Intro
Hello, NosillaCastaways. This is macLurker, also known as Dorothy, Allison’s gym buddy.
For a long time, I have been wanting to change my primary email service & name. I’ve had it for years and years. It’s long since been sold into the dark web. It’s time to wipe the slate clean and start over. Except that I can’t really do that without some serious consequences. Which requires some equally serious planning.
In the Security Bits of July 14, 2019 Bart mentions a list of alternatives to all Google products, including ten secure emails, from Tech Spot. (techspot.com/…) This inspired me finally to tackle the problem of moving my banking/credit card/government communications to somewhere safer.
Sadly, for you the listener, this presentation does not include a definitive answer or even a process. All that is months ahead of me. And one size does NOT fit all. But I need a plan & wanted to share my process in developing that plan. Hopefully it will help you guys know what to consider in selecting a secure email and making the move.
Problem to be solved/Defining problem
What is the problem to be solved? This is a big problem and breaks down into multiple sub-problems:
First: How to select a secure email provider. Each provider has its own pros & cons. Which of these is essential & deal-breaking and which is not?
Second: Once a secure email is selected, how should it be evaluated? Is there a free trial? Is the time period long enough for a valid evaluation? Which criteria are important to me?
Third: How to transition from an email address that I have used for decades to something else. This is the biggie. Every login that takes an email address (which is pretty much all of them) will have to be investigated. I can guarantee, per Murphy, that each login’s change process will be unique and require research. Some logins take an email address as a user name. Can I change my email without changing the user name? All unknown right now.
Fourth: Which accounts/logins will be transferred to the new email or emails? Which are the crown jewels, as Bart would say, and need extra security and privacy? And which really don’t matter? And I need to decide if I will give up my current email accounts entirely or keep them around to collect spam & to use for trivial logins. I have hundreds of logins. Do I really want to change ALL of them? Also unknown at this point.
This talk addresses how I plan to proceed with problems 1 and 2 above.
Requirements
I have learned from my programming days that it is critical to establish precise documented requirements before beginning any project. Otherwise how do you know when you are done? And how will you know if you have gotten what you need, unless you decide what you need ahead of time?
This means writing things down and doing research to make sure all aspects have been considered. And thinking about what really matters and what doesn’t.
In Security Bits, Bart refers to a website called “Best Secure Email Providers” by restoreprivacy.com: https://restoreprivacy.com/secure-email/
Its goal: help you find the best secure email solution for your unique needs. A perfect start to my search. This article lists a number of factors to consider when switching. Let’s review them one by one.
• Jurisdiction – Where is the service located and how does this affect user privacy? Where are your data physically stored?
• My take: This is important if you are concerned about your government spying on you. Also, is this email provider taking money from your government or government contractor? And what for? Are they likely to sell you out?
• For me, this is not an issue. I’m not saying that my government is not spying on me. I’m just saying I’m not very concerned about that. For now.
• It’s probably worthwhile looking at the people that run the service: what are their priorities? Is their philosophy in line with your thinking? More on that in a minute.
• PGP (Pretty Good Privacy) support – Some secure email providers support PGP, while others do not use PGP due to its vulnerabilities and weaknesses.
• My take: I have no problem using PGP, problems notwithstanding. This is not a high priority matter for me. See encryption below.
• Import feature – Can you import your existing emails and contacts?
• My take: Importing existing contacts can make for a smooth transition. It would be nice to have all those addresses that I have accumulated available from the start. On the other hand, maybe starting clean and adding contacts as used is better. I’m on the fence about this right now.
• I have been archiving my emails into the MacOS app MailSteward. It provides a liteSQL database with nice search abilities and keeps all my old emails in one tidy database file. So, I’m thinking I don’t need to import existing emails. But it would be nice if MailSteward could import future emails from the client apps I’m considering. Something else to investigate.
• Having email unencrypted on my Mac in an SQL database is probably not very secure. But again convenience vs security. On the fence there too.
• Email apps – Due to encryption, many secure email services cannot be used with third-party email clients, but some offer dedicated apps.
• My take: Ideally a desirable email provider will work with both the MacOS and IOS (as well as new iPad OS) email clients. Then I can see all my emails in one place. Important during the transition period (which could be months). To do that, I would require a provider that supports:
• SMTP (Simple Mail Transfer Protocol, used for sending messages to a server) AND
• POP3 (Post Office Protocol, used to retrieve message from a server on application layer) AND
• IMAP (Internet Message Access Protocol, used to retrieve messages from a server using TCP/IP)
• Why these protocols? Because most popular email clients use them and if the provider supports them, it’s more likely that I can use the MacOS & IOS email clients.
