they're using encryption for and then you could end up determining whether this person is going to use it to hide illegal stuff or are simply just going to protect themselves.
 
Just a reminder to everyone participating in this thread. If this thread becomes heated, it will be closed.
 
I think it's a pity that I can't send encrypted mails to almost anyone, PGP is such a nice standard.

I also think it's a pity that so many of the mainstream providers are stuck, there are so many great decentralized options that are much better suited to data protection.
 
I think it's a pity that I can't send encrypted mails to almost anyone, PGP is such a nice standard.

I also think it's a pity that so many of the mainstream providers are stuck, there are so many great decentralized options that are much better suited to data protection.
Well, if we're going to be real, encryption isn't easy to understand and utilities like PGP/GPG aren't easy to work with or use. But of course, this also depends on how good a person is with computers and security. If someone has very little knowledge of computing, then it's going to be extremely difficult to understand encryption or even use the utilities for generating encryption-keys. If someone has a great deal of knowledge about computing and can also know of and understand many security-risks, then depending on how they understand it, shouldn't take them too long to learn about encryption.
 
Well, if we're going to be real, encryption isn't easy to understand and utilities like PGP/GPG aren't easy to work with or use.
Thunderbird and other email clients now have a very easy way to enable PGP.
Mailbox.org has also added a very simple way to activate PGP in the web interface.
I think people just have to want it and not ignore it.
 
Thunderbird and other email clients now have a very easy way to enable PGP.
Mailbox.org has also added a very simple way to activate PGP in the web interface.
I think people just have to want it and not ignore it.
Well, for starters, I never actually knew that Thunderbird had a way to enable PGP/GPG, so thanks for pointing that out. Now I just need to find a decent provider that allows encryption and also respects your privacy.

Regarding people in general, we do need to remember that not many are aware of what's happening with their data and how much of it is being collected. Which is a real darn shame. It's up to people like myself and you, and more notable and famous people like Assange and Snowden, to reveal the truth and spread word about what's happening with your data. The more we do that, then the more that people will utilize encryption, and then the more the governments will try to demolish encryption.
 
Well, for starters, I never actually knew that Thunderbird had a way to enable PGP/GPG, so thanks for pointing that out.
Check out the Enigma add-on.

Now I just need to find a decent provider that allows encryption and also respects your privacy.
If you're willing to spend money:
These here are donation funds:

Unfortunately one often encounters deaf ears or they do not care as long as the service is easy to handle.
 
I think the issue that we need to remember with any service that claims to "respect" your privacy, is that we can never truly trust it. Paid or free to use, they can never be trusted. To trust them, we need to look at where they're located, their history and previous practices, and the reviews about them too.

We know for a fact that a service based in a European country like Germany or Switzerland, are generally much more trustworthy than a service based in the US, UK, or any other country that's part of the Five-Eyes alliance.

But then again, what about the security of these services? Do they say whether they write the underlying technology that powers their service in a language that is known for poor security?(JS or PHP. Note that Tutanota is written in JS and yet people somehow still trust that). Does the service allow encryption of content that is sent over networks, as a way of providing protection against the data sent? Is the code open-source, so that outsiders who don't work for the service itself, are allowed to help with checking for security-issues? You can't just look at what the service claims to offer and you most certainly cannot put 100% of your trust into it. Because at anytime at any moment, the service could easily be broken into by a hacker or the authorities could be granted a search-warrant as a way to look through the data of tens, hundreds, thousands, and maybe even millions of data. Or maybe the company that provides the service is actually giving you poison, as a way to make you think that they claim to be "secure" and "privacy-friendly" but in reality, they aren't. They still share data with advertisers, corporations, and even the government themselves.
 
I only know that the providers are recommended by all German data protection bloggers. One of them, Kuketz, is even the data protection commissioner of NRW.
 
Last edited:
@Tealk.

Disroot seems to offer an email service, so I'm considering to use that for my communication via email. Would you say that I should use Disroot? People on Reddit seem to recommend it; it supports Thunderbird; and I believe that it does have support for PGP/GPG.

Please get back to me soon on this, as I'd love to hear your thoughts on the service. I really don't want to pay for encrypted email, when I can use PGP/GPG to encrypt my email, which is entirely free and open-source.
 
Disroot seems to offer an email service... it supports Thunderbird
All my services linked above support Thunderbird and offer an e-mail service. Otherwise I would not have posted them

and I believe that it does have support for PGP/GPG.
If their server supports PGP I can't say that I don't use it myself, I'm at Mailbox.org. These have, for example, the incoming mail encryption I mentioned above. You can also open your own domain there, which was also important to me.
I use a separate e-mail for each service e.g. amazon@ ebay@...


So I like to pay for a service, that gives in my eyes more security that the service will run longer.

Here is some information about the services, it is in German but I think a translator can help you.
 
