![]() The mere suggestion that they want us to email them our private key is weird, the whole point of PGP is that only you hold your private key, eliminating the need to trust any third parties. Also, we asked the firm about updating my PGP keys to ones we already hold, and the firm told me: What’s more, CounterMail does require users to delete their private key from its servers (which means it is there to start with, which definitely rings some alarm bells). As is the case with all closed source privacy services, this may be enough to put some people off the service. Unfortunately, that is a blind leap of faith, because CounterMail runs on closed source software that is not publicly available and has never been audited by a third party. On the other hand, you do have to trust that CounterMail is doing what it promises with your encryption keys (and that the software doesn't covertly pass your password and keys to the firm). This takes the power to decrypt emails out of CounterMail’s hands and means that the Swedish government would not be able to compel the firm to provide access to that email data. Thankfully, CounterMail provides full end-to-end encryption for its service, meaning that users can opt to control the keys to their email data themselves. Swedish authorities also have the power to force a provider of encrypted services to “order a person with knowledge of a computer systems’ function or of measures that are used to protect the information, to provide information that is necessary to enable the execution of the warrant.” So, it is possible that CounterMail could theoretically be served a warrant that forces it to decrypt any emails that are encrypted at rest. While the law is supposed to apply only to international web traffic, FRA has been used to justify indiscriminate bulk data collection. What’s more, a law passed in 2009 (Försvarets radioanstalt, FRA) allows the National Defence Radio Authority to wiretap all telephone and Internet traffic that crosses Sweden’s borders for national security reasons. Sweden is a part of the greater 14 Eyes surveillance agreement, meaning that it does cooperate with 5 Eyes members to perform surveillance. However, it is worth noting that these directives do not directly affect email providers, and it actually appears that Swedish ISPs are refusing to cooperate anyway. Android, Windows, MacOS X and Linux supportĬounterMail is a secure email provider based and hosted in Sweden, a location that is not considered brilliant for privacy due to ongoing mandatory data retention directives that force ISPs to store web browsing histories and metadata for six months.The option to use Bitcoin can allow people to subscribe privately as long as they also use a VPN to conceal their IP. Payments for subscriptions can be made via credit card, Paypal, wire transfer, or Bitcoin. This is not hugely concerning considering that it is a one-offfee. This is charged as a one-off flat rate to expand the storage capacity, and costs $19 for 250 MB, $35 for 500 MB, $59 for a GB more, and $89 for 1.75 GB. Users can opt for between 250 MB and 1.75 GB of extra space. This is not unusual, as many secure email services do charge a flat rate for bringing across (or setting up new) custom domain name inboxes.Īny user who struggles with the 4 GB storage capacity has the option to expand their inbox. However, they are more costly than other notable services like Tutanota and Posteo which both provide their services for $13.68 per year.Īnybody who wants to use a custom domain will need to pay a onetime fee of $15. Those prices are not excessively expensive. A six-month subscription costs $29, a one-year subscription costs $49, and a two-year subscription will set you back just $79. Premium accounts can be purchased for three subscription periods, all those plans come with the same features and 4 GB of encrypted storage space. CounterMail lets users try the service for seven days for free However, the firm does point out at that there are certain limitations:
0 Comments
Leave a Reply. |