Had a conversation with someone a little while ago. I opened my email app (TutaNota) and he asked what the hell that email thingy was. Explained the encrypted/privacy reasons.

"Why would you encrypt everything?"

Because I have stuff to hide. Do you?

"Nahh I just use outlook, I have nothing to hide".

Told him to email me all his usernames/passwords, bank statements, porn preferences, emails, messages etc etc.

"But that's private data!".

Exactly.

"But I thought you meant like crime/illegal stuffs etc"

Nope. I just asked if you had anything to hide, you interpreted that as having anything non-lawfully to hide. I never even asked anything in relation to non-lawful stuff.

Because, having something to hide doesn't mean it's criminal/illegal, it means you'd like to keep that stuff private.

Tutanota (encrypted email service) has a newly designed interface.

I usually don't give a crap about design.

It's so beautiful 😍

I think I'm in love 😱

I'm trying to sign up for insurance benefits at work.

Step 1: Trying to find the website link -- it's non-existent. I don't know where I found it, but I saved it in keepassxc so I wouldn't have to search again. Time wasted: 30 minutes.

Step 2: Trying to log in. Ostensibly, this uses my work account. It does not. Time wasted: 10 minutes.

Step 3: Creating an account. Username and Password requirements are stupid, and the page doesn't show all of them. The username must be /[A-Za-z0-9]{8,60}/. The maximum password length is VARCHAR(20), and must include upper/lower case, number, special symbol, etc. and cannot include "password", repeated charcters, your username, etc. There is also a (required!) hint with /[A-Za-z0-9 ]{8,60}/ validation. Want to type a sentence? better not use any punctuation!

I find it hilarious that both my username and password hint can be three times longer than my actual password -- and can contain the password. Such brilliant security.

My typical username is less than 8 characters. All of my typical password formats are >25 characters. Trying to figure out memorable credentials and figuring out the hidden complexity/validation requirements for all of these and the hint... Time wasted: 30 minutes.

Step 4: Post-login. The website, post-login, does not work in firefox. I assumed it was one of my many ad/tracker/header/etc. blockers, and systematically disabled every one of them. After enabling ad and tracker networks, more and more of the site loaded, but it always failed. After disabling bloody everything, the site still refused to work. Why? It was fetching deeply-nested markup, plus styling and javascript, encoded in xml, via api. And that xml wasn't valid xml (missing root element). The failure wasn't due to blocking a vitally-important ad or tracker (as apparently they're all vital and the site chain-loads them off one another before loading content), it's due to shoddy development and lack of testing. Matches the rest of the site perfectly. Anyway, I eventually managed to get the site to load in Safari, of all browsers, on a different computer. Time wasted: 40 minutes.

Step 5: Contact info. After getting the site to work, I clicked the [Enroll] button. "Please allow about 10 minutes to enroll," it says. I'm up to an hour and 50 minutes by now. The first thing it asks for is contact info, such as email, phone, address, etc. It gives me a warning next to phone, saying I'm not set up for notifications yet. I think that's great. I select "change" next to the email, and try to give it my work email. There are two "preferred" radio buttons, one next to "Work email," one next to "Personal email" -- but there is only one textbox. Fine, I select the "Work" preferred button, sign up for a faux-personal tutanota email for work, and type it in. The site complains that I selected "Work" but only entered a personal email. Seriously serious. Out of curiosity, I select the "change" next to the phone number, and see that it gives me four options (home, work, cell, personal?), but only one set of inputs -- next to personal. Yep. That's amazing. Time spent: 10 minutes.

Step 6: Ranting. I started going through the benefits, realized it would take an hour+ to add dependents, research the various options, pick which benefits I want, etc. I'm already up to two hours by now, so instead I decided to stop and rant about how ridiculous this entire thing is. While typing this up, the site (unsurprisingly) automatically logged me out. Fine, I'll just log in again... and get an error saying my credentials are invalid. Okay... I very carefully type them in again. error: invalid credentials. sajfkasdjf.

Step 7 is going to be: Try to figure out how to log in again. Ugh.

"Please allow about 10 minutes" it said. Where's that facepalm emoji?

But like, seriously. How does someone even build a website THIS bad?