@Tealk.

Thanks for linking to that article. The article seems to shed Disroot in good light, so I assume it can be somewhat trusted(I use "somewhat", as at any point, the service could easily just start giving away data to advertisers, corporations, and the government at anytime).

I think I might go ahead with Disroot, but regarding this statement that you made:
Tealk said:
So I like to pay for a service, that gives in my eyes more security that the service will run longer.
I'm fine with you paying for a service, because that's your choice. I myself, wouldn't really want to, in the case that something bad happens with my banking information.

But in regards to the service running for a longer period of time, should I be worried in the case that Disroot does shut-down? I mean, it's run by volunteers, who rely on donations and their own pocket-change, to keep the service running. Those volunteers can easily leave and give-up and so the less volunteers that are on, the closer the service gets to being closed down.

The good thing about Disroot, is that it's decentralized, which is a good thing, because you then know that it's not always going to be ran and have your data stored in the same place for a long time. But then again, it's ran by volunteers and relies on donations to keep going. Then you have the centralized services, like Tutanota and ProtonMail, who both claim to respect your privacy and also claim to be "secure". Both support encryption, yet Tutanota is written entirely in JS(Which has many security-flaws), and for ProtonMail: I need to download an entirely separate application just to connect my email to Thunderbird; and if I wanted to make a ProtonMail account over Tor, it re-directs me to Proton's Clear-Net site and asks me to fill out personal-information to be verified, or to perform a Google ReCaptcha. Talk about "privacy-respecting" now, eh? I take it that I'm better off with going for something like Disroot, if I: Want a decentralized service, that connects to Thunderbird without an extra application needing to be downloaded; want a service that respects my privacy without the need to fill-out my own personal-details or a ReCaptcha during sign-up; and a service that supports PGP/GPG encryption, without needing to use a confusing interface to set-up(I don't know if the interfaces for encryption on ProtonMail or Tutanota are confusing to set-up, but I mean, you get the idea. Some interfaces on on some services can be clunky to use).
 
I'm fine with you paying for a service, because that's your choice. I myself, wouldn't really want to, in the case that something bad happens with my banking information.
So you never order anything online?

in the case that something bad happens with my banking information.
Mailbox.org offers many payment options where you do not have to deposit a bank account.
Here is the list:
1589275529200.png

But in regards to the service running for a longer period of time, should I be worried in the case that Disroot does shut-down? I mean, it's run by volunteers, who rely on donations and their own pocket-change, to keep the service running. Those volunteers can easily leave and give-up and so the less volunteers that are on, the closer the service gets to being closed down.
this is the reason why i prefer to use a pay service, and one euro per month is not really expensive.

Tutanota and ProtonMail
Apart from the fact that these services only encrypt internally, you cannot send encrypted mail (unless you use thunderbird or other extensions) to other mail providers.


what makes you think that disroot is decentralized?
I wouldn't know how to run a decentralized mail server.
In the text I linked it says that the group is interested in decentralization and open source, not that they run their mail server decentralized.
 
Tealk said:
So you never order anything online?
Oh no, I do order things online. But, it's only through trusted retailers that I do so. Plus, most things that I order are really just books and so I order them from a trusted bookshop in my country.

Tealk said:
what makes you think that disroot is decentralized?
I wouldn't know how to run a decentralized mail server.
In the text I linked it says that the group is interested in decentralization and open source, not that they run their mail server decentralized.
Ah, I must of misread it as saying that it is decentralized. Well at the very least, aiming for decentralization and looking into how it can be done, is a good thing, isn't it?
 
Decentralization only works for individual servers for a service, such as Mastodon or similar.
However, all data from the users of the instance is still located on this one instance.

The only advantage is that not all users are on one instance, like Facebook or Twitter, so the data is distributed (decentralized) and not so easy to use for something the user doesn't want.

Mail has always been decentralized, because there are many providers that use the same system.

I am very convinced of Mailbox.org, the company boss himself called me once to solve a problem together with me. I think that shows the commitment.
 
Tealk said:
Mail has always been decentralized, because there are many providers that use the same system.
So, if Disroot works to decentralize itself, it won't make much of a difference for it's email service, because...Well, as you said, email is already decentralized due to all of the different providers working under the same system and format.

Tealk said:
Decentralization only works for individual servers for a service, such as Mastodon or similar. However, all data from the users of the instance is still located on this one instance.
Ah, okay. So let's say if I have a Mastodon account, all of my data on the instance that I'm a part of, stays on that instance, correct?

Tealk said:
I am very convinced of Mailbox.org, the company boss himself called me once to solve a problem together with me. I think that shows the commitment.
Insert X to doubt meme here.
Sorry, don't take any offense to this. I just find that very hard to believe.
 

New Threads

Latest posts

Buy us a coffee!

Back
Top Bottom