• Many really secure email providers don’t use the above protocols because they want to be, you know, really secure. They use their own proprietary encryption schemes.
• Other email providers include a client app, which works separately. Guaranteed to work smoothly with the server, but now another place to check for emails. And would it work with MailSteward?
• Encryption – Are the emails end-to-end encrypted in transit? Are emails and attachments encrypted at rest?
• My take: end-to-end encryption in transit sounds great. Avoid all those man-in-the-middle complications. But will you get that talking to another email provider? If my buddy is on gmail & not encrypting, what good will encryption do ME? In other words, will I end up only emailing encrypted to others on the same service? Also a good VPN would solve a lot of this already.
• As a side note: Tutanota (one suggested option) says “Encrypted emails can be sent to non-Tutanota users (with pre-shared password)”
• I’m fairly sure that whatever secure email provider I select, nobody else I know will be on it.
• Encryption at rest (I assume this means the data is stored encrypted in the providers’ computers) will be a requirement for me, preventing data leakage if they ever get hacked.
• Features – Some features you may want to consider are contacts, calendars, file storage, inbox search, collaboration tools, Spam protection, and support for DAV services. Some providers have a complete suite of services along with the email.
• My take: of the features listed above, the following are required:
• File storage (the ability to store attachments & other files on their servers). I will need to ask how much space is provided & what is the cost.
• Inbox search (gotta be able to find stuff at some point)
• Spam protection
• I already have Calendar & Contacts with IOS & MacOS. So, I probably don’t need those extra services.
• Security – What are the provider’s security standards and policies?
• My take: worth a quick review to see if the providers are in line with my feelings.
• Privacy – How does the email service protect your privacy? What data is being collected, for how long, and why?
• My take: the whole point of this exercise is to keep my communications private. So, this area will need careful review & will probably be a discriminator when deciding between providers.
• Like anything else, there is a fine line between keeping private and the associated hassle. Where does one out-weigh the other?
• Threat model – How much privacy and security do you need and which service best fits those needs?
• My take: This is the big question. So how much privacy DO I need? Here are some thoughts:
• First, I do value my privacy. The thought that there are people out there collecting data to use against me is very repugnant. I really want to be a lurker, hang out in the woodwork, and be invisible.
• Second, I want to stay secure and protect myself. However, I have been the victim of so many data breaches at this point that whatever is NOT out there for sale probably isn’t worth anything.
• I don’t really need an extraordinary amount of privacy. I’m don’t really have any super-secret important information to secure. I’m an average person with average needs.
• I want to do the sensible thing, take the sensible precautions. I want to feel safe. Also, I would really want not to have to tie myself in knots to get there.
• As noted below, security is a rat hole that I can probably never get to the bottom of. At some point, I have to put a boundary on my paranoia and say “this is good enough. Not perfect, but good enough”. Of course, until something happens to change that.
• It’s important to think this through carefully ahead of time. So that when I am faced with options, I can select consistently and in line with how I feel about security and privacy.
I should add that, once you get to the bottom of the article from Restore Privacy, you will find that they suggest that you find a secure browser at the same time, and, while you’re at it, get a VPN as well, for home and for travel. Which is why I really hesitated to start this. Security can turn into a rat-hole where I get lost and confused and end up doing nothing because it’s all so overwhelming and there are so many options. In the interests of sanity, I’m going to limit this exercise to email providers for now.
Process
Having laid out some requirements and made a start at prioritizing them, what’s next?
I now have specific questions to get answered for each email provider. I plan to create a nice Excel file to collect all the data for comparison. Hopefully the process of collecting the data will make the correct choice easier.
I plan to add iCloud email to the list of providers to consider. It’s not on the Restore Privacy list. Probably not secure enough. But, being an Apple product, integration & transition might be easier.
Conclusions/next actions
My next step is to collect data for up to 5 different email providers, start a free trial to learn ease of use & transition, and compare each provider’s features against the above list of requirements.
I now have the beginnings of a plan. However, I need to mention that this plan will work for me, but not necessarily someone else. Feel free to adopt any part of my work as you need, but please consider your needs first.
I have not addressed problem 3 (How to transition from my current email address) and problem 4 (Which accounts/logins will be transferred to the new email). They will have to be incorporated into my plan at some point. But I’ll leave that for another day.
If you have any questions, corrections, clarifications, or comments, you can address them to me, macLurker, in Slack.