About Fastmail, does it support snoozing your mail? That’s basically the only feature I want from my mail client. For me, an empty inbox is a happy inbox and it’s the only thing keeping me in Gmail (using their Inbox client).
@alchemy Unfortunately no. The service was not available for almost a week while they were under DDoS attacks…
It is interesting to observe recent news stories that posit that malicious agents attempting to extort others by DDoS are concerned that they will not get paid if they are viewed at not being good for their promise (not trustworthy) that the attack will end when the ransom is paid. It makes sense that their business model of extortion is harmed if they cannot deliver by ending the attack. If there is no trust that the attack can be ended then there is no logic in paying the extortionist. This works against the malicious party.
Trust in the case of extortion is a critical part of the scam.
It would appear that the second party in the case of Proton Mail did some damage to the idea of the trusted malicious party. It would seem that if the original extorting malicious party loses control of the attack then the rationale for payment vanishes.
In other words if the injured party says, “I will not pay you unless you prove you are the one in control of the attack.” At that point, the extorting party cannot prove that they can halt the attack and they would not get paid.
It is a bit twisted but in a way, the sustained DDoS at Proton Mail weakens the likelihood of payment to malicious parties in the future.
Could it be that competition/disagreement among malicious parties using DDoS threats are sabotaging competitors to drive out competition or exact a payback?
I wonder if there could be such a concept as white hat DDoS agents that so sabotage the efforts/control of the extorting DDoS agents that the wholesale loss of trust ruins the effectiveness of the extortion?
Seems Fastmail has been attacked (Nov 8) as well but says they did not pay.
+1 (pun intended) for FastMail. Excellent integration of email, calendar and contacts (I have an Android phone). I don’t use the mobile app, just integration with native apps. I pay $40 USD per year for Enhanced Personal account, very much worth it: https://www.fastmail.com/signup/personal.html
Hmm, they’re actually pretty cheap too. Will definitely look into this
Do you know if you can link up a catch-all for extra domains as well? Planning on using a private email address on my domain and put in catch-alls for every other address for that domain and other domains.
I think so:
Also, really cool is that you can set up subdomain addressing:
This means that every list you sign up for can have its own email address eg firstname.lastname@example.org, so that you find out where the spam is coming from.
Recently an ISP (FIOS) and wireless vendor (Verizon Wireless), announced to their ISP FIOS customers that they were discontinuing email support in 30 days. Customers were given two choices: 1. Nearly seamlessly transfer your email et al history to AOL mail OR 2. Manually move your email, contacts and calendar(s) to whatever new email provider you choose by May 4th. No reduction in costs offered.
I am spending several hundred dollars a month between ISP, Cable television and wireless phone support and this has REALLY REALLY REALLY angered me. I also own some of their stock. They pay a nice dividend but the stock has NOT been doing well lately. Verizon owns AOL and they could have simply contracted management of email services with their subsidiary if this is what they wanted but there is more to it as I see it.
So, I looked around the world for an independent privacy sensitive email provider such as Fastmail. In the end I did not choose Fastmail but they were clearly a contender. Here is an interesting site:
One of the issues I considered was IMAP or POP. IMAP has compelling features but I have always used POP. I download my email to multiple devices and always BCC my emails to myself. I never delete email on any device but do flush email on the pop server after 30 days. This gives every device a copy of every email I send from any device. Lots of email for sure but memory is cheap and now I have multiple copies of email on various devices that I control. Were I to have IMAP I would have the additional task of manually transferring all that data to a new provider.
So I am now paying for email service but I have some control over it. Verizon is a large ISP and I expect other ISPs will be duplicating this practice of offloading email and then monetizing it with a subsidiary - since AOL is a subsidiary of Verizon that can be sold off some day or taken through bankruptcy to sell the user data for dollars.
Since Verizon is also the owner of Yahoo these days and the US FCC has now cleared the way for ISPs to sell browsing history data, I expect something similar is in the works for moving the browsing history data to Yahoo one day soon.
I wait with interest to see if SpaceX / TESLA is successful with a low earth orbit ISP service that offers global competition to many/all internet services.
Thank you, this is really useful and it’s fascinating to hear about your experience.
This is really useful, cheers! Just wish the detailed information was laid out in a more accessible way!
I also tried Protonmail as some recommended it in this threat a while ago. However, I feel that the Protonmail team acts rather shady off late. For instance the Protonmail team passed on info to the authorities before receiving a court order. When defending this decision, it becomes clear that they believe they are better qualified to replace our legal system.
Also Protonmail team hacked a phishing site (which I wouldn’t judge to harshly). What I do judge is they later lied about this tweeting the critical article about it was ‘based upon unsubstantiated rumors’.
This kind of behaviour is just not something I would expect from a privacy-focused service, and I would think twice to trust them with my personal info. So sticking with FastMail, hope they never turn evil.
Even cooler is that you can set up an email address like this:
this way, email address isn’t tied to fastmail.
The benefit of email is how interoperable it is. At least if you perceive a provider as no longer trustworthy, you can switch. (Though that may not protect older emails that aren’t end-to-end encrypted!)
How important would you consider end-to-end encrypting emails? I’ve recently started to use an encrypted email service (Tutanota) because they want to publish their app on F-Droid.
As I’m trying to get rid of Google, changing email providers was a logical step to me. However, I’m not sending any private information so not sure if I really need encryption.
As @aral describes it “email is like sending something on the back of a postcard”. It’s one of the least secure methods of communication. And any information about you has potential value (especially when added to an existing profile with information about you.)
Encrypted email can be a bit of a hassle as it’s not a convenient experience, but if you can find an easy way to do it, I would.
I’ve been a FastMail user for a little while too myself and I love it to pieces but now, after the latest announcements about the new Australian law on encryption I’m a little bit worried about it. What the actual current situation? Is FastMail still secure? Shall I consider moving to proton mail instead?
Fastmail doesn’t encrypt email, so you’re as safe as you were before (email isn’t very safe.) You could still send encrypted email using Fastmail as your service, but encrypting your emails with GPGMail.
But I’ve heard good things about Proton Mail, so if you try them out please let us know how they are!
They do to an extent accordingly to this page at least at rest and partially on transit via STS.
Either ways, now that the Australian government seems to be wanting/allowed to access those data it makes it somehow irrelevant.
I’ll surely report back, I’m actually considering both Proton services, email and VPN.
Reading this on the Register and then this much tech-ier article on potential implementations, I take back my previous comment about it being “safe as you were before.” (Though as a Brit, it’s what we’ve come to expect, and it was one of our driving forces to leave the UK.) Perhaps, the Bentham’s Gaze post explains, there will be ways to detect the government surveillance.
But then I’m not sure if Germany is going to be much better than the five eyes countries? This is something we’ve come to discover, very few countries are “safe” from government surveillance. I’m not saying this as meaning we should give up, I mean to say it’s all the more important that we pool reliable services!
What about Switzerland? I thought they were quite good over there hence why I’m interested in proton and also the hosting service you people are on. Thoughts on that?