How secure is the new Elude email

Send emails anonymously and securely!

Sending emails anonymously or securely is hardly possible.

Sending or receiving e-mails only offers a certain and limited level of security. Information shared via e-mail can be viewed on the transport route. This has not changed due to new promises made by the email providers or the encryption of the content. In general, the transport information, ie “who” is sending “to whom” and “when” an e-mail simply cannot be disguised, because this data is necessary so that e-mails can be sent and received at all. Sending email anonymously is therefore not an easy matter.

Email monitoring & storage

E-mails have also been monitored and stored in Germany for years, and when we talk about data retention, it is often overlooked that the metadata of e-mails can firstly be viewed and monitored by many organizations and people and has also been monitored for years within Germany's active US-operated surveillance centers exist. These are integrated into the Germany-wide networks to such an extent that more than 99% of all e-mail communication that is carried out within Germany or via Germany is intercepted, filtered and sometimes temporarily or permanently saved as copies.

These e-mails often also contain access data that contain the users of services or websites that are sent to the users in plain text. This means that this data is also affected by individual persons and is at least accessible to US services.

You can assume that all e-mails that you have ever sent or received have also been recorded, filtered or even saved by internal or external secret services that have been operating the corresponding infrastructure within Germany and Austria for decades. This affects not only confirmations for online purchases, but also user names and passwords that have been sent to you.

Use email anonymously

A special topic is how you can keep your identity secret when using email. You should be aware that the IP address you use while you are composing an email or calling it from an email provider is always recorded. When sending emails, this data (your IP address) is also sent within the email. Anonymity is therefore a relative good when using e-mail in general. Therefore, one of the prerequisites when you use or send email accounts is that you always use a VPN service that helps you to disguise your real IP address.

You should also be aware that even apparently secure e-mail providers will only very rarely put their heads in the fire for the users in the end, so you should not really trust an e-mail provider that is not already monitored by official measures or is forced to pass on your data. Even secure organizations like RiseUp Email, their email servers can also be monitored without their knowledge and all incoming data connections (including your IP address) can be recorded. Therefore, when registering and when using such an account, you should be protected. Without exception. Anonymity has its price.

Using email anonymously over the Darknet?

Can you actually send emails anonymously and directly from the Darknet? This is a good question, because typically you can of course also use the TOR browser to use email accounts and there are also some email providers directly on the Darknet that enable this. But you should always be careful with the provider, because even if you don't know the operator, you can never be 100% sure that they do not have bad intentions. Many of the "anonymous" Darknet offers are bogus offers and should even rip off users who are looking for anonymity. Gate browser download

EludeMail Darknet EMail Provider:

Onion address: eludemaillhqfkh5.onion (only usable with the TOR browser)

Darknet email providers also operate publicly accessible email servers

Therefore, even with these, it is possible to send or receive emails from the freely accessible Internet to all existing email addresses. Therefore, the servers that are operated are also public and will of course also be monitored. The senders can often be determined via the recipients, so these services should also be used with caution.

Anonymous email in the Darknet is usually chargeable without expecting it beforehand

Most of the time, the services are simply chargeable or require a different type of authentication in order not to end up as spam email services whose messages are blocked everywhere.

 

Email security?

E-mails continue to be important for the communication and use of websites, services, etc. on the Internet. Even if you will not send e-mails with secret content to third parties, sensitive data will also be sent to you via e-mails by third parties (registration confirmations, purchase confirmations, user names, passwords, etc.)

1. E-mail messages can be viewed on the transport route.

E-mails have roughly the same security level as "postcards sent publicly„.
Everyone can tell: Who and whom is sending a message + also reading the content.

2. The content of e-mails can only be protected by encryption!

When encrypting e-mails, you can reduce the privacy level to the one "Letter with envelope" increase. So it is still recognizable WHO and WHOM? but the content is encrypted and can no longer be viewed. This is a huge advantage for confidential content.

