Protonmail and 1Password

I was an earlier adopter of Protonmail and have had my account maybe for a year or so now.  Protonmail is a swiss based email provider that offers true secure email through your web browser (and mobile app). This email service lets you send encrypted emails and attachments to others on other email systems like Gmail, yahoo, etc. They are a little slow in releasing new features but are methodical in their development and provide a solid product. They have started offering some great tools like custom domain names and iOS and Android Apps, and providing additional storage and a great user interface.

A good friend of mine always says security and convenience are always in tension – it is very difficult to have both. We must evaluate the level of security needed in relation to the ease of use which is often diminished.  Protonmail would likely be troublesome for some as they requires two (2) passwords. One for account login and one to decrypt your mailbox. This means you should use two unique passwords that you don’t use for any other website logins…right?

Read more

Secure Email vs. Encrypted Email

I often find there is always this misunderstanding when it comes to the security of email. The term, secure email, is often over used and often mistaken for something it’s not. Many email services use this as a selling point, and don’t really explain what it really means.

To use some simple analogies, I hope to show you that secure email really isn’t secure. Email was never really designed for secure communications between sender and receiver and the technology behind it doesn’t really support the protocols to make it secure either. In recent years, email providers have taken steps to help improve security, but it has created a false sense of security for its users.

Read more

Encrypted Messaging – Part 1 of…

Over the past few months I have been looking at different messaging application such as WhatsApp and Line.  While I realize there are a ton of them out there, including the standard SMS, iMessage, and… does Google Android have their own proprietary messaging service, Google+ Hangout perhaps? These services have faced a number of similar challenges and issues and a number of them have been in the new facing allegation of privacy and weak security including the ever popular Facebook WhatsApp, Viber, and Snapchat.

Enter apps like Threema (iOS & Android), TextSecure (Android),  surespot (iOS & Android) , and Wickr (iOS & Android), to name a few.

I’ve been using Threema the past couple months and really like it.  Threema is a end-to-end encrypted messaging
tool that ensures communications are completely secure and private. Threema does all the encryption on the device before sending it to its servers to relay to the recipient. According to Threema’s website, it provides several layers of encryption:

Read more