What I'm posting here is my 'manifesto'/the things I stand for. You may like it, you may hate it, you may comment but this is what I stand for.

What are the basic principles of life? one of them is sharing, so why stop at software/computers?
I think we should share our software, make it better together and don't put restrictions onto it. Everyone should be able to contribute their part and we should make it better together. Of course, we have to make money but I think that there is a very good way in making money through OSS.

Next to that, since the Snowden releases from 2013, it has come clear that the NSA (and other intelligence agencies) will try everything to get into anyone's messages, devices, systems and so on. That's simply NOT okay.
Our devices should be OUR devices. No agency should be allowed to warrantless bypass our systems/messages security/encryptions for the sake of whatever 'national security' bullshit. Even a former NSA semi-director traveled to the UK to oppose mass surveillance/mass govt. hacking because he, himself, said that it doesn't work.

We should be able to communicate freely without spying. Without the feeling that we are being watched. Too badly, the intelligence agencies of today do not want us to do this and this is why mass surveillance/gag orders (companies having to reveal their users' information without being allowed to alert their users about this) are in place but I think that this is absolutely wrong. When we use end to end encrypted communications, we simply defend ourselves against this non-ethical form of spying.
I'm a heavy Signal (and since a few days also Riot.IM (matrix protocol) (Riot.IM with end to end crypto enabled)), Tutanota (encrypted email) and Linux user because I believe that only those measures (open source, reliable crypto) will protect against all the mass spying we face today.
The applications/services I strongly oppose are stuff like WhatsApp (yes, encryted messages but the metadata is readily available and it's closed source), skype, gmail, outlook and so on and on and on.

I think that we should OWN our OWN data, communications, browsing stuffs, operating systems, softwares and so on.

This was my rant.

Tutanota (encrypted mail service) is releasing a new android app soon which won’t be using GCM anymore so that the app won’t be the reason a phone connects to anything google anymore and it’ll be on F-Droid soon!

Fuck yeah, Turanota, I fucking love you ❤️

Bind's top {number} dev tools to make your 2018 easier!

//note 0: feel free to add your own
//note 1: no ides, only stuff thats useful for everyone

0) vscode, it got significantly better after the latest updates and is very versatile
1) gitkraken, now i use sourcetree because of the jira integration but kraken is available for linux too so
2) scaleway, they provide really cheap servers for whatever you want, easy to install images (docker too)
3) protonmail, an encrypted mail service that works a lot better than gmail (tutanota is a close 2nd but has a weeb name)
4) telegram, if you can, tell your team to ditch slack, because telegram is a lot more lightweight and even if you dont, just the channels make it worth giving it a shot
5) steemit, a blockchain based website where the users write the articles, you can find some good reads there (and photography if you like that stuff)
6) a dildo because it wouldnt be a bindview content without out of context penile objects

Tutanota.

It's very functional while providing great data protection/privacy features at the same time.

And it's free by default! (although I do pay for a premium account)

Anything I (am able to) build myself.
Also, things that are reasonably standardized. So you probably won't see me using a commercial NAS (needing a web browser to navigate and up-/download my files, say what?) nor would I use something like Mega, despite being encrypted. I don't like lock-in into certain clients to speak some proprietary "secure protocol". Same reason why I don't use ProtonMail or that other one.. Tutanota. As a service, use the standards that already exist, implement those well and then come offer it to me.

But yeah. Self-hosted DNS, email (modified iRedMail), Samba file server, a blog where I have unlimited editing capabilities (God I miss that feature here on devRant), ... Don't trust the machines nor the services you don't truly own, or at least make an informed decision about them. That is not to say that any compute task should be kept local such as search engines or AI or whatever that's best suited for centralized use.. but ideally, I do most of my computing locally, in a standardized way, and in a way that I completely control. Most commercial cloud services unfortunately do not offer that.

Edit: Except mail servers. Fuck mail servers. Nastiest things I've ever built, to the point where I'd argue that it was wrong to ever make email in the first place. Such a broken clusterfuck of protocols, add-ons (SPF, DKIM, DMARC etc), reputation to maintain... Fuck mail servers. Bloody soulsuckers those are. If you don't do system administration for a living, by all means do use the likes of ProtonMail and Tutanota, their security features are nonstandard but at least they (claim to) actually respect your privacy.