However, if this metadata (i.e. WHO and WHOM) is also not to be recognizable, then you can only use the same e-mail provider together with your communication partner. This means that the e-mails are NOT sent over the general Internet, but rather just put from one local mailbox into the next. Outsiders then no longer know that this email exists at all.

Why are emails always visible?

In most cases, e-mails are transmitted from your device to the e-mail server via encrypted connections, but your e-mail provider then sends these messages unencrypted over the generally accessible Internet. Both the sender data (e-mail address, sending e-mail server, IP address of the sender, date & time), the recipient data (e-mail address and destination e-mail server) and the subject text are always in clear text.

In order to understand how an e-mail finds its way through the Internet, I once made a list:

Example: An email that was also sent had the following route behind it until it landed in my mailbox:

IP Address 10.140.36.19
Location Unknown
Connection through Private IP Address LAN
Local Time Nov 12, 2016 12:57 PM (UTC -)


IP Address 10.140.36.16
Location Unknown
Connection through Private IP Address LAN
Local Time Nov 12, 2016 12:57 PM (UTC -)

IP Address 192.86.55.117
Location United States, North Carolina, Durham
Connection through IBM
Local Time Nov 12, 2016 04:57 PM (UTC -04: 00)

IP Address 10.28.141.18
Location Unknown
Connection through Private IP Address LAN
Local Time Nov 12, 2016 12:57 PM (UTC -)

IP Address 10.28.31.137
Location Unknown
Connection through Private IP Address LAN
Local Time Nov 12, 2016 12:57 PM (UTC -)

IP Address 10.194.88.7
Location Unknown
Connection through Private IP Address LAN
Local Time Nov 12, 2016 12:57 PM (UTC -)

IP Address 2a00: 1450: 400c: c09 :: 245
Location Belgium, Brussels Hoofdstedelijk Gewest, Brussels
Connection through EU Metro Frontend
Local Time Nov 12, 2016 02:57 PM (UTC +02: 00)

IP Address 10.28.48.7
Location Unknown
Connection through Private IP Address LAN
Local Time Nov 12, 2016 12:57 PM (UTC -)

IP Address 10.28.141.207
Location Unknown
Connection through Private IP Address LAN
Local Time Nov 12, 2016 12:57 PM (UTC -)

What you can see is that the e-mail, although the “sender” and the “recipient” were in Germany, was even forwarded across several continents. Each of these listed devices and e-mail servers could have the following data:Send address, recipient address, all addresses in between, the entire subject line and also the entire contentview and save. Since these routes are created by the architecture of the Internet, this cannot be prevented.

 

Send & receive emails anonymously, securely!

1. You can encrypt the content.

You can encrypt the contents of the emails so that only you and the recipient can decrypt them again. This assumes that your communication partner has the same encryption standard and that you know the "public key" of your communication partner.

Mailvelope

With Mailvelope you can use any email service in any browser (Chrome & Firefox) that also has a web interface. You first create a “key pair”, which consists of your “public” and your “private” key. If you now create a new e-mail, you can create the text directly in a separate browser window and then encrypt it with your public + the public key of your communication partner. This means that this text can then only be opened by both of you (or several people) using the "private key". The private key should therefore always remain secret; you are welcome to make the public key public.

 

Just try it out.

Your "public key" can be used by anyone. The advantage is that you can use practically any email provider for this. But always make sure that not all of the information is already in the subject of the email. Because this will NOT be encrypted!


If you want to try it out, just send me an email to "[email protected]" and I will answer you in encrypted form.

My public key is:

—–BEGIN PGP PUBLIC KEY BLOCK—–
Version: Mailvelope v1.5.2
Comment: https://www.mailvelope.com

xsFNBFgm + pYBEADiR1IvXdkHjWojnJB752lFnnd4b3Rv782LAjo8ve6WFFJw
DLSnsmpNHF2nwB0bGxofSeN666i9vQBYoxjmbtrmRgB6ndskGPMJgzwnvaWo
hJ0Yxmxpx1pcJQ4fq6NAzprmuWM5adBz674us5o7si9Gn7KWUka6ZC58 / NmO
sF20iq8EU3a / R6Bjtd7vJJWB61NJ9heb3 + GKEIVAKVtHbSkfN9XLSzfm3yif
mdR257HtDcJ613jVouqec75h4QlfW0vX6Qlrc / tz8NtWi6YIcWNZSw1ug5Lv
OqEl3RZxQH592nGkKftezrslsdt0bOlrlNVUYdo8axCB8EsjQRXTD8rx97W5
aZWVgOrUygmBWAyH / EFbGqDJMICP12lXIRRNxssV1Pubndrxp251ub4leVpk
jTjNfS0ng9mgGIprzNX1BEcpr8fNXaqAYZBZcUgtKkLrQLKP0sow8UjQJuQZ
bGjR3YRJFtWjTeQ95xub9eMjj / 80t + qMkyq0GCQ1ymVuDZPMlBKQA + 0xwic7
7dlnXlUEEYzPx7sYTz5UmzH1u + Qolp8Y / RcmxTIoNO70mXHFuRfTcyU5sGjm
HD5xHlECe + lfpVXHq1dQgD2bCDiO8sjVd373Wi8h22LHAlcdlj + sRFel / L5c
qGXVffJF / G8CcyDEdAruVJy4bg4e4wDsBTO95QARAQABzRdNYXJrdXMgPG1h
cmt1c0B2YXZ0LmRlPsLBdQQQAQgAKQUCWCb6nQYLCQgHAwIJEP1nB5x9w8ou
BBUIAgoDFgIBAhkBAhsDAh4BAABCgBAAoFn + / x26nGI2mnVka + 8NBF5 / QLzb
H34ylhAUvAALJnZUTfOI6teA6lj3ppVLG / QII // EYL3lZlTSCy4OHqzyDsM5
I5QX3xh3FUAD + hXQ + 6R9NF6wnLZyYgp / L85KYv26LpR5IvkrXy0VNJdDZ / IT
3 + LKtsALFOoGfXWgqZ016QaBZL91cx / BQT7gyKS9DveE / BFytlmf7 / K3HwqU
Ej7PVApS78 / ZAaHVyQo1aoB8 + tRtTculsBKvfkVINkwpWy + 8vKPhgo7KGyvH
Zoc0hCDuLVLwfAgq5E8K66lDYQu9qKD3nJQ4Omp5QdfDPxEf69yvl9JqDACh
MyHicav5aLb / ZLE5iaqQFqn90Bk8mPVsOnHyXBGxIyOECZkfCIWviTVtd86J
bRv1Gtbf8GyrV55ORKDKHxUI3zpoVMTRUkvw73QtgaJ + e06r1NwI2B5tEt3U
giAOXz + 1W7hCmnMMBdWM239hvP / cXEFCTmARZlIRe90WJ0CyafbdPiO / Accj
8ytXoL3t5KLTshCEQ1YmkWJYhbeTyF6xwPd94IUkfFFsbv9IAlLwgeILXiU +
YbgxwJBa8UXa5 / bxx3Rq3KVRvX0neYGqvwOGaNsCowWfE4vFHiLBShn8N9r3
cDPnMbBjW / 62ZE8IHPJGygSXPTTtSW2s6GAYYX6KblQCW7FDhFO0hpbOwU0E
WCb6lgEQAPLl7ktxEBqMZoBFLatbEacaqhOeXicOnSBQ0j6D9eAWXYQr1WZc
MciSKIJOtrRc86vyVJck73 + pSqojYNoGKkDfp6Xkp / EVsQO0rEvva1hIToK1
BWoZ1lW7glth5XLMW / vTneA0WyoHI3CBfQgrs / 2g8xJVRabJG3Q4p54B5ana
Q5PbEQRrTwzB12Kjec + S3s + 565YeN40v / KhVkKof9SulN9y6jwUrTr1kvpfJ
WO0gVYaj93JHUFsoghlwe6hKQ1FLx + Xj0lc0LsOqWmUN + Ahb14W / TXEAP5vz
vucgPXWIarWbvPd4kMgjxWcaiI7YJdfxHySmxYhCZOJrWBmAWZ / 10kLVl + n5
ZecRG + bF / L94xuMheQDaswTwZ6Ab2tL08h7f5icj43N91GHVq8KQg +++ t8kJ
INZH + 9nZyJTZURLQtLasLPRpQ1uokOSSX5WrSHyrmBZOuh5wVgA2iHfuSeW4
shBHuPFEw0WOzGE4158tS5lOOimrEsdjVi7kJV / l9pxCJAqTrisbJAvcV3yj
yF9o2HytdfWE31W96A0scBzGN5 / MPePos1k3EJph61Bqtvxldp1dEgMula1b