I made a New Year's Resolution to take more of an interest in my Internet privacy. Feel like it's something I should have done a long time ago. I've stopped using Google search (DuckDuckGo instead), moved away from my Gmail account (Tutanota instead) and stopped using Chrome (Firefox/Firefox Focus instead). I've had my Gmail account since they first announced it and you could only sign up if someone invited you. It felt good to delete 7000 emails and what I estimate must have been 13-14 years of Google/YouTube searches. Currently experimenting with VPNs, considering paying for ProtonVPN soon.

Guess it's time to ditch ProtonMail as well.

Translation: "[Update Google play services.] ProtonMail won't work until you have updated Google Play Services."

I know I'm almost an anti-Google nazi at this point, but ProtonMail was one of the only remaining apps not needing Google to work, and now it's a "sin equa non" condition. I'm very disappointed. Guess I'll have to switch this address to Tutanota or host my own email server.

Edit: why the fuck would my autocorrect capitalize nazi?

Is anyone else having issues with TutaNota?
I haven't been able to use it for a week now. 😕

(Yes, I've submitted a bug report or six.)

Which privacy-respecting email provider can you recommend? It seems that the following three are the best options:

- tutanota (0€ / 12€)
- posteo (12€)
- mailbox.org (12€)

Do you have any experience with them?
What do you think about a hosted email service with your own domain?

What’s up DevRanters.
Is what’s up still up today ?

Sooo, my question is, what’d you do for your privacy ?
I’m using Signal and Riot.im for chat, ProtonMail for email (tutanota in the future).
But I’m using iPhone, can we really trust Apple ? Is this better on Android with a specific ROM ?

Same for computers (btw I’m not an Arch user 😎).

What email service are you using for your domains? I used zoho for a while, but those assholes keep randomly locking my accounts (an email always activates those again, but fuck knows how much emails I missed during not noticing it) - thought about going with the general hype of Tutanota around here, but it seems like it doesn't really support multiple custom domain mailboxes? Also tried just now msgsafe.io - it seems fine, but the way it handles multiple domain mailboxes is just disgusting, because it just throws them all together and you have to "filter" to get mails from only one domain.

I'm trying to improve my email setup once again and need your advice. My idea is as follows:
- 2-5 users
- 1 (sub)domain per user with a catchall
- users need to be able to also send from <any>@<subdomain>.<domain>
- costs up to 1€ per user (without domain)
- provider & server not hosted in five eyes and reasonably privacy friendly
- supports standard protocols (IMAP, SMTP)
- reliable
- does not depend on me to manage it daily/weekly
- Billing/Payment for all accounts/domains at once would be nice-to-have, but not necessary

I registered a domain with wint.global the other day and I actually managed to get this to work, but unfortunately their hosting has been very underwhelming.. the server was unreachable for a few minutes yesterday not only once, but roughly once an hour, and I'd really rather be able to actually receive (and retrieve) my mail. Also their Plesk is quite slow. To be fair for their price it's more like I pay for the domain and get the hosting for free, but I digress..

I am also considering self hosting, but realistically that means running it on a VPS and keeping at secure and patched, which I'd rather outsource to a company who can afford someone to regularly read CVEs and keep things running. I don't really want to worry about maintaining servers when I'm on holiday for example and while an unpatched game server is an acceptable risk, I'd rather keep my email server on good shape.

So in the end the question is: Which provider can fulfill my email dreams?

My research so far:
1. Tutanota doesn't offer standard protocols. I get their reasons but that also makes me depended on their service/software, which I wouldn't like. Multiple domains only on the business plans.
2.With Migadu I could easily hit their limits of incoming mails if someone signs up for too many newsletters and I can't (and don't want to) micromanage that.
3. Strato: Unclear whether I can create mails for subdomains. Also I don't like the company for multiple reasons. However I can access a domains hosted there and could try...
4. united-domains: Unclear whether I can create mails for subdomains.
5. posteo: No custom domains allowed.

I'm getting tired.. *sigh*

Does anybody use ProtonMail or Tutanota here? What are your thoughts on it?