GQVExhWfocOBRAW99cfVfRRkcebGEhNdN + OojNvA18eBbcoYxVBa6XMCRNTj
ezVW / iVu4D9xWRzAUpxH1n8vAHzlGMUBABEBAAHCwV8EGAEIABMFAlgm + p8J
EP1nB5x9w8ouAhsMAAD4Ng / + O1QU4UmMH5dMB / 3p7U + j5io2 + HEvpLgTdzm3
milAAkZKrFn7WZ4v + GpmTWl + hkjgh1KV4NzswIiV7ElZgSJv2hid82Aeakh2
ABqiM6PpeDnbm9 + 24pINHId0NJl / nJ0jFsDR1du3xbISGmYkyEaQ9AlA2yTe
BcW10gv8ew0UmG + SUs05xE8x78ei4plyPMmEF / I3QuaMIbUZIQVYU6qBR9lP
F5Rw8Gmk8zc / sAgRty6I59yWybXJXE3JSsH7p62Km51VEv5E4bMYIgkXXNxp
7MyvnBw5NSRN59A1umtOwq7MV6Vesuk / d / OuCkZ0p0 / 3ZLvb9hVcBU5R + y2F
jduQlunkUO4WkI5MhPrGqPxbLTeNPGtJk2 / hXI + HddWuRbQW0BrgxAiO6 / P1
wC6WG9e5odPWDVg4D0AKBh2Dc / eUBxzWDEC9zeQC3kf2f8XMl7tGpN2422wj
xKuQ2IRwXf9 + siGpvJORODIefnJRQIK9bJpqB2PaVYxGmYfyfO911lqpcibs
y3K3t + / Sk0 / 3oCZa6PXMlAkeZrV6ulLPs5nTm04mn3TuIMQpIrDBb6HAPy2d
l6mMdSIxVcdy4lDpbRORkuKLk6NHtbIS1VrANHnh + Q8Eu2fugQXt6FUGtTbI
UcoqdDAnBExwADeHvrNhLkMa + dDOJYCEW5HXdunooEJtSoY =
= J6vg
—–END PGP PUBLIC KEY BLOCK—–


2. You can use the same email server.

However, as soon as the sender address and the recipient address are on the same e-mail server, the data is not sent over the normal Internet and thus the possible access locations are minimized. This method is undoubtedly the safest, as it also prevents the metadata from being viewed on the Internet. However, you also have to trust your email provider.

Trustworthy email providers:

Protonmail Tutanota Mailfence

With many services, however, the communication partners have to use the same provider and thus use an email address from this provider. However, Mailfence at least offers the option of sending password-encrypted emails to non-Mailfence users.

Conclusion on anonymous and secure emails:

So you cannot encrypt emails to different senders. The sender data as well as the recipient data can always be viewed and will also be recorded. You can encrypt the content and thus at least hide it from access by third parties, but both recipients must either use the same email provider or both work with an encryption method such as PGP. In order to be able to send or receive e-mails anonymously, you can only use a new e-mail account that has only ever been created and used with a VPN service. However, this does not say anything about the security of your data with the recipient.


Created on:November 12, 2016

Categories Instructions, ⊕ All Posts, News

Security with VPN - Help with choosing!